cuspajz.com Open in urlscan Pro
213.202.101.122 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cuspajz.com/
Effective URL:
https://cuspajz.com/
Submission: On February 11 via api (February 11th 2024, 5:51:15 pm UTC) from US — Scanned from DE

Summary HTTP 86 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 17 domains to perform 86 HTTP transactions. The main IP is 213.202.101.122, located in Bjelovar, Croatia and belongs to ASN-ISKON, HR. The main domain is cuspajz.com.
TLS certificate: Issued by R3 on February 9th 2024. Valid for: 3 months.

This is the only time cuspajz.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	213.202.101.122 213.202.101.122	13046 (ASN-ISKON) (ASN-ISKON)
18	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2606:4700:303... 2606:4700:3037::6815:3248	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	104.20.94.138 104.20.94.138	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
1 9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1 1	54.78.153.75 54.78.153.75	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20a... 2600:9000:20ab:8a00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
10	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
3 4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
3 5	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
14	2a00:1450:400... 2a00:1450:4001:82a::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
2	216.58.206.34 216.58.206.34	15169 (GOOGLE) (GOOGLE)
1 2	52.19.82.212 52.19.82.212	16509 (AMAZON-02) (AMAZON-02)
86	21

9 213.202.101.122 (Bjelovar, Croatia) 1 redirects

ASN13046 (ASN-ISKON, HR)
PTR: studsto2.croadria.com

cuspajz.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3037::6815:3248 (United States)

ASN13335 (CLOUDFLARENET, US)

www.vegcook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.20.94.138 (None, )

ASN13335 (CLOUDFLARENET, US)

c18.statcounter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.153.75 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-153-75.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20ab:8a00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 172.64.151.101 (San Francisco, United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.171.52 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:82a::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.206.34 (United States)

ASN15169 (GOOGLE, US)
PTR: lcfraa-aa-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.19.82.212 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-82-212.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	637 KB
16	doubleclick.net 4 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 cm.g.doubleclick.net — Cisco Umbrella Rank: 258 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 566	96 KB
14	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 321	374 KB
9	cuspajz.com 1 redirects cuspajz.com	27 KB
6	vegcook.net www.vegcook.net	111 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627	3 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 252	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2173	21 KB
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 99600	1 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 139
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 808 static.adsafeprotected.com — Cisco Umbrella Rank: 625	697 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 171	89 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	7 KB
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	256 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	85 KB
1	statcounter.com c18.statcounter.com	491 B
0	facebook.com Failed www.facebook.com Failed
86	17

	Domain	Requested by
18	pagead2.googlesyndication.com	cuspajz.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
14	s0.2mdn.net	cuspajz.com s0.2mdn.net googleads.g.doubleclick.net
10	tpc.googlesyndication.com	googleads.g.doubleclick.net cuspajz.com tpc.googlesyndication.com s0.2mdn.net
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	cuspajz.com	1 redirects cuspajz.com
6	www.vegcook.net	cuspajz.com www.vegcook.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	skydeutschland.demdex.net	1 redirects googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	cuspajz.com
2	www.googleadservices.com	cuspajz.com
2	www.google-analytics.com	cuspajz.com www.google-analytics.com
2	connect.facebook.net	cuspajz.com connect.facebook.net
2	cdnjs.cloudflare.com	cuspajz.com
1	www.google.com	1 redirects
1	static.adsafeprotected.com	googleads.g.doubleclick.net
1	pixel.adsafeprotected.com	1 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	www.google-analytics.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	c18.statcounter.com	cuspajz.com
0	www.facebook.com Failed	connect.facebook.net
86	23

This site contains links to these domains. Also see Links.

Domain
statcounter.com
www.vegcook.net

Subject Issuer	Validity	Valid
cuspajz.com R3	`2024-02-09` - `2024-05-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.vegcook.net GTS CA 1P5	`2024-01-10` - `2024-04-09`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-11-20` - `2024-02-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
statcounter.com Sectigo RSA Domain Validation Secure Server CA	`2023-12-05` - `2025-01-03`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://cuspajz.com/
Frame ID: 8E24A511D2350D36F7449FF00C13B713
Requests: 21 HTTP requests in this frame

Frame: https://www.vegcook.net/cuspajz-com/?version=1792112106
Frame ID: 75CF4BAA0DF359BB0CA2E5ED08F75FCA
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: 6C3394239372C7CCC1771376D79120D7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=90&slotname=8078270397&adk=3898366583&adf=253855745&pi=t.ma~as.8078270397&w=970&lmt=1707673871&format=970x90&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871637&bpp=2&bdt=168&idt=149&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=605268166195&frm=20&pv=2&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=161
Frame ID: 907F7D4EBAB6E5AE3ACD3D23F85E646B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=600&slotname=3787671599&adk=3798632441&adf=1962065156&pi=t.ma~as.3787671599&w=300&lmt=1707673871&format=300x600&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871640&bpp=1&bdt=171&idt=169&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=605268166195&frm=20&pv=1&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1116&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=171
Frame ID: 5C3A482390706D4A51F0C40E8DEAB70D
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&adk=1812271804&adf=3025194257&lmt=1707673871&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fcuspajz.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871653&bpp=1&bdt=184&idt=163&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x600&nras=1&correlator=605268166195&frm=20&pv=1&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=169
Frame ID: 1F2BC5CA8C225332D8929D9DDA477A59
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGMvs5oACMAE&v=APEucNX5Yk4dPuzDa6MqDmPztDNDyElAXPTHCOXWet-spesOOiH_qAU49uQ06pOHySbBpoFiGZjBa_sRnZToS3S_oFy0oo2VLmNdaTnNjXtfZbdvQZgawRJWaPMotqboyFYM0WZYH5GtihVj64eemmnHFi5Oa4XxLzPd3jYx-_aijTYCQu77hYc
Frame ID: CE1D7A3CD41CDC942F6107781FECEC87
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: 7FB5528DF8EC8E69679021F1948A7A61
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: FE3421BF5D850BBE19F3CB33FF12686D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: BE3F92EA14F03BDF3884E5A6F2092AAC
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Frame ID: 61EF755A5105635BF2163BA82CC1DD4B
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
Frame ID: 469A59A8D3A51FF537AC48E900AF2692
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Frame ID: DCF0B7F824D4A1B9F985A73C7F4DFE3A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/v2.0/plugins/like.php?app_id=251862128215878&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9dc4f5a2be2d2e35%26domain%3Dcuspajz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcuspajz.com%252Ff4bc092a88387e3dc%26relation%3Dparent.parent&container_width=61&font=verdana&href=http%3A%2F%2Fcuspajz.com%2F&locale=en_GB&sdk=joey&send=true&show_faces=false&width=576
Frame ID: 79DE5847AB6BB610E6CB9A03BF6569F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cušpajz.com

Page URL History Show full URLs

http://cuspajz.com/ HTTP 301
https://cuspajz.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Page Statistics

