lodehoyrd.com Open in urlscan Pro
51.81.152.36 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://lodehoyrd.com/
Submission Tags: falconsandbox
Submission: On October 05 via api (October 5th 2023, 10:01:54 pm UTC) from US — Scanned from DE

Summary HTTP 110 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 15 domains to perform 110 HTTP transactions. The main IP is 51.81.152.36, located in Hillsboro, United States and belongs to OVH, FR. The main domain is lodehoyrd.com.

This is the only time lodehoyrd.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	51.81.152.36 51.81.152.36	16276 (OVH) (OVH)
12	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1 7	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
2 2	35.157.117.145 35.157.117.145	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1 1	52.28.179.219 52.28.179.219	16509 (AMAZON-02) (AMAZON-02)
1 1	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
2	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
110	15

42 51.81.152.36 (Hillsboro, United States)

ASN16276 (OVH, FR)
PTR: single501.hostingrd.com

lodehoyrd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.117.145 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-117-145.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.179.219 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-179-219.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.75.86.98 (France) 1 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	lodehoyrd.com lodehoyrd.com	4 MB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	508 KB
13	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 45 cm.g.doubleclick.net — Cisco Umbrella Rank: 255	118 KB
12	gstatic.com fonts.gstatic.com www.gstatic.com	172 KB
4	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 49	3 KB
3	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1200 www.googleadservices.com — Cisco Umbrella Rank: 153	603 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 985 s.tribalfusion.com — Cisco Umbrella Rank: 2451	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1069	2 KB
2	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 223	118 KB
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 913	339 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 796	737 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 50844	610 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 782	545 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3431	104 B
110	15

	Domain	Requested by
42	lodehoyrd.com	lodehoyrd.com
19	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net lodehoyrd.com tpc.googlesyndication.com
12	pagead2.googlesyndication.com	lodehoyrd.com pagead2.googlesyndication.com tpc.googlesyndication.com googleads.g.doubleclick.net
9	fonts.gstatic.com	fonts.googleapis.com
7	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
6	cm.g.doubleclick.net	googleads.g.doubleclick.net
4	fonts.googleapis.com	lodehoyrd.com googleads.g.doubleclick.net tpc.googlesyndication.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	www.googleadservices.com
2	pm.w55c.net	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	googleads.g.doubleclick.net
1	onetag-sys.com	1 redirects
1	d.agkn.com	1 redirects
1	gcm.ctnsnet.com	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
110	20

This site contains links to these domains. Also see Links.

Domain
google
afthemes.com

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.lodehoyrd.com R3	`2023-10-03` - `2024-01-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://lodehoyrd.com/
Frame ID: A2618C79BCB9FAA76077809EDE5EAA8E
Requests: 57 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html
Frame ID: DC13DF5FA8598BFEDAD62084D5AA51AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8516993065968624&output=html&adk=1812271804&adf=3025194257&lmt=1696536106&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Flodehoyrd.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1696543305876&bpp=407&bdt=267&idt=707&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6298494647795&frm=20&pv=2&ga_vid=1692789048.1696543307&ga_sid=1696543307&ga_hid=1584549850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C42531706%2C42532402%2C44785293%2C44795922%2C31078601&oid=2&pvsid=3655748225114790&tmod=1898232510&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=742
Frame ID: F3171A977527A637E11DEAC7C63E8C43
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8516993065968624&output=html&h=280&adk=1693796318&adf=2739714252&pi=t.aa~a.1459729776~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1696536107&rafmt=1&to=qs&pwprc=7570709040&format=1004x280&url=http%3A%2F%2Flodehoyrd.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1696543307653&bpp=3&bdt=2045&idt=3&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01bef10c13c89392-227744a72bdf0031%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mab8n0gw5TiaQWp-a0Qacot9AO6Rg&gpic=UID%3D00000c8f6afb0444%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mbx9r9r6iFreJRQB95goW_hsJzCFA&prev_fmts=0x0&nras=2&correlator=6298494647795&frm=20&pv=1&ga_vid=1692789048.1696543307&ga_sid=1696543307&ga_hid=1584549850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=110&ady=3967&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C42531706%2C42532402%2C44785293%2C44795922%2C31078601&oid=2&pvsid=3655748225114790&tmod=1898232510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mppbxqkeNf&p=http%3A//lodehoyrd.com&dtd=26
Frame ID: 86F59FC0364C99DEA324932131AC8AB0
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Frame ID: AE87ED81A0FAE0070F47DAEDEEA56BF7
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html
Frame ID: F0FAA2AFB97FF5BFA03362BC98EED726
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js
Frame ID: 3267CD0580286FAE88A565DEBD3DF143
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: BCB1F75761E8034BE67651A8CEE35DE3
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3D312BDD9565C5BA711D3CA4E45177C9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: D5D4DC9D52356835863BC9266F2801A3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8823353B52EC8174749F8F3F3A0500CB
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js
Frame ID: F46D383F30F9165C0D463F8295E0040A
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

LodeHoyRD – Periodismo Independiente

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

110
Requests

71 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

15
IPs

4
Countries

4642 kB
Transfer

6870 kB
Size

13
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: http://google/
Title: Felix Arroyo

Search URL Search Domain Scan URL

URL: https://afthemes.com/products/newsium
Title: Newsium

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 95

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXpFutD7g77x-tpB5auVes&google_cver=1&google_push=AXcoOmSILaEOOxYlm_YojdWdmOojURuMwqE8eC_niZXF2MSdatp9VLfg2tCaizlG8UQ90R6Tz-7Ahdf7u715r1MI86Vpe2F6jDWcqoq9 HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXpFutD7g77x-tpB5auVes&google_cver=1&google_push=AXcoOmSILaEOOxYlm_YojdWdmOojURuMwqE8eC_niZXF2MSdatp9VLfg2tCaizlG8UQ90R6Tz-7Ahdf7u715r1MI86Vpe2F6jDWcqoq9 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmtFU3hqdVoxUU93cEs1&google_gid=CAESEPXpFutD7g77x-tpB5auVes&google_cver=1&google_push=AXcoOmSILaEOOxYlm_YojdWdmOojURuMwqE8eC_niZXF2MSdatp9VLfg2tCaizlG8UQ90R6Tz-7Ahdf7u715r1MI86Vpe2F6jDWcqoq9

Request Chain 96

https://a.tribalfusion.com/i.match?p=b6&u=CAESEK1trQEkIqB06DN5AdrZ6Pg&google_cver=1&google_push=AXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK1trQEkIqB06DN5AdrZ6Pg&google_cver=1&google_push=AXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 97

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEPFHkk4EgsP0zdb0WxSZCiU&google_cver=1&google_push=AXcoOmTa2XIOMsWf0L4fxpXAEnYJzhgFn_iV9guux6rrTWnrkcIR_P-8hdN4R2e3962FZbbdEvvoaKtTPhPXdDH1njaTacSYHwZO7kFC HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPFHkk4EgsP0zdb0WxSZCiU&google_push=AXcoOmTa2XIOMsWf0L4fxpXAEnYJzhgFn_iV9guux6rrTWnrkcIR_P-8hdN4R2e3962FZbbdEvvoaKtTPhPXdDH1njaTacSYHwZO7kFC

Request Chain 98

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJrLIEdxveX4D9EuOiq7pO4&google_cver=1&google_push=AXcoOmRV4zwCuXgHLe0_TfR17TgLnDG-Gfzl6a4YcHWgfvxrTdo9-vtzzdGQDz7D7Xpy3K3kGpe1fYBnF75G5DBwncTcB-AndSp08uhW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRV4zwCuXgHLe0_TfR17TgLnDG-Gfzl6a4YcHWgfvxrTdo9-vtzzdGQDz7D7Xpy3K3kGpe1fYBnF75G5DBwncTcB-AndSp08uhW&google_hm=eeb14BeOT-e86JiEI1JvoKE