86
Requests

90 %
HTTPS

59 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

1449 kB
Transfer

3243 kB
Size

24
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://statcounter.com/free-hit-counter/

Search URL Search Domain Scan URL

URL: https://www.vegcook.net/
Title: VegCook.net

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cuspajz.com/ HTTP 301
https://cuspajz.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://pixel.adsafeprotected.com/rfw/st/1878143/77330003/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015562965&ias_pubId=pub-3495323231934799&ias_chanId=1&ias_placementId=20877950559&bidurl=https://cuspajz.com/&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0jmUkva6qJMzXAHNbH7vGW6 HTTP 302
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

Request Chain 34

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1&C=1

Request Chain 35

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZckJEFVbLT8AABP4AD0CBgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1

Request Chain 36

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEBaxdk8MUSrVkuASEuS7Z4w&google_cver=1

Request Chain 37

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MzQxNTc2MjcxODQ3ODc4NQ%3D%3D

Request Chain 51

https://googleads.g.doubleclick.net/pagead/adview?ai=CHEzXDwnJZdWXM9mhiM0PzrW_mAn-5vvzdMjVj8SSEWQQASC-wb4FYJXikIKgB6AB38b40gPIAQOoAwHIA8kEqgTmAU_QEuzhhvxg47x2T6ZMnqH-moEXUiHn3pHVMfktfDv8pcwpjugJfK2abW3jbYqp-wUdbrK-wSZU5UoDzefmlELTgzLWPliCARi9uabz0S3Z9PFhcXmmp5hxJ6C4eo4q3U2G5LDgD3FH_hSuTm0zGwLOz47t5OTfmiOSehstXMn5lgMTcpvVpHFjsk_HrTyRomm_GwVBqkyvC0PAD0UXROURqMmxwjcDkfOvwzvStZ5VwxpoQ6XVZOjr7zMDSmSKxfaCLyrHl-da6RceZhUk9TqN_3M4C3prGs6wAImyYZgKv2WFuiZ_wAS5sbz9MYgF4cCoV5IFBAgEGAGSBQQIBRgEoAYDgAeJuYctqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQq5Yl0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpYrryX9OyjhAOaCSJodHRwczovL3d3dy50YXJyeXRvd25qZXdlbGVycy5jb20vgAoByAsB2BMC0BUBgBcBshccChoIABIUcHViLTM0OTUzMjMyMzE5MzQ3OTkYAA&sigh=NtC6wQftQMg&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_i5b1u2kq8sRi1KXMXx06VJXuCX2bFm2h2E2WeBfmmXXp1RE0cklPrPBoTyPtHyuNAXesE53CxUVdkltK80tdbs9zuCbNe0-fxRgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216314424886027695102%22,%22debug_reporting%22:true,%22destination%22:%22https://tarrytownjewelers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979247967%22],%2222%22:[%22true%22],%224%22:[%2202-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223572181669263297761%22}&andc=true

Request Chain 52

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 57

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184944003&d_placement=383215309&d_campaign=31191216&d_bust=2124502353&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184944003&d_placement=383215309&d_campaign=31191216&d_bust=2124502353&gdpr=&gdpr_consent=

86 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
cuspajz.com/
Redirect Chain

http://cuspajz.com/
https://cuspajz.com/

9 KB
4 KB

129ms
38ms

Document
text/html

213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to

Full URL: https://cuspajz.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PHP/5.6.40 PleskLin
Resource Hash: 9db30e68535b50b60144356417e573bd6db535d839023c52ddcd11a6f68291c6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 11 Feb 2024 17:51:11 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.40 PleskLin

Redirect headers

Connection: keep-alive
Content-Length: 289
Content-Type: text/html; charset=iso-8859-1
Date: Sun, 11 Feb 2024 17:51:11 GMT
Location: https://cuspajz.com/
Server: nginx
X-Powered-By: PleskLin

GET
H/1.1 200
OK cuspajz.css
cuspajz.com/inc/ 16 KB
4 KB 34ms
33ms Stylesheet
text/css 213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to

Full URL: https://cuspajz.com/inc/cuspajz.css?v=2.02
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PleskLin
Resource Hash: 092b8c9ebc1cd4ed98c8fa0a20d118737649861ce8cdb7ccf40cc61ce495ea8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 17:51:11 GMT
Content-Encoding: gzip
Last-Modified: Fri, 06 Oct 2017 21:34:29 GMT
Server: nginx
ETag: W/"59d7f6e5-3e6f"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 12 Mar 2024 17:51:11 GMT

GET
H/1.1 200
OK iframeResizer.min.js Show response
cuspajz.com/inc/ 13 KB
5 KB 66ms
32ms Script
text/javascript 213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to

Full URL: https://cuspajz.com/inc/iframeResizer.min.js
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PleskLin
Resource Hash: 9230675eb04d0dc784320dbbf198ec094109f15ad63f64e9d79f0df6eed885d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 17:51:11 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Apr 2017 20:10:28 GMT
Server: nginx
ETag: W/"58ed3834-3213"
X-Powered-By: PleskLin
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=2592000
Connection: keep-alive
Expires: Tue, 12 Mar 2024 17:51:11 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
51 KB 74ms
52ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f7bd3e5da73119bd384be741e5267f35ffd6e02c06d1988a693625fcead81e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51284
x-xss-protection: 0
server: cafe
etag: 10704466653128396818
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 11 Feb 2024 17:51:11 GMT

GET
H2 200 cookieconsent.min.css
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 4 KB
1 KB 72ms
56ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.css

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 7836415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 948
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-f62"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HWg1Azf5NXlHj1m8nex0oz9BAI%2FPsAFTknwJT8BMvrKoDCy5FZdMuxzp7sGEXm8QI0YW5Bf1cKTQzYu1X1TpILCmY443WZBU8F9Uuo8bXBwEQ%2BAU7GnWA%2FSN7PLpuuQQJSzXiVDCJ%2BAs00OshzPiaqvZ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853e7040cf304d38-FRA
expires: Fri, 31 Jan 2025 17:51:11 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 62ms
46ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 334058
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5676
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N4AQM3VnpF%2BMOwfoLpG7k7XvSPHXC8DkUTuWKr0ebnIJHJMtq9KtOhbBtuP25zG6HQ8az%2Fz1NYfhihKKMeRymkoYYcwW%2BnVYe307zvLfWPoGK9x7HSccF0f896szLJDIE%2F6RnCd%2Br%2BdWLrfdzui%2FgWxU"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853e7040cf324d38-FRA
expires: Fri, 31 Jan 2025 17:51:11 GMT

GET
H2 200 / Show response
www.vegcook.net/cuspajz-com/ Frame 75CF 3 KB
2 KB 2756ms
2307ms Document
text/html 2606:4700:3037::6815:3248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vegcook.net/cuspajz-com/?version=1792112106
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6115a449c31f763d7ba09b3365546e5c5579c531557515a9326fa7e2e2e0f0da

Request headers

Referer: https://cuspajz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: max-age=604800
cf-cache-status: DYNAMIC
cf-ray: 853e70446938462b-SIN
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 17:51:14 GMT
expires: Sun, 18 Feb 2024 17:51:12 GMT
link: <https://www.vegcook.net/?p=2729>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
referrer-policy: no-referrer-when-downgrade
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NPu7W%2BSnG4aydaYpaBh%2BJmrm47iK2pRTx8nvpYSI57eepfr1%2BPn9yWXp21rdRJh5bWsfe9vZ65ZbklrtndL4D5Xi0PPmi%2FN0j6Ae7obUU929XSAwv99o8Ee4ZV9lwn3Zdtjzivf5hjfhSNe02Lc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent

GET
H2 200 sdk.js Show response
connect.facebook.net/en_GB/ 3 KB
3 KB 22ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

de3163bbd3b57dccf21bdfa2bd4dc5339ab5b8a815950b7677aa539bb90e7dbf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 17:51:11 GMT
content-md5: FZuleewp5kMe2BpkZcZbXg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: zMPyUu0Nyayx9wg9l2kBJPYiq2tXGoR3v75fR1spqI0RLyjzZdPtTlFKMG/5yDkFKlx2GoqtEBdDVnfgdEKaPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 1fe9e18c21031889e5b4814986405b62
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "139c5f61353a00529ddb25cba5b08045"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
expires: Sun, 11 Feb 2024 18:07:09 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 17:30:42 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1229
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 11 Feb 2024 19:30:42 GMT

GET
H2 200 counter.php
c18.statcounter.com/ 173 B
491 B 549ms
513ms Image
image/png 104.20.94.138
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c18.statcounter.com/counter.php?sc_project=1935988&java=0&security=66571525&invisible=0
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.20.94.138 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 818d679ad5505e37bdde3140e76c1672e9c5b06b7474cd3fc6b75e552a221f50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:12 GMT
cf-cache-status: DYNAMIC
server: cloudflare
content-type: image/png
p3p: policyref="http://www.statcounter.com/w3c/p3p.xml", CP="ADMa OUR COM NAV NID DSP NOI COR"
cf-ray: 853e70416ba64dcb-FRA
content-length: 173
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK l.png
cuspajz.com/i/ 5 KB
6 KB 31ms
30ms Image
image/png 213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cuspajz.com/i/l.png
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/inc/cuspajz.css?v=2.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PleskLin
Resource Hash: 14859b1c65439ee387351ff8fb06127e4a60402302612a3da013fc294f73ca5a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/inc/cuspajz.css?v=2.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 17:51:11 GMT
Last-Modified: Tue, 13 Nov 2012 10:05:40 GMT
Server: nginx
ETag: "50a21b74-1530"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 5424
Expires: Tue, 12 Mar 2024 17:51:11 GMT

GET
H/1.1 200
OK h.png
cuspajz.com/i/ 902 B
1 KB 33ms
33ms Image
image/png 213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cuspajz.com/i/h.png
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/inc/cuspajz.css?v=2.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PleskLin
Resource Hash: aac41a6e78574096f98af8bf677d8cf8af823dede0a66d2e6226bd0400c32f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/inc/cuspajz.css?v=2.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 17:51:11 GMT
Last-Modified: Tue, 13 Nov 2012 10:05:34 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "3605d2-386-4ce5d8f0b3780"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 902
Expires: Tue, 12 Mar 2024 17:51:11 GMT

GET
H/1.1 200
OK c.png
cuspajz.com/i/ 4 KB
5 KB 62ms
30ms Image
image/png 213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cuspajz.com/i/c.png
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/inc/cuspajz.css?v=2.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PleskLin
Resource Hash: b3bc505f6331ee43865b057368bceae706776d44ed6d225c40c58a8d8580bd7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/inc/cuspajz.css?v=2.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 17:51:11 GMT
Last-Modified: Tue, 13 Nov 2012 10:05:38 GMT
Server: nginx
ETag: "50a21b72-1183"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4483
Expires: Tue, 12 Mar 2024 17:51:11 GMT

GET
H/1.1 200
OK t.png
cuspajz.com/i/ 509 B
871 B 71ms
37ms Image
image/png 213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cuspajz.com/i/t.png
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/inc/cuspajz.css?v=2.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PleskLin
Resource Hash: 6384c0e613651a07daee210a57a9f6ba941b77a15c4e12a3d489023fd0cc854a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/inc/cuspajz.css?v=2.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 17:51:11 GMT
Last-Modified: Sat, 18 Apr 2015 12:03:36 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "3605dc-1fd-513fe7c903600"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 509
Expires: Tue, 12 Mar 2024 17:51:11 GMT

GET
H/1.1 200
OK m.png
cuspajz.com/i/ 1 KB
1 KB 79ms
28ms Image
image/png 213.202.101.122
ASN-ISKON

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cuspajz.com/i/m.png
Requested by: Host: cuspajz.com
URL: https://cuspajz.com/inc/cuspajz.css?v=2.02
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.202.101.122 Bjelovar, Croatia, ASN13046 (ASN-ISKON, HR),
Reverse DNS: studsto2.croadria.com
Software: nginx / PleskLin
Resource Hash: 4bb025cebc86de34d61f141a2772929cbdf0e1a9a55fe016dec0dd4c5fa9cdbd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/inc/cuspajz.css?v=2.02
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sun, 11 Feb 2024 17:51:11 GMT
Last-Modified: Tue, 13 Nov 2012 10:05:33 GMT
Server: nginx
ETag: "50a21b6d-4a4"
X-Powered-By: PleskLin
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1188
Expires: Tue, 12 Mar 2024 17:51:11 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_GB/ 298 KB
85 KB 19ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk.js?hash=0053e8ce46338d3a597de2d216fa8120

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e24396413e46d9f9abbe6ef1d3891fe61fce061e5b8bbbd21ecf14b4377415a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://cuspajz.com/
Origin: https://cuspajz.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

permissions-policy-report-only: autoplay=(), clipboard-read=(), clipboard-write=(), display-capture=(), encrypted-media=(), fullscreen=(), picture-in-picture=(), xr-spatial-tracking=();report-to="permissions_policy"
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 11 Feb 2024 17:51:11 GMT
content-md5: azYqGRV/ESCwu1fq4Ymw8Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 87216
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-debug: o6p6wiw9R6eh4ajoZARQBJodidNeb7J4exuQE2l9bGos8Ur4zQd3F3vgWHlsbedgwCLYDCPq9CNtGbFPBS/r8A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 782552399ef84d1d9a8ee2eaf996ca8a
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
etag: "b6a72c19bf7488080033414fc6eff41d"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
origin-agent-cluster: ?0
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=();report-to="permissions_policy"
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Mon, 10 Feb 2025 16:27:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 16 B
219 B 13ms
13ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=668561542&t=pageview&_s=1&dl=https%3A%2F%2Fcuspajz.com%2F&ul=en-us&de=UTF-8&dt=Cu%C5%A1pajz.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAAABAAAAACAAI~&jid=940118767&gjid=848975450&cid=166702139.1707673872&tid=UA-683179-1&_gid=1825266982.1707673872&_r=1&_slc=1&z=1093884139