Request Chain 99

https://d.agkn.com/pixel/2175/?google_gid=CAESEFppW2neR76-baIKfH8w7H4&google_cver=1&google_push=AXcoOmRQXIODfEAmjGNygZMN-9N2UiwwNca7L-EspjLOlaRJd17C5InjkqDMvc_e-3HEOZmvURgLTnDtLo8HhGPwEIb2Ujh-6Z6DD4Pe HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRQXIODfEAmjGNygZMN-9N2UiwwNca7L-EspjLOlaRJd17C5InjkqDMvc_e-3HEOZmvURgLTnDtLo8HhGPwEIb2Ujh-6Z6DD4Pe&google_hm=Q0FFU0VGcHBXMm5lUjc2LWJhSUtmSDh3N0g0

Request Chain 100

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELDMHQozbtxWGdiaMeyHEsM&google_cver=1&google_push=AXcoOmQJGjaecF1KV-uxl2Pvxerq5nwLjgnxABGZwGNLlac-DtYnpcigOI3kxHkoKMQ3wMc9wc-0gMlI3Abcb9sPjHY9N7bN61iC-vc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJGjaecF1KV-uxl2Pvxerq5nwLjgnxABGZwGNLlac-DtYnpcigOI3kxHkoKMQ3wMc9wc-0gMlI3Abcb9sPjHY9N7bN61iC-vc

Request Chain 106

https://googleads.g.doubleclick.net/pagead/adview?ai=CfsO0SzIfZaGbL9qXiM0P1-2eoArwtKHLZ6n76MKZCWQQASCNvI0fYJXikIKgB6AB9du7yQPIAQmpAqPKqSMRrbE-qAMByAPLBKoEgQJP0HoSNCnwjt6rOUNS4DuwN_Oo7Z2H_qWUPr0MWx4jWrPVIH372jRPid98GqlTy0NDkb-DqQWyPjBosWpo6GTgRR-bXWmXEsDQUeAQeWbD7r3yTUfwCJ4btY8UpJA6BLJO8i9njVgmA9-FrDVUH1sEAMfKu-Q7DQPg0wqWcqOTnHOMXaJA2C_yKjUn1lWzejLfNKB8Pbw40R_doh2YmCL2J2CSMw7k8KHN-2FHFzSMds06xJ7s-xXBF8syPcufN9UMIBeJuy6M_TI53z1L6rfwK48lGKy6lGDuSPbcexPSiJHguVw1PAR3pYDJXAZ7NnZFyFoBCPi18BCcnYx9UWvHdsAEioDhnpABiAXwuubSApIFBAgEGAGSBQQIBRgEoAYugAfzo8Q2qAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQjuIH0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJGWh0dHBzOi8vd3d3LmFiYy1kZXNpZ24uZGWACgHICwG4E-QD2BMNiBQO0BUBmBYBgBcBshccChoIABIUcHViLTg1MTY5OTMwNjU5Njg2MjQYAA&sigh=cJK_zb3pskk&uach_m=[UACH]&ase=2&nis=4&cid=CAQSOwDICaaNcvvfLzF_BHoLPSr89IX0xUChX7RYF9AJAA7QItQ5lPcLhuewH_jcVUf4EOOxWRwn_i3paqz2GAE&template_id=484&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224614079415367506835%22,%22debug_reporting%22:true,%22destination%22:%22https://abc-design.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22959376885%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222285677590677888881%22}&andc=true

110 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
lodehoyrd.com/ 119 KB
18 KB 1922ms
464ms Document
text/html 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed / PHP/7.4.33
Resource Hash: 7bfc17d9caa5df419d961f8455fc584d5ea4ad8013a67e43a58f34715c1cbcf9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 22:01:45 GMT
link: <https://lodehoyrd.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
transfer-encoding: chunked
vary: Accept-Encoding
x-powered-by: PHP/7.4.33

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
50 KB 169ms
61ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8516993065968624

Requested by

Host: lodehoyrd.com
URL: http://lodehoyrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bff000550d69e34ddf214963c24bbb72139000b5aad864292933376c46198e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lodehoyrd.com/
Origin: http://lodehoyrd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51252
x-xss-protection: 0
server: cafe
etag: 3797985818146953785
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK style.min.css
lodehoyrd.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 265ms
154ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-includes/css/dist/block-library/style.min.css?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Wed, 19 Jul 2023 23:43:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 13801
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK font-awesome.min.css
lodehoyrd.com/wp-content/themes/newsium/assets/font-awesome/css/ 30 KB
7 KB 315ms
160ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/font-awesome/css/font-awesome.min.css?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 6989
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK bootstrap.min.css
lodehoyrd.com/wp-content/themes/newsium/assets/bootstrap/css/ 118 KB
20 KB 317ms
160ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/bootstrap/css/bootstrap.min.css?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 51043dd1f5f4053d920d79049b087813702cbe1c0e4ac623b06f27cabe289e90

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 19713
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK slick.min.css
lodehoyrd.com/wp-content/themes/newsium/assets/slick/css/ 1 KB
845 B 317ms
161ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/slick/css/slick.min.css?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 475
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK jquery.sidr.dark.css
lodehoyrd.com/wp-content/themes/newsium/assets/sidr/css/ 998 B
794 B 317ms
159ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/sidr/css/jquery.sidr.dark.css?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: c2fb0b4e76f7ecddceb79fb156c637b3bac113f348ee449ca10db892f27517f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 424
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK magnific-popup.css
lodehoyrd.com/wp-content/themes/newsium/assets/magnific-popup/ 7 KB
2 KB 317ms
160ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/magnific-popup/magnific-popup.css?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1811
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H2 200 css
fonts.googleapis.com/ 14 KB
1 KB 137ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Lato:400,300,400italic,900,700&subset=latin,latin-ext

Requested by

Host: lodehoyrd.com
URL: http://lodehoyrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d244261ee6ed4e08aeabad26bfca35c27f3b5adf2436013dda1d1678bb664b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 22:01:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK style.css
lodehoyrd.com/wp-content/themes/newsium/ 217 KB
31 KB 442ms
154ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/style.css?ver=3.2.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 3a0fc8afb93a2a7b0f1abba9a3236683abe512e2480e7d6254073e17e6b1dcc6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 31473
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK sassy-social-share-public.css
lodehoyrd.com/wp-content/plugins/sassy-social-share/public/css/ 10 KB
3 KB 487ms
156ms Stylesheet
text/css 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/plugins/sassy-social-share/public/css/sassy-social-share-public.css?ver=3.3.53
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 11:04:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2450
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK jquery.min.js Show response
lodehoyrd.com/wp-includes/js/jquery/ 85 KB
30 KB 485ms
154ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:45 GMT
content-encoding: gzip
last-modified: Sat, 27 May 2023 00:03:36 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 30387
expires: Thu, 12 Oct 2023 22:01:45 GMT

GET
H/1.1 200
OK jquery-migrate.min.js Show response
lodehoyrd.com/wp-includes/js/jquery/ 13 KB
5 KB 489ms
158ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 18:19:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4870
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 coopherrera-eddy-vittini-focus-0-0-896-504-150x150.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 7 KB
7 KB 216ms
212ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/coopherrera-eddy-vittini-focus-0-0-896-504-150x150.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: b8bcc15a7ca6fc144d7bf3e9bd0ebdf0320af59a6ebc84bb6d88faf9e4344b91