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

debf5176c2e02659168068f663a50c9c9e29a8d42b49d3b6ae42c527d75b65c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cuspajz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cuspajz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
343 B 49ms
17ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-683179-1&cid=166702139.1707673872&jid=940118767&gjid=848975450&_gid=1825266982.1707673872&_u=IEBAAAAAAAAAACAAI~&z=902489470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cuspajz.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 11 Feb 2024 17:51:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cuspajz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 239 KB
85 KB 42ms
20ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-V6YZJ4YFKG&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b3f596de815de6bc605ce5a331ed40f7225d5302ffc281890d2ac9bfdd810ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:11 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86186
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 11 Feb 2024 17:51:11 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/ 406 KB
138 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3495323231934799&plah=cuspajz.com&aplac=true&bust=31080872

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

84ddb7165374259e268e895b78226182cd9c45085acfb85198e79c73baa95e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:11 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140901
x-xss-protection: 0
server: cafe
etag: 4024945814189413425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 17:51:11 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 6C33 9 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cuspajz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52165
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 03:21:46 GMT
etag: 3890843268177463596
expires: Sun, 25 Feb 2024 03:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
251 B 41ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-V6YZJ4YFKG&gtm=45je4270v9135314662za200&_p=1707673871599&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=166702139.1707673872&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=EBAI&_s=1&dl=https%3A%2F%2Fcuspajz.com%2F&dt=Cu%C5%A1pajz.com&sid=1707673871&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=492
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-V6YZJ4YFKG&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cuspajz.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cuspajz.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 907F 27 KB
11 KB 423ms
423ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=90&slotname=8078270397&adk=3898366583&adf=253855745&pi=t.ma~as.8078270397&w=970&lmt=1707673871&format=970x90&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871637&bpp=2&bdt=168&idt=149&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=605268166195&frm=20&pv=2&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=161

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3495323231934799&plah=cuspajz.com&aplac=true&bust=31080872

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0bbb596346cb7cfb9d60f5b2269d60437d8e784ac3ef5a4ec5f6bab8d539debe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cuspajz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11004
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:51:12 GMT
expires: Sun, 11 Feb 2024 17:51:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5C3A 107 KB
40 KB 538ms
538ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=600&slotname=3787671599&adk=3798632441&adf=1962065156&pi=t.ma~as.3787671599&w=300&lmt=1707673871&format=300x600&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871640&bpp=1&bdt=171&idt=169&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=605268166195&frm=20&pv=1&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1116&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=171

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58843ede0f98019fae2130feb320d9d715b1e8068af23002d4f7be8546b09be0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cuspajz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40401
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:51:12 GMT
expires: Sun, 11 Feb 2024 17:51:12 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F2B 0
19 B 51ms
51ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&adk=1812271804&adf=3025194257&lmt=1707673871&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x1080_l%7C164x1080_r&format=0x0&url=https%3A%2F%2Fcuspajz.com%2F&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871653&bpp=1&bdt=184&idt=163&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90%2C300x600&nras=1&correlator=605268166195&frm=20&pv=1&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=169

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cuspajz.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:51:11 GMT
expires: Sun, 11 Feb 2024 17:51:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CE1D 624 B
246 B 57ms
55ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGMvs5oACMAE&v=APEucNX5Yk4dPuzDa6MqDmPztDNDyElAXPTHCOXWet-spesOOiH_qAU49uQ06pOHySbBpoFiGZjBa_sRnZToS3S_oFy0oo2VLmNdaTnNjXtfZbdvQZgawRJWaPMotqboyFYM0WZYH5GtihVj64eemmnHFi5Oa4XxLzPd3jYx-_aijTYCQu77hYc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=90&slotname=8078270397&adk=3898366583&adf=253855745&pi=t.ma~as.8078270397&w=970&lmt=1707673871&format=970x90&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871637&bpp=2&bdt=168&idt=149&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=605268166195&frm=20&pv=2&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=161

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=90&slotname=8078270397&adk=3898366583&adf=253855745&pi=t.ma~as.8078270397&w=970&lmt=1707673871&format=970x90&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871637&bpp=2&bdt=168&idt=149&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=605268166195&frm=20&pv=2&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=161
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:51:12 GMT
expires: Sun, 11 Feb 2024 17:51:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 7FB5 93 KB
33 KB 51ms
49ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33320
x-xss-protection: 0
server: cafe
etag: 12501049806231860069
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 17:51:12 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 7FB5
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1878143/77330003/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&bundleId=&ias_dspID=3&ias_campId=1015562965&ias_pubId=pub-3495323231934799&ias_chanId=1&ias_place...
https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=

43 B
483 B

69ms
16ms

Image
image/gif

2600:9000:20ab:8a00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=90&slotname=8078270397&adk=3898366583&adf=253855745&pi=t.ma~as.8078270397&w=970&lmt=1707673871&format=970x90&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871637&bpp=2&bdt=168&idt=149&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=605268166195&frm=20&pv=2&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=161
Protocol: H2
Server: 2600:9000:20ab:8a00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Mon, 11 Dec 2023 17:29:44 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 5090b605a7b968781de55827dd170bf2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS58-P3
age: 5358089
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: -iddDsZmreS05KgF1e-M6jDGpjAsJEF2j2bzuxMWKFna6JQFTNgxBw==

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
server: nginx
x-server-name: app21.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_xappb=
cache-control: no-cache
content-length: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7FB5 3 KB
1 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 14:07:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7FB5 20 KB
9 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 22:58:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7FB5 203 KB
61 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 18:06:48 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FB5 42 B
63 B 40ms
39ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DovUwNzDthLqDvcD0aqrdkQZoeiIpT_ZaYQ9A-ZhSOLmg1Q5l_vcb9jZtX59KUbCGCRnoI7IhcSbsCqUIRXq_NOnvWIuUVvOTxJFigeJ1JKHg737s

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FB5 0
20 B 39ms
37ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8897188549146&version=m202401290101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FB5 0
20 B 38ms
38ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8897188549146&version=m202401290101&ct=76&x=1&cor=1065478885125344800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 7FB5 102 KB
40 KB 70ms
69ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqnBWyoG-z_NWgf5UR83apsigVU4HvHObP6RBNLsX8Eo-DWSiT68r86SRbH6kFDmMJfjWOMMpKKEWL44mxcH9odkE96spFomxj6oYmU30RnM0OLGJleHkaVijcdrGBsMe1RT230kSzwwyzz_VzA9dac2O0qdiyDsU9wdUr0JArvo5X0so&dbm_d=AKAmf-AHFzfq-IqsrM-pV2iqZKWZ6M2OmQUDH4oOq-xaq242AEJ0kWOFnJ6qEhZfXbM7MSiqG34hDi6grV6X6jH-zrndHBi7z0gQ9a4Pp6L14RQIAfRpchNzItw-RM_vaCiqgDG3Uv27WKlEOHILbYRI4f02gk92FQNc051d7VdHch7TThHsEWuIxxId3Zt7u_gn3fJcv_QM-8vPzYfnaL-PvCz9-qlPgcvBWDTGGKgcmAPD5yTruiXe4Kg2Q9mfA3OyBDBFxzecew9eyO25qxAdQtm-p2zqwmjLrxcM7Pwp8c0OGlxZcNS1vJ6sjcmIWGIYHRxszblmGA5KPvICz0RhcMfyzl45I2FPfuACvVXqGn2Ery6EFacRwKhtjwrjFdl-sGHgdikCBfqsssnZuZWvNZbamtMpVvkrfiFv8u3HBu9DksgtTFbfHHVav5_Itri5A_Akbl6y8ckCjzE8Uyrc3cGMGc24suu7TRpkkjDHPG5AUIUQE9IskuHPWbewAJPzvgscdxCC_acvwrCUNIl66edPKAk08HHu3DZQDW2FdznQX4x0ou8s1F_pVgVF4YucL_q8wHN-ePku6m8BwANbLCgvm_Exz3xFEXDoA6zzQRiJhcp22Zxw8hywb3xoA242_J1vMLyTvV0lTLqi0_A8BkHkDSZ1uyP2WTRBvROF36DJQyWyOBwykr0IYAhMG8yfw0ZANvZw-zADB_rFXaTrbtWVsiQiVgeKIS_YytFKUK7BGhkAEK6QO13GipkKwlsH0nRVMDnW5rWL_R3_-NbIXDATWFj8WvCnv8XDnxjIjveg0SUW2Qafgb0mIXoUBYdVUBPpQdYk3PFxwAe9_ZHTI64saokStXPs-55koNfEEijicVfxx1VB1DSYfdnz6MFdkN8sgrJi1j6PxIKPw2qZLvQKeTA3ad_Mv4YPmoQfDtn9rvRHbK1FAXFEOrPL6Yjt2sFOOH-kuQxKVUeq91zxDTcTwXjqs7tKFZ4niqeZRbzb41yheHdtM8ldguVrWmZBpfRjMIy3NJudvxgEMbVijDpWBByzz54XzcdaBjQve0cJSdkd3sTA_zm_F2h1m_eT8BaRgE3sR0N73h2HyD_PrkoSTR2maoWWvdEeflxlbqK8sYliGuSUf_845VANT3qfpQBqyd68lk2TiI8twNFOxS8HlcnS0N3XsAhF12-QZU8zUegniV2iGN5fJEwKuNQtcm96hxBtJcLCXfekjO1llngdGiQl126ukXm6QctJXJRRSSrdAQfLSvFCZf6xBviqPVz_RDjzoqNeI2e2NpYw7-R1e50-cX6KoF7RbOUzD60acP0MlL8BbFtKnRAVTJlqVtnRUD-1YFIUgFpaNgqsovoSG0qdGecvcn4CpXySiafrV3LLAD0J82zg2iPDDapm36ZDzCGJ_5YDctTKi-R7_b4YTCWL4NZKRUFS0Kp4Ff_Q70BrVsOJ0dk9adwkS6THVMCDy3oN6GoLvtyKaHT1xRfCCP33cD_f-uUOPh1ivB0T8MmlxO5r4zjHMzdkXzYOS_jT2qN9vvtcwrIjFKIywGEJ6I2xFhwU9d4Czrpp7bfTefa7l8MZQ-qW0bCvWZEmgmgTJK2SGrChKexZZho0bbPIYrvOAAdsiPxsllwN_MyCEhxjNvGNL0tLFoQ7FzrWIhzeU1pLb46HSGqtkJjL8USaDSBg0pDrC-xD7uIfViXojEwW8JRcE-buWO_8Gk5jHRxw4cQ6dhomDRdXjMimRKzQOvxCa4OVLx-iyWwXLYubF7wDQHKvXLbW0eYLFtQOoRlAkDy3MZQgjmx3_yRwERazQLkk19CCKpMRy84rfgOYxQBYdmmBqCJhhpWrBmbZXc0kAkPoYTrRF9XhwXELzGx2_MTzQaDjNM2AgaHGAg5w9UPbmVkMGNixXExN1k45BoU-uYZZxM1YqEJT-U4Gum_Q9erLZriBsu5xaZ5m8bF22_STzEOHT-1Ca54RDjR-cKKLPoqERxmK8CzHt7T58QTkZA5JBkSLdBOfO6N97g--htnORbJOysbJSWvt0Ud4u4nX1km7k4-Dy63USckN_KZVAOc2Wgqc9_bKkyheypiJo_lI-GWAVZGaBdbxOAIBvMnoSC-dgw-CDk5Q242ux6Y5sVj0WyaO5sWsNR5_xYPcyhsqCoSh0bm6chzsa2FPlG9_oKCXLlGlKfZm6eqmNluRoU9CM4-W1kOTq4QOZB5br3J4SztPtdstiOcEIHtmkkqAUNcpa0RUuF9tvtOQzphpooV77Kqw4CtTTGM-4w98CJjLwvOB_ROotEX-4SWvENGYDOSi-FnoV5m_OxTaURsKR_E-k-BXda2ppY4hysGof0yNeCw_WwXE3S-rG75_4ZbY3h7VHCsb04C2Id2bOcH8JHFImFhyuuGJ2vfdXRZZQMJaHJ0PyHxQZfvUE0LPiyTq-wq8xsjbktZAfeeNWY8sgb-7XblwGv0mJLeYz-k3cDxFMVZYB2Ba3JdTq1_PEHoMcMiG4w_jxA217hQaR0JzT1Q2AsnWW3h4M1ULHmjdx6tWAjYpNRAgfFWoijcefBp9HBZ8jpQBI8m6Vq82-f4j5ruKgmCGAH0uFbQZDkay8h9aZxWVuFP771TiM1mWwh1q9TaS1yCF3zq5PPk_9BRSEunyB5r3mOOMuBHEBWtr7OgVP2HCooZGv02iec5IP4bam5WepMpogcr5FnmQMbrdRJGFhEHi-vgoJh1BBezYick2Gclyrhs093P_gLfkoLUQdUi8b0lCMM5L3_hGbFiHNmjvwr1jEyrbcDj29pqbmyCDODXLdxyy7-8aq2AaWRjnm_1ip_Cv-a-XP_JjKPAjAhberi5wN4I2h7IYkXASG4yx9KofrTNyV8rasDuPzgrU6UfWHN_XOccLgCBwlWLVd7rdurah6871bG55mbHX4_UCb4PGl1DG0Cx0S4Vp9a_oVnVFQiYkiQbtg41EoH7OrLo3Hz3DQcCTdB18bsRp47ZLkOz0s9UZMJEnRWyDLI_MLY42ChBBVUd9SUluePtM2JYHYkulkqpFJ7uHTnH_WlJKibCWCPvfmwl-rZEi-3B_OPB6QXnKzcO3-OYoomTCA9kuzuxe01xU80IwxZKfh_UCFA_Mtjh81LKbs1bwH_ItGk_UvV7bmL4D-nywDe5potLDv5c53zjtA0OihabdWloehypxmhLfVe-CBhzPaU-LLVQoYrJY3NMwDICJkXVWzBBpkRGKOENlrEDsM5380c1NJEifguU3ytrhcRSU3dZqGIdtzTtLU8ab9u8QW389rup6nZac-SL12aUD9T--yka_IF-gZ5cFF-Sexr8v9YXo9eQHJRHZgZ1wuQjMyXXxgJi2FFUlcrUJecynR_jfkvzGHZtJaatYR5DK1tHobZchgV_0-bZ5ZcO0HiFwT0BfWBolTshsilnTy8SJ8pnVJrXn3tQt7jYBM26WoDTfKJgJbPYStEoYfGbfdc5Dd6XqLY55J2PFRQwCuBMkc0xlY3M213dsh37QL2yKINTz8GpDKXT70biFqoHejFmculN_bkLpvq7_9xojPcKEO_vQST4dIl4NeMKByuFk0ezqbpbF0wR_b62ZGdt6n-QGow4X09Rkq3PcbacfU2XLTT-tOxCT9corvU-oStNEsWTWlEvvn9cUJJLdNEH_VN1QbT6CPQB89HwPjVUbK7biK4hcyujdkQBUmOH5ylp0Mk-LrcFE_IHGirnOZkgJ5l58zORkxs-o9ne_Vxu_VhCeR6WpYLmRddo&cid=CAQSTwAvHhf_yhTMAa6FTyzog_UIDqpcT7t-PPKa4RjQEcO3Z0B-HEwD_NhGMnxMBBtbYpkbqp7mubXSSTMH5arXretaZHX0_AwsP0zJ4lf2PjIYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcuspajz.com%2F&ds=l&xdt=1&iif=1&cor=1065478885125344800&adk=2124396031&idt=56&cac=0&dtd=9