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 17:10:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7046
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 banda-haitianos-150x150.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 8 KB
8 KB 217ms
213ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/banda-haitianos-150x150.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 006932105ea9c4cf60445af3c51b0468481ba2dcdb6a7485d110db8c1d580674

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:55:29 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7768
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 Cristian-Encarnacion-alcalde-de-Los-Alcarrizos-150x150.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 6 KB
6 KB 221ms
217ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/Cristian-Encarnacion-alcalde-de-Los-Alcarrizos-150x150.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 6c23cd82495af323e62675d0e07c850b97061fc425847b4404a2e2c4a4a9c41a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:27:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 5718
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 28a9399177aaf71627f1b814c1f585d2-150x150.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 8 KB
8 KB 365ms
361ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/28a9399177aaf71627f1b814c1f585d2-150x150.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 7023ab66173e3baed0c45a3607aeca1218a84d1f6bbb4d9243678707082e31cf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:15:56 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 7742
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 bjbnmjkhjhjhj-150x150.png
lodehoyrd.com/wp-content/uploads/2023/10/ 46 KB
46 KB 365ms
362ms Image
image/png 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/bjbnmjkhjhjhj-150x150.png
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 0d3c1b39c2ce535fd92cd31a94f9f198ed5921bcd0650878c4c0f26787d11ab5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:07:41 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 47030
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
BLOB 200
OK f05efe98-bd7f-44f2-a01a-9fe5f88f87e9
http://lodehoyrd.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:http://lodehoyrd.com/f05efe98-bd7f-44f2-a01a-9fe5f88f87e9
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H2 200 coopherrera-eddy-vittini-focus-0-0-896-504.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 60 KB
61 KB 606ms
300ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/coopherrera-eddy-vittini-focus-0-0-896-504.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 39c5deaffd7f09a38db3c00c4c9f1e96daebce5576e948272cfc649e894f9d22

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 17:10:34 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 61814
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 banda-haitianos.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 98 KB
99 KB 367ms
363ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/banda-haitianos.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 84753d6a66ec6eff0c019886a819f965370b7bc2b46dfdf4326db9e7ccf7bf43

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:55:28 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 100794
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 Cristian-Encarnacion-alcalde-de-Los-Alcarrizos.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 60 KB
60 KB 367ms
364ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/Cristian-Encarnacion-alcalde-de-Los-Alcarrizos.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 8ecfc17eabd74dea1fd273f66f09cc540b15fe6340f0735f33ca852187cba8de

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:27:12 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 61621
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 28a9399177aaf71627f1b814c1f585d2.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 86 KB
86 KB 367ms
364ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/28a9399177aaf71627f1b814c1f585d2.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: a8e15350998652fe1784d6af3ce85f5a9ccb7f0191aeeb3b96c5e2b450ddc950

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:15:56 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 88110
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 bjbnmjkhjhjhj.png
lodehoyrd.com/wp-content/uploads/2023/10/ 853 KB
853 KB 515ms
512ms Image
image/png 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/bjbnmjkhjhjhj.png
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: d778b3af67b9c33e0b39d60e98ce5b8bfdade773bf74dce424667488b006c7c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:07:40 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 873137
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK navigation.js Show response
lodehoyrd.com/wp-content/themes/newsium/js/ 3 KB
1 KB 158ms
157ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/js/navigation.js?ver=20151215
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1096
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK skip-link-focus-fix.js Show response
lodehoyrd.com/wp-content/themes/newsium/js/ 685 B
800 B 162ms
158ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/js/skip-link-focus-fix.js?ver=20151215
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 416
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK slick.min.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/slick/js/ 41 KB
10 KB 160ms
156ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/slick/js/slick.min.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 10173
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK bootstrap.min.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/bootstrap/js/ 57 KB
15 KB 161ms
156ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/bootstrap/js/bootstrap.min.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 15424
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK jquery.sidr.min.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/sidr/js/ 7 KB
3 KB 158ms
154ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/sidr/js/jquery.sidr.min.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 2628
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK jquery.magnific-popup.min.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/magnific-popup/ 20 KB
8 KB 163ms
158ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/magnific-popup/jquery.magnific-popup.min.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 76fa60ed57bfa134bdc5ebf61c8fc8f34c478abf3ddb5523fe14fed62e2ff8b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 7380
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK jquery.matchHeight.min.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/jquery-match-height/ 3 KB
2 KB 155ms
154ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/jquery-match-height/jquery.matchHeight.min.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1383
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK jquery.marquee.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/marquee/ 22 KB
5 KB 163ms
160ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/marquee/jquery.marquee.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 1cdc5272f4719ff59e37324c8c4811884538a31ffe610b7983b94fc376e8a73f

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 4536
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK theia-sticky-sidebar.min.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/theiaStickySidebar/ 5 KB
2 KB 161ms
159ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/theiaStickySidebar/theia-sticky-sidebar.min.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 1773
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK script.js Show response
lodehoyrd.com/wp-content/themes/newsium/assets/ 28 KB
3 KB 157ms
156ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/script.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 5a04a9d6e28f93c2312520967deb79b193784aee977562cf093c64095966ce0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Mon, 21 Aug 2023 06:04:03 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 3110
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H/1.1 200
OK sassy-social-share-public.js Show response
lodehoyrd.com/wp-content/plugins/sassy-social-share/public/js/ 122 KB
41 KB 157ms
156ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/plugins/sassy-social-share/public/js/sassy-social-share-public.js?ver=3.3.53
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: f496f0b2acb488f65713f60c528a3ee405d53c6dff6c3ec27e7e691d39221e0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Tue, 22 Aug 2023 11:04:11 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 41344
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 380 KB
129 KB 159ms
80ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8516993065968624&plah=lodehoyrd.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8516993065968624

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

29f6faf0d0baa58f6e94868c69e7a40a9535ce1dc3f702abe9cffc1f29898fa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131791
x-xss-protection: 0
server: cafe
etag: 14336955367332869326
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 22:01:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame DC13 10 KB
5 KB 133ms
38ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8516993065968624

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lodehoyrd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29108
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 13:56:38 GMT
etag: 2603938475786422795
expires: Thu, 19 Oct 2023 13:56:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 175ms
83ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Lato:400,300,400italic,900,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://lodehoyrd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 03:38:46 GMT
x-content-type-options: nosniff
age: 66180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23580
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:17:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 03:38:46 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 132ms
39ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Lato:400,300,400italic,900,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://lodehoyrd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 462267
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 13:37:19 GMT

GET
H/1.1 200
OK fontawesome-webfont.woff2
lodehoyrd.com/wp-content/themes/newsium/assets/font-awesome/fonts/ 75 KB
76 KB 288ms
154ms Font
font/woff2 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/wp-content/themes/newsium/assets/font-awesome/css/font-awesome.min.css?ver=6.3.1
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: http://lodehoyrd.com/wp-content/themes/newsium/assets/font-awesome/css/font-awesome.min.css?ver=6.3.1
Origin: http://lodehoyrd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Mon, 21 Aug 2023 06:04:02 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 77160
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 194ms
102ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Lato:400,300,400italic,900,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://lodehoyrd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:54:52 GMT
x-content-type-options: nosniff
age: 18414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23040
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:07:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 16:54:52 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 140ms
48ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,500,700|Lato:400,300,400italic,900,700&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://lodehoyrd.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 582894
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 04:06:52 GMT

GET
H2 200 coopherrera-eddy-vittini-focus-0-0-896-504-720x475.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 54 KB
54 KB 477ms
474ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/coopherrera-eddy-vittini-focus-0-0-896-504-720x475.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: fd9e718ca4345df5ed11f797b0bfe75e86dade2f254cef31b4c7739e5756ab8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 17:10:35 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 54847
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 Cristian-Encarnacion-alcalde-de-Los-Alcarrizos-720x402.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 34 KB
34 KB 477ms
474ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/Cristian-Encarnacion-alcalde-de-Los-Alcarrizos-720x402.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 47b837450bb4a5fff90676fe80c67fea3fec2fa3459a55dfa31add00c1226073

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:27:13 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 34835
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 bjbnmjkhjhjhj-720x472.png
lodehoyrd.com/wp-content/uploads/2023/10/ 473 KB
474 KB 477ms
474ms Image
image/png 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/bjbnmjkhjhjhj-720x472.png
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 1fcd72fc13198bf4a9365bfd4c1ce1bc0a54a92c96a630cfadc353ed34c46b3b

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Thu, 05 Oct 2023 02:07:42 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 484666
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 hbnmhjmjjklk-720x475.png
lodehoyrd.com/wp-content/uploads/2023/10/ 524 KB
524 KB 477ms
474ms Image
image/png 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/hbnmhjmjjklk-720x475.png
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: d6d6e46930da4e1478e1cbe450234a663fabdd826a486a01d453b38d9379b595

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Wed, 04 Oct 2023 20:56:44 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 536414
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 LMHJKMKLKLKJKKJ.png
lodehoyrd.com/wp-content/uploads/2023/10/ 433 KB
433 KB 477ms
475ms Image
image/png 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/LMHJKMKLKLKJKKJ.png
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: a8cf25cadab9e2e07d52eabd4d9b7dce23141ed3a3ebbcbf6d6d9aed135c5931

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
last-modified: Wed, 04 Oct 2023 20:50:40 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 443038
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 393 B
603 B 131ms
46ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=lodehoyrd.com&callback=_gfp_s_&client=ca-pub-8516993065968624

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8516993065968624&plah=lodehoyrd.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d1a7de1cf073f8291434268d230bd2282c8fd1a468ce2f348755a0524dfeb53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 252
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame F317 263 KB
66 KB 877ms
874ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8516993065968624&output=html&adk=1812271804&adf=3025194257&lmt=1696536106&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Flodehoyrd.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&dt=1696543305876&bpp=407&bdt=267&idt=707&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6298494647795&frm=20&pv=2&ga_vid=1692789048.1696543307&ga_sid=1696543307&ga_hid=1584549850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C42531706%2C42532402%2C44785293%2C44795922%2C31078601&oid=2&pvsid=3655748225114790&tmod=1898232510&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=742

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3284b19c3de342dc4c4a250b7a7bb627267a9a4a8b982f6c80dad62eb27667d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lodehoyrd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 67680
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:01:47 GMT
expires: Thu, 05 Oct 2023 22:01:47 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 74ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=af-preloader&ign=false&pw=1600&ph=1200&x=0&y=1060.8

Requested by

Host: lodehoyrd.com
URL: http://lodehoyrd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
72ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=af-preloader&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: lodehoyrd.com
URL: http://lodehoyrd.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK wp-emoji-release.min.js Show response
lodehoyrd.com/wp-includes/js/ 18 KB
5 KB 158ms
157ms Script
application/javascript 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to

Full URL: http://lodehoyrd.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: HTTP/1.1
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:46 GMT
content-encoding: gzip
last-modified: Thu, 02 Feb 2023 14:23:26 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
Connection: Keep-Alive
accept-ranges: bytes
Keep-Alive: timeout=5, max=100
content-length: 5052
expires: Thu, 12 Oct 2023 22:01:46 GMT

GET
H2 200 hgjhkjgljlltgdhgfd-720x420.png
lodehoyrd.com/wp-content/uploads/2023/10/ 533 KB
534 KB 359ms
356ms Image
image/png 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/hgjhkjgljlltgdhgfd-720x420.png
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: 411dd371f27b3af3e1a60caf5cfa4fda34b78c4ccf168f42bee6340db6f54783

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:47 GMT
last-modified: Wed, 04 Oct 2023 20:24:45 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 545918
expires: Thu, 12 Oct 2023 22:01:47 GMT

GET
H2 200 Martelly-222.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 81 KB
81 KB 359ms
356ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/Martelly-222.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: ecb6315d2b09ac5eb2d962012bda840e751ea5155c51a11db94d9b28c4974fe6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:47 GMT
last-modified: Wed, 04 Oct 2023 02:19:55 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 83247
expires: Thu, 12 Oct 2023 22:01:47 GMT

GET
H2 200 Untitled-6-720x475.jpg
lodehoyrd.com/wp-content/uploads/2023/10/ 52 KB
52 KB 360ms
357ms Image
image/jpeg 51.81.152.36
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lodehoyrd.com/wp-content/uploads/2023/10/Untitled-6-720x475.jpg
Requested by: Host: lodehoyrd.com
URL: http://lodehoyrd.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 51.81.152.36 Hillsboro, United States, ASN16276 (OVH, FR),
Reverse DNS: single501.hostingrd.com
Software: LiteSpeed /
Resource Hash: be17dc7488d98c61cd4801799db0766c12323e4e83249305a5a2c6f5609663f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:47 GMT
last-modified: Tue, 03 Oct 2023 22:22:27 GMT
server: LiteSpeed
content-type: image/jpeg
cache-control: public, max-age=604800
accept-ranges: bytes
content-length: 52966
expires: Thu, 12 Oct 2023 22:01:47 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 99ms
88ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9532b324b473a693670509448f3e455ae68f912a38898355394885a70b335fcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12055
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/ 154 KB
53 KB 83ms
76ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202309291101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e401908e197f237fa4a6e7005535910ff7e719adc318233c2ab9e4ab7c6475d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:47 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53736
x-xss-protection: 0
server: cafe
etag: 15550962387533744299
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 05 Oct 2023 22:01:47 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 86F5 122 KB
41 KB 646ms
637ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8516993065968624&output=html&h=280&adk=1693796318&adf=2739714252&pi=t.aa~a.1459729776~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1696536107&rafmt=1&to=qs&pwprc=7570709040&format=1004x280&url=http%3A%2F%2Flodehoyrd.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1696543307653&bpp=3&bdt=2045&idt=3&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01bef10c13c89392-227744a72bdf0031%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mab8n0gw5TiaQWp-a0Qacot9AO6Rg&gpic=UID%3D00000c8f6afb0444%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mbx9r9r6iFreJRQB95goW_hsJzCFA&prev_fmts=0x0&nras=2&correlator=6298494647795&frm=20&pv=1&ga_vid=1692789048.1696543307&ga_sid=1696543307&ga_hid=1584549850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=110&ady=3967&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C42531706%2C42532402%2C44785293%2C44795922%2C31078601&oid=2&pvsid=3655748225114790&tmod=1898232510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mppbxqkeNf&p=http%3A//lodehoyrd.com&dtd=26

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0aeaeae89f3d20503c9bb4f177218f6ddf6d7de816e744ecf51408ddccf74e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lodehoyrd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 41776
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:01:48 GMT
expires: Thu, 05 Oct 2023 22:01:48 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 212ms
81ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Oct 2023 22:01:47 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame AE87 10 KB
4 KB 38ms
36ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lodehoyrd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 15285
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4471
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 17:47:02 GMT
etag: 2603938475786422795
expires: Thu, 19 Oct 2023 17:47:02 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame AE87 4 KB
767 B 50ms
48ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 22:01:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 21:45:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 22:01:47 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE87 205 B
650 B 138ms
38ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Wed, 04 Oct 2023 18:51:21 GMT
x-content-type-options: nosniff
age: 97826
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 03 Oct 2024 18:51:21 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame AE87 604 B
697 B 142ms
42ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 09:34:53 GMT
x-content-type-options: nosniff
age: 476814
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 29 Sep 2024 09:34:53 GMT