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce96e73c1dc9e9f1a92551a0b34d82ed700d969ade502b93d72335a97a754615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=90&slotname=8078270397&adk=3898366583&adf=253855745&pi=t.ma~as.8078270397&w=970&lmt=1707673871&format=970x90&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871637&bpp=2&bdt=168&idt=149&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&correlator=605268166195&frm=20&pv=2&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=432&ady=36&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40417
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CE1D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1&C=1

43 B
763 B

32ms
32ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGMvs5oACMAE&v=APEucNX5Yk4dPuzDa6MqDmPztDNDyElAXPTHCOXWet-spesOOiH_qAU49uQ06pOHySbBpoFiGZjBa_sRnZToS3S_oFy0oo2VLmNdaTnNjXtfZbdvQZgawRJWaPMotqboyFYM0WZYH5GtihVj64eemmnHFi5Oa4XxLzPd3jYx-_aijTYCQu77hYc
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ci0ItVUnAadKobWVcAot4U7zvimFUTMdb5xq1rJ5A5jN2BdfstjDp5qaI2Mdn79Y72uFlhqdoEMj4lA4aWr3K4hOCB3%2BZsVPQgwPH45HXW0cErnKuFD6uh7rEExizNsOph2uhDKwRfBpAA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 853e70468da465d3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H%2BWjUWrSSMyeI%2Bbe9PEGEGaYnIrlTD5dKw19ob%2FH%2FQd9MSPJcUx29vSwprWXHxHmho3VokFjVWhGZFtsWvdAiR8hXclVGOfxbnixQ4lAXi7JyGWJTPQXuW%2FWQ2FB8oZBDfdWlkoU2Aqq%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1&C=1
cache-control: no-cache
cf-ray: 853e704649dd690a-FRA
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame CE1D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZckJEFVbLT8AABP4AD0CBgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1

43 B
734 B

29ms
29ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGMvs5oACMAE&v=APEucNX5Yk4dPuzDa6MqDmPztDNDyElAXPTHCOXWet-spesOOiH_qAU49uQ06pOHySbBpoFiGZjBa_sRnZToS3S_oFy0oo2VLmNdaTnNjXtfZbdvQZgawRJWaPMotqboyFYM0WZYH5GtihVj64eemmnHFi5Oa4XxLzPd3jYx-_aijTYCQu77hYc
Protocol: H3
Server: 172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ozZI54JPA5ekWeB2DNNFakg3siIhOtn3t4Zq86yLYYH9%2BcaPgfJVzw8RSwal8zqzOn1kOBf5W3%2Bsj6b7KKU1SZDTXmdJPwNWndv2QoV2PAcxMZOdEH9mZMmeAVTYSEpnaDb%2FDEKTPY%2FDVw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 853e7046adda65d3-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJOekBq1B0GSpIpfPGLHIEs&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame CE1D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEBaxdk8MUSrVkuASEuS7Z4w&google_cver=1

43 B
1 KB

22ms
22ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEBaxdk8MUSrVkuASEuS7Z4w&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGMvs5oACMAE&v=APEucNX5Yk4dPuzDa6MqDmPztDNDyElAXPTHCOXWet-spesOOiH_qAU49uQ06pOHySbBpoFiGZjBa_sRnZToS3S_oFy0oo2VLmNdaTnNjXtfZbdvQZgawRJWaPMotqboyFYM0WZYH5GtihVj64eemmnHFi5Oa4XxLzPd3jYx-_aijTYCQu77hYc

Protocol

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
an-x-request-uuid: 622c4ac2-3ada-43c0-b3aa-fb325075680f
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEBaxdk8MUSrVkuASEuS7Z4w&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame CE1D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MzQxNTc2MjcxODQ3ODc4NQ%3D%3D

170 B
243 B

17ms
16ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MzQxNTc2MjcxODQ3ODc4NQ%3D%3D

Requested by

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
an-x-request-uuid: 8e12070e-e0d2-4ff3-8bf9-30616b871054
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTQ2MzQxNTc2MjcxODQ3ODc4NQ%3D%3D
x-proxy-origin: 138.199.38.132; 138.199.38.132; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 4855523580311671346
tpc.googlesyndication.com/simgad/ Frame 5C3A 146 KB
146 KB 12ms
12ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4855523580311671346

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=600&slotname=3787671599&adk=3798632441&adf=1962065156&pi=t.ma~as.3787671599&w=300&lmt=1707673871&format=300x600&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871640&bpp=1&bdt=171&idt=169&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=605268166195&frm=20&pv=1&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1116&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=171