GET
H2 200 fullscreen_api_adapter_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame AE87 15 KB
7 KB 47ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:13:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20918
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6551
x-xss-protection: 0
server: cafe
etag: 6101707970674548951
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 16:13:09 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame AE87 20 KB
8 KB 49ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:39:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30143
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8566
x-xss-protection: 0
server: cafe
etag: 11420928434021954480
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:39:24 GMT

GET
H2 200 Responsive_listing.html Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame F0FA 4 KB
1 KB 40ms
37ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Requested by

Host: lodehoyrd.com
URL: http://lodehoyrd.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 55626
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 1016
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 06:34:41 GMT
etag: 11900953634711111692
expires: Fri, 06 Oct 2023 06:34:41 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 3267 23 KB
9 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30336
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:11 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCB1 143 B
166 B 42ms
41ms Document
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2273
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 21:23:55 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 3267 3 KB
1 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:09 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 3267 20 KB
8 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3267 187 KB
59 KB 186ms
80ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 22:01:48 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3D31 13 KB
5 KB 48ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://lodehoyrd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 51883
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 07:37:05 GMT
expires: Fri, 04 Oct 2024 07:37:05 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame D5D4 829 B
998 B 134ms
48ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

14b8226608e96db977b90824eb0614e330a9cf28ea6e8d3c5325dd9fe049a07e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lFTqxW4i4SF3Xyt2mYLyZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://lodehoyrd.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-lFTqxW4i4SF3Xyt2mYLyZQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:01:48 GMT
expires: Thu, 05 Oct 2023 22:01:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 Configurable_01_122.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F0FA 74 KB
25 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:56:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25356
x-xss-protection: 0
server: cafe
etag: 15511454539072389427
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Oct 2023 06:56:34 GMT

GET
H2 200 Responsive_listing.js Show response
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame F0FA 199 KB
65 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 04:29:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 63115
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66166
x-xss-protection: 0
server: cafe
etag: 5199203132765013944
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Oct 2023 04:29:53 GMT

GET
H2 200 Responsive_listing.css
tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/ Frame F0FA 11 KB
2 KB 41ms
41ms Stylesheet
text/css 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.css

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 06:46:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1758
x-xss-protection: 0
server: cafe
etag: 15825927903621683888
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Oct 2023 06:46:46 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame BCB1
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

47ms
47ms

Document
text/html

2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:01:48 GMT
expires: Thu, 05 Oct 2023 22:01:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Oct 2023 22:01:48 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame F0FA 34 KB
13 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/Configurable_01_122.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:31:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30627
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13035
x-xss-protection: 0
server: cafe
etag: 2319883687766034370
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 06 Oct 2023 13:31:21 GMT

GET
H3 200 YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3D31 37 KB
14 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 16:41:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14663
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 16:41:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame D5D4 0
0 78ms
76ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=3655748225114790&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

GET
H3 200 css
fonts.googleapis.com/ Frame F0FA 6 KB
706 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/in_page_full_auto_V1/Responsive_listing.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 22:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 21:49:41 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 22:01:48 GMT

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame F0FA 38 KB
14 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 10:33:14 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 86F5 4 KB
655 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8516993065968624&output=html&h=280&adk=1693796318&adf=2739714252&pi=t.aa~a.1459729776~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1696536107&rafmt=1&to=qs&pwprc=7570709040&format=1004x280&url=http%3A%2F%2Flodehoyrd.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1696543307653&bpp=3&bdt=2045&idt=3&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01bef10c13c89392-227744a72bdf0031%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mab8n0gw5TiaQWp-a0Qacot9AO6Rg&gpic=UID%3D00000c8f6afb0444%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mbx9r9r6iFreJRQB95goW_hsJzCFA&prev_fmts=0x0&nras=2&correlator=6298494647795&frm=20&pv=1&ga_vid=1692789048.1696543307&ga_sid=1696543307&ga_hid=1584549850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=110&ady=3967&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C42531706%2C42532402%2C44785293%2C44795922%2C31078601&oid=2&pvsid=3655748225114790&tmod=1898232510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mppbxqkeNf&p=http%3A//lodehoyrd.com&dtd=26

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Oct 2023 22:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 05 Oct 2023 21:42:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Oct 2023 22:01:48 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 86F5 2 KB
892 B 43ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:37:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30270
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:37:18 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 86F5 23 KB
9 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30337
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9151
x-xss-protection: 0
server: cafe
etag: 7930219084593097114
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:11 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 86F5 3 KB
1 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:09 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8823 1 KB
643 B 41ms
39ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 84338
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 04 Oct 2023 22:36:10 GMT
etag: 48472445140208031
expires: Thu, 05 Oct 2023 22:36:10 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 86F5 20 KB
8 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:36:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30339
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8339
x-xss-protection: 0
server: cafe
etag: 16954770952846736976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Oct 2023 13:36:09 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86F5 187 KB
59 KB 80ms
76ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60043
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1696419354076528"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Oct 2023 22:01:48 GMT

GET
H2 200 f20a2b7dfb9062a0a08db52babdaa11c.js Show response
www.gstatic.com/mysidia/ Frame 86F5 37 KB
16 KB 41ms
37ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f20a2b7dfb9062a0a08db52babdaa11c.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42270
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15586
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:46:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 03 Jan 2024 10:17:18 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/18331018062236824616/ Frame 86F5 48 KB
48 KB 50ms
48ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/18331018062236824616/14763004658117789537?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f20add2ff01fd9c888cc30daeb42bf93257fd0437482fb47a6b5b83cbda9c28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 08:23:57 GMT
x-content-type-options: nosniff
age: 567471
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49079
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 15:41:01 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 28 Sep 2024 08:23:57 GMT

GET
H3 200 7497262736352321936
tpc.googlesyndication.com/simgad/ Frame 86F5 2 KB
2 KB 65ms
63ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7497262736352321936?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49640a621ddf8a2da7d6e6ce9aa0faba742b0ea7d5f2d2b465efec5d9a480e9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 13:29:58 GMT
x-content-type-options: nosniff
age: 30710
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2486
x-xss-protection: 0
last-modified: Wed, 02 Dec 2020 10:08:26 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 04 Oct 2024 13:29:58 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F0FA 15 KB
15 KB 43ms
41ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 582896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 04:06:52 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F0FA 15 KB
16 KB 43ms
43ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Sat, 30 Sep 2023 13:37:19 GMT
x-content-type-options: nosniff
age: 462269
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 29 Sep 2024 13:37:19 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame F0FA 15 KB
15 KB 49ms
48ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,700,300&subset=latin