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

116a5caf1f72e596317b2ea08f62f39ecc42c95c95f5f015f63b61141f0ab1be

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 13:46:40 GMT
date: Sat, 10 Feb 2024 13:46:40 GMT
x-content-type-options: nosniff
age: 101072
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149253
x-xss-protection: 0
last-modified: Mon, 22 May 2023 18:11:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 5C3A 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 17:53:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 86264
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 17:53:28 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FE34 143 B
166 B 18ms
17ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3495323231934799&output=html&h=600&slotname=3787671599&adk=3798632441&adf=1962065156&pi=t.ma~as.3787671599&w=300&lmt=1707673871&format=300x600&url=https%3A%2F%2Fcuspajz.com%2F&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707673871640&bpp=1&bdt=171&idt=169&shv=r20240207&mjsv=m202401310101&ptt=9&saldr=aa&abxe=1&prev_fmts=970x90&correlator=605268166195&frm=20&pv=1&ga_vid=166702139.1707673872&ga_sid=1707673872&ga_hid=668561542&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1116&ady=183&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C44808397%2C31080779%2C31080795%2C31080798%2C31080820%2C31080886%2C44795922%2C95324581%2C31080872%2C44795553%2C95322184%2C95324155%2C95324161&oid=2&pvsid=3597258737238955&tmod=260608845&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CleE%7C&abl=NS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=171
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 758
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:38:34 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 5C3A 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 14:07:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 14:07:46 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 5C3A 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 22:58:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67973
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 22:58:19 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 5C3A 203 KB
61 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:06:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 18:06:48 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 5C3A 36 KB
15 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 02:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56394
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14866
x-xss-protection: 0
server: cafe
etag: 15811255140505289687
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 25 Feb 2024 02:11:18 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 7FB5 172 KB
61 KB 50ms
6ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:49:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64928
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 23:49:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/ Frame 7FB5 12 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqnBWyoG-z_NWgf5UR83apsigVU4HvHObP6RBNLsX8Eo-DWSiT68r86SRbH6kFDmMJfjWOMMpKKEWL44mxcH9odkE96spFomxj6oYmU30RnM0OLGJleHkaVijcdrGBsMe1RT230kSzwwyzz_VzA9dac2O0qdiyDsU9wdUr0JArvo5X0so&dbm_d=AKAmf-AHFzfq-IqsrM-pV2iqZKWZ6M2OmQUDH4oOq-xaq242AEJ0kWOFnJ6qEhZfXbM7MSiqG34hDi6grV6X6jH-zrndHBi7z0gQ9a4Pp6L14RQIAfRpchNzItw-RM_vaCiqgDG3Uv27WKlEOHILbYRI4f02gk92FQNc051d7VdHch7TThHsEWuIxxId3Zt7u_gn3fJcv_QM-8vPzYfnaL-PvCz9-qlPgcvBWDTGGKgcmAPD5yTruiXe4Kg2Q9mfA3OyBDBFxzecew9eyO25qxAdQtm-p2zqwmjLrxcM7Pwp8c0OGlxZcNS1vJ6sjcmIWGIYHRxszblmGA5KPvICz0RhcMfyzl45I2FPfuACvVXqGn2Ery6EFacRwKhtjwrjFdl-sGHgdikCBfqsssnZuZWvNZbamtMpVvkrfiFv8u3HBu9DksgtTFbfHHVav5_Itri5A_Akbl6y8ckCjzE8Uyrc3cGMGc24suu7TRpkkjDHPG5AUIUQE9IskuHPWbewAJPzvgscdxCC_acvwrCUNIl66edPKAk08HHu3DZQDW2FdznQX4x0ou8s1F_pVgVF4YucL_q8wHN-ePku6m8BwANbLCgvm_Exz3xFEXDoA6zzQRiJhcp22Zxw8hywb3xoA242_J1vMLyTvV0lTLqi0_A8BkHkDSZ1uyP2WTRBvROF36DJQyWyOBwykr0IYAhMG8yfw0ZANvZw-zADB_rFXaTrbtWVsiQiVgeKIS_YytFKUK7BGhkAEK6QO13GipkKwlsH0nRVMDnW5rWL_R3_-NbIXDATWFj8WvCnv8XDnxjIjveg0SUW2Qafgb0mIXoUBYdVUBPpQdYk3PFxwAe9_ZHTI64saokStXPs-55koNfEEijicVfxx1VB1DSYfdnz6MFdkN8sgrJi1j6PxIKPw2qZLvQKeTA3ad_Mv4YPmoQfDtn9rvRHbK1FAXFEOrPL6Yjt2sFOOH-kuQxKVUeq91zxDTcTwXjqs7tKFZ4niqeZRbzb41yheHdtM8ldguVrWmZBpfRjMIy3NJudvxgEMbVijDpWBByzz54XzcdaBjQve0cJSdkd3sTA_zm_F2h1m_eT8BaRgE3sR0N73h2HyD_PrkoSTR2maoWWvdEeflxlbqK8sYliGuSUf_845VANT3qfpQBqyd68lk2TiI8twNFOxS8HlcnS0N3XsAhF12-QZU8zUegniV2iGN5fJEwKuNQtcm96hxBtJcLCXfekjO1llngdGiQl126ukXm6QctJXJRRSSrdAQfLSvFCZf6xBviqPVz_RDjzoqNeI2e2NpYw7-R1e50-cX6KoF7RbOUzD60acP0MlL8BbFtKnRAVTJlqVtnRUD-1YFIUgFpaNgqsovoSG0qdGecvcn4CpXySiafrV3LLAD0J82zg2iPDDapm36ZDzCGJ_5YDctTKi-R7_b4YTCWL4NZKRUFS0Kp4Ff_Q70BrVsOJ0dk9adwkS6THVMCDy3oN6GoLvtyKaHT1xRfCCP33cD_f-uUOPh1ivB0T8MmlxO5r4zjHMzdkXzYOS_jT2qN9vvtcwrIjFKIywGEJ6I2xFhwU9d4Czrpp7bfTefa7l8MZQ-qW0bCvWZEmgmgTJK2SGrChKexZZho0bbPIYrvOAAdsiPxsllwN_MyCEhxjNvGNL0tLFoQ7FzrWIhzeU1pLb46HSGqtkJjL8USaDSBg0pDrC-xD7uIfViXojEwW8JRcE-buWO_8Gk5jHRxw4cQ6dhomDRdXjMimRKzQOvxCa4OVLx-iyWwXLYubF7wDQHKvXLbW0eYLFtQOoRlAkDy3MZQgjmx3_yRwERazQLkk19CCKpMRy84rfgOYxQBYdmmBqCJhhpWrBmbZXc0kAkPoYTrRF9XhwXELzGx2_MTzQaDjNM2AgaHGAg5w9UPbmVkMGNixXExN1k45BoU-uYZZxM1YqEJT-U4Gum_Q9erLZriBsu5xaZ5m8bF22_STzEOHT-1Ca54RDjR-cKKLPoqERxmK8CzHt7T58QTkZA5JBkSLdBOfO6N97g--htnORbJOysbJSWvt0Ud4u4nX1km7k4-Dy63USckN_KZVAOc2Wgqc9_bKkyheypiJo_lI-GWAVZGaBdbxOAIBvMnoSC-dgw-CDk5Q242ux6Y5sVj0WyaO5sWsNR5_xYPcyhsqCoSh0bm6chzsa2FPlG9_oKCXLlGlKfZm6eqmNluRoU9CM4-W1kOTq4QOZB5br3J4SztPtdstiOcEIHtmkkqAUNcpa0RUuF9tvtOQzphpooV77Kqw4CtTTGM-4w98CJjLwvOB_ROotEX-4SWvENGYDOSi-FnoV5m_OxTaURsKR_E-k-BXda2ppY4hysGof0yNeCw_WwXE3S-rG75_4ZbY3h7VHCsb04C2Id2bOcH8JHFImFhyuuGJ2vfdXRZZQMJaHJ0PyHxQZfvUE0LPiyTq-wq8xsjbktZAfeeNWY8sgb-7XblwGv0mJLeYz-k3cDxFMVZYB2Ba3JdTq1_PEHoMcMiG4w_jxA217hQaR0JzT1Q2AsnWW3h4M1ULHmjdx6tWAjYpNRAgfFWoijcefBp9HBZ8jpQBI8m6Vq82-f4j5ruKgmCGAH0uFbQZDkay8h9aZxWVuFP771TiM1mWwh1q9TaS1yCF3zq5PPk_9BRSEunyB5r3mOOMuBHEBWtr7OgVP2HCooZGv02iec5IP4bam5WepMpogcr5FnmQMbrdRJGFhEHi-vgoJh1BBezYick2Gclyrhs093P_gLfkoLUQdUi8b0lCMM5L3_hGbFiHNmjvwr1jEyrbcDj29pqbmyCDODXLdxyy7-8aq2AaWRjnm_1ip_Cv-a-XP_JjKPAjAhberi5wN4I2h7IYkXASG4yx9KofrTNyV8rasDuPzgrU6UfWHN_XOccLgCBwlWLVd7rdurah6871bG55mbHX4_UCb4PGl1DG0Cx0S4Vp9a_oVnVFQiYkiQbtg41EoH7OrLo3Hz3DQcCTdB18bsRp47ZLkOz0s9UZMJEnRWyDLI_MLY42ChBBVUd9SUluePtM2JYHYkulkqpFJ7uHTnH_WlJKibCWCPvfmwl-rZEi-3B_OPB6QXnKzcO3-OYoomTCA9kuzuxe01xU80IwxZKfh_UCFA_Mtjh81LKbs1bwH_ItGk_UvV7bmL4D-nywDe5potLDv5c53zjtA0OihabdWloehypxmhLfVe-CBhzPaU-LLVQoYrJY3NMwDICJkXVWzBBpkRGKOENlrEDsM5380c1NJEifguU3ytrhcRSU3dZqGIdtzTtLU8ab9u8QW389rup6nZac-SL12aUD9T--yka_IF-gZ5cFF-Sexr8v9YXo9eQHJRHZgZ1wuQjMyXXxgJi2FFUlcrUJecynR_jfkvzGHZtJaatYR5DK1tHobZchgV_0-bZ5ZcO0HiFwT0BfWBolTshsilnTy8SJ8pnVJrXn3tQt7jYBM26WoDTfKJgJbPYStEoYfGbfdc5Dd6XqLY55J2PFRQwCuBMkc0xlY3M213dsh37QL2yKINTz8GpDKXT70biFqoHejFmculN_bkLpvq7_9xojPcKEO_vQST4dIl4NeMKByuFk0ezqbpbF0wR_b62ZGdt6n-QGow4X09Rkq3PcbacfU2XLTT-tOxCT9corvU-oStNEsWTWlEvvn9cUJJLdNEH_VN1QbT6CPQB89HwPjVUbK7biK4hcyujdkQBUmOH5ylp0Mk-LrcFE_IHGirnOZkgJ5l58zORkxs-o9ne_Vxu_VhCeR6WpYLmRddo&cid=CAQSTwAvHhf_yhTMAa6FTyzog_UIDqpcT7t-PPKa4RjQEcO3Z0B-HEwD_NhGMnxMBBtbYpkbqp7mubXSSTMH5arXretaZHX0_AwsP0zJ4lf2PjIYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2Fcuspajz.com%2F&ds=l&xdt=1&iif=1&cor=1065478885125344800&adk=2124396031&idt=56&cac=0&dtd=9