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 15:22:55 GMT
x-content-type-options: nosniff
age: 542333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 15:22:55 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 8823 0
104 B 158ms
68ms Image
text/plain 2a02:fa8:8806:12::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEMPkfmHBlDXojWQGpBu-vro&google_cver=1&google_push=AXcoOmSY0AbW6_UEqP9lA7qswvpcVzeG01Z0eOvtugRL3tfc6Ll1VcswrLnc2t225_JnAswNW2QXihsOFnL6j_y2Y-oC8fziniP5udoK
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8516993065968624&output=html&h=280&adk=1693796318&adf=2739714252&pi=t.aa~a.1459729776~rp.4&w=1004&fwrn=4&fwrnh=100&lmt=1696536107&rafmt=1&to=qs&pwprc=7570709040&format=1004x280&url=http%3A%2F%2Flodehoyrd.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&dt=1696543307653&bpp=3&bdt=2045&idt=3&shv=r20231004&mjsv=m202309291101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D01bef10c13c89392-227744a72bdf0031%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mab8n0gw5TiaQWp-a0Qacot9AO6Rg&gpic=UID%3D00000c8f6afb0444%3AT%3D1696543306%3ART%3D1696543306%3AS%3DALNI_Mbx9r9r6iFreJRQB95goW_hsJzCFA&prev_fmts=0x0&nras=2&correlator=6298494647795&frm=20&pv=1&ga_vid=1692789048.1696543307&ga_sid=1696543307&ga_hid=1584549850&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=110&ady=3967&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31077328%2C42531706%2C42532402%2C44785293%2C44795922%2C31078601&oid=2&pvsid=3655748225114790&tmod=1898232510&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=23&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=mppbxqkeNf&p=http%3A//lodehoyrd.com&dtd=26
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8823
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXpFutD7g77x-tpB5auVes&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEPXpFutD7g77x-tpB5auVes&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmtFU3hqdVoxUU93cEs1&google_gid=CAESEPXpFutD7g77x-tpB5auVes&google_cver=1&google_push=AXcoOmSILaEOOxYlm_YojdWdmOojURuMwqE8eC_niZXF2MS...

170 B
232 B

50ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmtFU3hqdVoxUU93cEs1&google_gid=CAESEPXpFutD7g77x-tpB5auVes&google_cver=1&google_push=AXcoOmSILaEOOxYlm_YojdWdmOojURuMwqE8eC_niZXF2MSdatp9VLfg2tCaizlG8UQ90R6Tz-7Ahdf7u715r1MI86Vpe2F6jDWcqoq9

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Oct 2023 22:01:48 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-790-g2a3fdc2#rel-ec2-master i-0e3fa82937dfe784e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=cmtFU3hqdVoxUU93cEs1&google_gid=CAESEPXpFutD7g77x-tpB5auVes&google_cver=1&google_push=AXcoOmSILaEOOxYlm_YojdWdmOojURuMwqE8eC_niZXF2MSdatp9VLfg2tCaizlG8UQ90R6Tz-7Ahdf7u715r1MI86Vpe2F6jDWcqoq9
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 8823
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEK1trQEkIqB06DN5AdrZ6Pg&google_cver=1&google_push=AXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7c...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK1trQEkIqB06DN5AdrZ6Pg&google_cver=1&google_push=AXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI...

43 B
418 B

185ms
167ms

Image
image/gif

2606:4700::6812:18ad
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK1trQEkIqB06DN5AdrZ6Pg&google_cver=1&google_push=AXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Server: 2606:4700::6812:18ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8118f1fffdc14d3d-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 267
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEK1trQEkIqB06DN5AdrZ6Pg&google_cver=1&google_push=AXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmRpURlgxb-ImQOObz_PTHrzPCko3NUO0y6opXOFNNZN9Oa-ov2O34VCHsKdhiXkmtRqG8Q1fPpG1y3Cfk0ggVA3aIa6mSI7cgk6%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 8118f1fecc744d3d-FRA
alt-svc: h3=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8823
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPFHkk4EgsP0zdb0WxSZCiU&google_push=AXcoOmTa2XIOMsWf0L4fxpXAEnYJzhgFn_iV9guux6rrTWnrkcIR_P-8hd...

170 B
232 B

49ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPFHkk4EgsP0zdb0WxSZCiU&google_push=AXcoOmTa2XIOMsWf0L4fxpXAEnYJzhgFn_iV9guux6rrTWnrkcIR_P-8hdN4R2e3962FZbbdEvvoaKtTPhPXdDH1njaTacSYHwZO7kFC

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-fra-eddf8230097-FRA
pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1696543309.624003,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEPFHkk4EgsP0zdb0WxSZCiU&google_push=AXcoOmTa2XIOMsWf0L4fxpXAEnYJzhgFn_iV9guux6rrTWnrkcIR_P-8hdN4R2e3962FZbbdEvvoaKtTPhPXdDH1njaTacSYHwZO7kFC
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8823
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJrLIEdxveX4D9EuOiq7pO4&google_cver=1&google_push=AXcoOmRV4zwCuXgHLe0_TfR17TgLnDG-Gfzl6a4YcHWgfvxrTdo9-vtzzdGQDz7D7Xpy3K3kGpe1fYBnF75...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRV4zwCuXgHLe0_TfR17TgLnDG-Gfzl6a4YcHWgfvxrTdo9-vtzzdGQDz7D7Xpy3K3kGpe1fYBnF75G5DBwncTcB-AndSp08uhW&google_hm=eeb14BeOT-e86JiE...

170 B
232 B

84ms
49ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRV4zwCuXgHLe0_TfR17TgLnDG-Gfzl6a4YcHWgfvxrTdo9-vtzzdGQDz7D7Xpy3K3kGpe1fYBnF75G5DBwncTcB-AndSp08uhW&google_hm=eeb14BeOT-e86JiEI1JvoKE

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRV4zwCuXgHLe0_TfR17TgLnDG-Gfzl6a4YcHWgfvxrTdo9-vtzzdGQDz7D7Xpy3K3kGpe1fYBnF75G5DBwncTcB-AndSp08uhW&google_hm=eeb14BeOT-e86JiEI1JvoKE
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8823
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEFppW2neR76-baIKfH8w7H4&google_cver=1&google_push=AXcoOmRQXIODfEAmjGNygZMN-9N2UiwwNca7L-EspjLOlaRJd17C5InjkqDMvc_e-3HEOZmvURgLTnDtLo8HhGPwEIb2Ujh-6Z6DD4Pe
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRQXIODfEAmjGNygZMN-9N2UiwwNca7L-EspjLOlaRJd17C5InjkqDMvc_e-3HEOZmvURgLTnDtLo8HhGPwEIb2Ujh-6Z6DD4Pe&google_hm=Q0FFU0VGcHBXMm5lU...

170 B
329 B

75ms
47ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRQXIODfEAmjGNygZMN-9N2UiwwNca7L-EspjLOlaRJd17C5InjkqDMvc_e-3HEOZmvURgLTnDtLo8HhGPwEIb2Ujh-6Z6DD4Pe&google_hm=Q0FFU0VGcHBXMm5lUjc2LWJhSUtmSDh3N0g0

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 05 Oct 2023 22:01:48 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmRQXIODfEAmjGNygZMN-9N2UiwwNca7L-EspjLOlaRJd17C5InjkqDMvc_e-3HEOZmvURgLTnDtLo8HhGPwEIb2Ujh-6Z6DD4Pe&google_hm=Q0FFU0VGcHBXMm5lUjc2LWJhSUtmSDh3N0g0
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 8823
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESELDMHQozbtxWGdiaMeyHEsM&google_cver=1&google_push=AXcoOmQJGjaecF1KV-uxl2Pvxerq5nwLjgnxABGZwGNLlac-DtYnpcigOI3kxHkoKMQ3wMc9wc-0gMlI3Abc...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJGjaecF1KV-uxl2Pvxerq5nwLjgnxABGZwGNLlac-DtYnpcigOI3kxHkoKMQ3wMc9wc-0gMlI3Abcb9sPjHY9N7bN61iC-vc

170 B
232 B

99ms
48ms

Image
image/png

142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJGjaecF1KV-uxl2Pvxerq5nwLjgnxABGZwGNLlac-DtYnpcigOI3kxHkoKMQ3wMc9wc-0gMlI3Abcb9sPjHY9N7bN61iC-vc

Requested by

Protocol

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Oct 2023 22:01:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQJGjaecF1KV-uxl2Pvxerq5nwLjgnxABGZwGNLlac-DtYnpcigOI3kxHkoKMQ3wMc9wc-0gMlI3Abcb9sPjHY9N7bN61iC-vc
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8823 0
130 B 168ms
45ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LOL-dNJGf2VtCic7oqLzlbpd6X6gOxaGHUQXJgPb7k_EdDF4x1kLcMYDi8RhpaYU3D_0GB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3D31 0
10 B 38ms
37ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?AIToEQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame 86F5 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 204b7a179fa4d252cc235869fe321e828a0833fdc989c8735c5ce3d640b3ba00

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 86F5 16 KB
16 KB 46ms
45ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 18:20:08 GMT
x-content-type-options: nosniff
age: 13300
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 04 Oct 2024 18:20:08 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 86F5 15 KB
15 KB 45ms
45ms Font
font/woff2 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Fri, 29 Sep 2023 04:06:52 GMT
x-content-type-options: nosniff
age: 582896
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 28 Sep 2024 04:06:52 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 86F5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CfsO0SzIfZaGbL9qXiM0P1-2eoArwtKHLZ6n76MKZCWQQASCNvI0fYJXikIKgB6AB9du7yQPIAQmpAqPKqSMRrbE-qAMByAPLBKoEgQJP0HoSNCnwjt6rOUNS4DuwN_Oo7Z2H_qWUPr0MWx4...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224614079415367506835%22,%22debug_reporting%22:true,%22destination%22:%22https://abc-design.de%22,%22event_report_window%22:...

0
0

155ms
73ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%224614079415367506835%22,%22debug_reporting%22:true,%22destination%22:%22https://abc-design.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22959376885%22],%224%22:[%2210-05%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222285677590677888881%22}&andc=true

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 22:01:49 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"4614079415367506835","debug_reporting":true,"destination":"https://abc-design.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["959376885"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"2285677590677888881"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Oct 2023 22:01:49 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Oct 2023 22:01:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"4614079415367506835","debug_reporting":true,"destination":"https://abc-design.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["959376885"],"4":["10-05"],"6":["true"]},"priority":"500","source_event_id":"2285677590677888881"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js Show response
pagead2.googlesyndication.com/bg/ Frame F46D 38 KB
14 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/bK4GZl0mtHPwIamiN73ahbbApyVSn2vIx_eFPB1ZZt0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

date: Thu, 05 Oct 2023 10:33:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14735
x-xss-protection: 0
last-modified: Mon, 02 Oct 2023 14:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 04 Oct 2024 10:33:14 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 189ms
72ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Thu, 05 Oct 2023 22:01:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=3655748225114790&bg=!NzSlNHvNAAbjlzx0w5c7ADQBe5WfOD4VQ1cPmgRs9u2oe9L5po5S2UvndpRN6KQVOWHGAzLkikjWjTiH1AocYHE2tgmTAgAAAcdSAAAAG2gBBwoAkFfuiHABxjqeqwLsHMtUyAaQZgJYgYuZWrviKdub0RYNVys-HqNobHQ702GG7rhspHGazVKu81UrB0yADpgKvWd3LHHP4sxruoKxm4CnyaJsHmzB2xlk0dQj3yswyfdhN0P23aIDB5OtiR7L-O0rKCFOeSBSw5ouxx2tUmsmxc6m2h23Tp9VAVmv6z0ON4TpJZkCtNllno9TYhSKju4iSLobq8LLiP6SGK8Z9UXqT0aVpASIdwGAFrUcucJ8ZY2OfL1K0GdIbJvNx7K1bGw_cPEeVpKocb9K1Afrus3I6h3iwn0xc_cxE2BCrTrduN60bR4AcgUO5ePrfZLTPE0VA3TvAR4aEgm3irFCh0NTmNFgP1LnJ3X4ZFl1ETQz0qrW_6u9TApY4pBxxtUi7PL2qeVoErNiBU_CVfWHEeJyd42nl7PVYxlHZ1xPogAm6yseQBhvk8FRQIsG32-qC-Td7iLTd1zFZW-wHYSGgtLF3ee_7OM8Cqzww3nKh2tGI_bYZzSxJWmjsJQdGrvLJPvrzb85kt_OFx3JdEmGGlVDzwzPraXTS0iPRJp8K6RaFk_a_4XVpCs6m8JD1v10H2DnMTl7jvJmhGWuRStB75V3HDADJ388N_9VE20EyvTyUn3sOydRyNfeNm2uSRvCKwXrYvLStQfZozTG1yh8Hu5hmEHJ9hj5WjOQKkDyha1LE7G_YN-m654iKIrdc3iPTF1H7c0wkVpQ-f4F7zpC8iFD3cx1WKKbgVgV-KHed1NQQy7TajTs6k1v29rLLPKK6W3J_dARWL7fWEd1yFUQixVn57UuWQkxHsoHSMYRpI3tRL3WnHR0FiOAujZl2a0konaFXbxpMLCLHuy_hPJLJU_Ydbzr4AgwUWmL7-tQJpT_5frufAl-dNR1B1DwvgHhpSlnDfg16bF3b_Hu1hkUyur2w7IX_NkSgK2dsQrwmX_UrmzyocwUXJ1_pYeYJoUACs2FLypSPBDoZthm0lvfjQalhPhA0dqV3rKuLZwt49UeUVIpDw4yEoEkvcS3-zn3euFJOW0BcS_jisy-tMf9faxbtVPJpqurGCPoge8LHOPIyt35ooJ8ijkuI1lf5SnRD39gOC4DPV-iZS1W
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://lodehoyrd.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

66 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.lodehoyrd.com/	1970-01-21 00:37:19	Name: __gads Value: ID=c07a63fee2209e71:T=1696543306:RT=1696543306:S=ALNI_MZXdiZB9aejlLrc-7V2wh_8Kgaw_A
.lodehoyrd.com/	1970-01-21 00:37:19	Name: __gpi Value: UID=00000c8f6aebe935:T=1696543306:RT=1696543306:S=ALNI_MZO9-I4OzFqUWReOnorv7t4ObNikg
.doubleclick.net/	1970-01-20 15:15:46	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 00:37:19	Name: IDE Value: AHWqTUmLCYMueYrp2Pk5rOqEb9rFkljhb_a2cVBEd74c4TVly2xgvPY8qYPO6QfbvSY
.ctnsnet.com/	1970-01-21 00:01:19	Name: cid_79e6f5e0178e4fe7bce8988423526fa0 Value: 1
.ctnsnet.com/	1970-01-21 00:01:19	Name: gid_CAESEJrLIEdxveX4D9EuOiq7pO4 Value: 1
.agkn.com/	1970-01-21 00:01:19	Name: ab Value: 0001%3ALFJZIAOD%2FCTc8U9c8lCqAr%2BrkV%2FLs0Cl
.agkn.com/	1970-01-21 00:01:19	Name: u Value: C\|0CEAsse7MLLHuzAAAAAAAAQ13AQCAAQpAAAAAAA
.w55c.net/	1970-01-21 00:47:24	Name: wfivefivec Value: rkESxjuZ1QOwpK5
.w55c.net/	1970-01-20 15:58:55	Name: matchgoogle Value: 5
.everesttech.net/	1970-01-21 00:01:19	Name: everest_g_v2 Value: g_surferid~ZR8yTAAVqw8WcAAb
.tribalfusion.com/	1970-01-20 17:25:19	Name: ANON_ID Value: avntuJtMPmFUTgUpySVosC34XUu6iHrWI0sm6NQjr9qFnhHc0mNdMU2NJ9kTDO43VB8oZaUWUZaL3qKggqNh3QnpOO
.googleadservices.com/	1970-01-20 17:25:19	Name: ar_debug Value: 1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
cm.g.doubleclick.net
d.agkn.com
dclk-match.dotomi.com
fonts.googleapis.com
fonts.gstatic.com
gcm.ctnsnet.com
googleads.g.doubleclick.net
lodehoyrd.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
s.tribalfusion.com
sync-tm.everesttech.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
142.250.186.162
151.101.130.49
2606:4700::6812:18ad
2a00:1450:4001:806::2004
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:81c::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a02:fa8:8806:12::1400
35.157.117.145
35.186.193.173
51.75.86.98
51.81.152.36
52.28.179.219
006932105ea9c4cf60445af3c51b0468481ba2dcdb6a7485d110db8c1d580674
041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0aeaeae89f3d20503c9bb4f177218f6ddf6d7de816e744ecf51408ddccf74e56
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d3c1b39c2ce535fd92cd31a94f9f198ed5921bcd0650878c4c0f26787d11ab5
0ef7e00750f06efee8a0074f2984b78a62c1a0f8cb971f01197532d57a78a836
0f380fdee43a0103d5cd9bee42e3822ac60512f918a7ed2f805cdaefc5beadc5
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
14b8226608e96db977b90824eb0614e330a9cf28ea6e8d3c5325dd9fe049a07e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1cdc5272f4719ff59e37324c8c4811884538a31ffe610b7983b94fc376e8a73f
1fcd72fc13198bf4a9365bfd4c1ce1bc0a54a92c96a630cfadc353ed34c46b3b
204b7a179fa4d252cc235869fe321e828a0833fdc989c8735c5ce3d640b3ba00
21b589bbc25d38fbf4c8168b0801ce4cf9d0aa1d372ae1ac773574aaeb10c08d
29f6faf0d0baa58f6e94868c69e7a40a9535ce1dc3f702abe9cffc1f29898fa0
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2f20add2ff01fd9c888cc30daeb42bf93257fd0437482fb47a6b5b83cbda9c28
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3284b19c3de342dc4c4a250b7a7bb627267a9a4a8b982f6c80dad62eb27667d1
39c5deaffd7f09a38db3c00c4c9f1e96daebce5576e948272cfc649e894f9d22
3a0fc8afb93a2a7b0f1abba9a3236683abe512e2480e7d6254073e17e6b1dcc6
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3d1a7de1cf073f8291434268d230bd2282c8fd1a468ce2f348755a0524dfeb53
411dd371f27b3af3e1a60caf5cfa4fda34b78c4ccf168f42bee6340db6f54783
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
45d1f5f6cf913746c45dd697b1a8f3b719c02d8b3f678dc7fc2766d54e1aaf6e
47b837450bb4a5fff90676fe80c67fea3fec2fa3459a55dfa31add00c1226073
49640a621ddf8a2da7d6e6ce9aa0faba742b0ea7d5f2d2b465efec5d9a480e9a
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9
51043dd1f5f4053d920d79049b087813702cbe1c0e4ac623b06f27cabe289e90
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a04a9d6e28f93c2312520967deb79b193784aee977562cf093c64095966ce0d
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6c23cd82495af323e62675d0e07c850b97061fc425847b4404a2e2c4a4a9c41a
6c4ca119cf1bceba15e6b59d19c9a913dcfa12dd54b9ca0900890819adfae5e5
6cae06665d26b473f021a9a237bdda85b6c0a725529f6bc8c7f7853c1d5966dd
6e401908e197f237fa4a6e7005535910ff7e719adc318233c2ab9e4ab7c6475d
7023ab66173e3baed0c45a3607aeca1218a84d1f6bbb4d9243678707082e31cf
729bb9007929a8af5c6f300c99e7c5899043ed1734d39fd6f4e0361b94d1adbc
76fa60ed57bfa134bdc5ebf61c8fc8f34c478abf3ddb5523fe14fed62e2ff8b9
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bfc17d9caa5df419d961f8455fc584d5ea4ad8013a67e43a58f34715c1cbcf9
7f8d937ac3c24cd9099dccaeb3e160dba15d6396b7f8ada3ca95f9ef24633aee
84753d6a66ec6eff0c019886a819f965370b7bc2b46dfdf4326db9e7ccf7bf43
89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec
8ecfc17eabd74dea1fd273f66f09cc540b15fe6340f0735f33ca852187cba8de
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9532b324b473a693670509448f3e455ae68f912a38898355394885a70b335fcf
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a8cf25cadab9e2e07d52eabd4d9b7dce23141ed3a3ebbcbf6d6d9aed135c5931
a8e15350998652fe1784d6af3ce85f5a9ccb7f0191aeeb3b96c5e2b450ddc950
a96924ddd5fb2ea84242905ab60d5ba262bb28e91fd6f097a077db0a63728dec
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b8bcc15a7ca6fc144d7bf3e9bd0ebdf0320af59a6ebc84bb6d88faf9e4344b91
be17dc7488d98c61cd4801799db0766c12323e4e83249305a5a2c6f5609663f9
bff000550d69e34ddf214963c24bbb72139000b5aad864292933376c46198e9f
c2b09643e58ded9316fb73dfab3ffca42772599008066cf599bfc7fb40766c1d
c2fb0b4e76f7ecddceb79fb156c637b3bac113f348ee449ca10db892f27517f2
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c9bb40cefe87d2b65103b30be083f0dc8f963f3c930f230d905b811b6eb82f47
d244261ee6ed4e08aeabad26bfca35c27f3b5adf2436013dda1d1678bb664b19
d6d6e46930da4e1478e1cbe450234a663fabdd826a486a01d453b38d9379b595
d778b3af67b9c33e0b39d60e98ce5b8bfdade773bf74dce424667488b006c7c4
d88b2f05bcd6de59fcdc958ab1c6f63d0225f275d24ce003381c09deb3a4bf1e
e02af7df9a190d88380e2dcec2050ecaa493ae2d23526dbeec67f6907df3a752
e0309fd597700b89310de557575438fb73dbee569cf734340057c0884ce91c20
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ecb6315d2b09ac5eb2d962012bda840e751ea5155c51a11db94d9b28c4974fe6
f496f0b2acb488f65713f60c528a3ee405d53c6dff6c3ec27e7e691d39221e0e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7
fbc199bf7f97061c41664b040e84616a0cb54441a2efc5801d5d401d3a049f3c
fd57ae7228574a83527cb8917ec5a0ff944aa787934ee5b85a7976f259b7ae31
fd9e718ca4345df5ed11f797b0bfe75e86dade2f254cef31b4c7739e5756ab8a
fee86fd46a67912ffd9ae2997c583f59abe6e11c532496c52759e94136837d48

lodehoyrd.com Open in urlscan Pro 51.81.152.36 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

110 Requests

71 %HTTPS

58 %IPv6

15 Domains

20 Subdomains

15 IPs

4 Countries

4642 kBTransfer

6870 kBSize

13 Cookies

2 Outgoing links

Redirected requests

110 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lodehoyrd.com Open in urlscan Pro
51.81.152.36 Public Scan

Screenshot
Live screenshot

Full Image

110
Requests

71 %
HTTPS

58 %
IPv6

15
Domains

20
Subdomains

15
IPs

4
Countries

4642 kB
Transfer

6870 kB
Size

13
Cookies

110 HTTP transactions
1 data transactions