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 23:49:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 64878
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4383
x-xss-protection: 0
server: cafe
etag: 1583492410672046836
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 23:49:54 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 7FB5 31 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 21:49:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72073
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11930
x-xss-protection: 0
server: cafe
etag: 15760894069517589058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 21:49:59 GMT

GET
H3 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 7FB5 41 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 19:36:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 166461
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 19:36:51 GMT

GET
DATA 200
OK truncated
/ Frame 7FB5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2554e6b4ffbd23d2299306d9fc04c3f2d72ea3b7e9d041748ef1f6a9fa9438e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5C3A 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0242a88d05eb9416454f1219b7a483cc9db82ab8a95d584062a4764b8aed9d88

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 5C3A
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CHEzXDwnJZdWXM9mhiM0PzrW_mAn-5vvzdMjVj8SSEWQQASC-wb4FYJXikIKgB6AB38b40gPIAQOoAwHIA8kEqgTmAU_QEuzhhvxg47x2T6ZMnqH-moEXUiHn3pHVMfktfDv8pcwpjugJfK2...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216314424886027695102%22,%22debug_reporting%22:true,%22destination%22:%22https://tarrytownjewelers.com%22,%22event_report_w...

0
0

53ms
38ms

Fetch
text/css

142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216314424886027695102%22,%22debug_reporting%22:true,%22destination%22:%22https://tarrytownjewelers.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22979247967%22],%2222%22:[%22true%22],%224%22:[%2202-11%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%223572181669263297761%22}&andc=true

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16314424886027695102","debug_reporting":true,"destination":"https://tarrytownjewelers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979247967"],"22":["true"],"4":["02-11"],"6":["true"]},"priority":"500","source_event_id":"3572181669263297761"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Feb 2024 17:51:12 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16314424886027695102","debug_reporting":true,"destination":"https://tarrytownjewelers.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["979247967"],"22":["true"],"4":["02-11"],"6":["true"]},"priority":"500","source_event_id":"3572181669263297761"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame FE34
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

28ms
27ms

Document
text/html

2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:51:12 GMT
expires: Sun, 11 Feb 2024 17:51:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:51:12 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame BE3F 38 KB
13 KB 7ms
6ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 148822
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 00:30:50 GMT
expires: Sun, 09 Feb 2025 00:30:50 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js Show response
pagead2.googlesyndication.com/bg/ Frame 61EF 51 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 07:41:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 123000
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19987
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 07:41:12 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/5688971668733055178/ Frame 469A 30 KB
5 KB 53ms
39ms Document
text/html 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33cc1c627e11728c9da5765196b4c36af8889fc15af10158c5912c732dc82835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
allow-fenced-frame-automatic-beacons: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 11 Feb 2024 17:51:12 GMT
expires: Mon, 10 Feb 2025 17:51:12 GMT
last-modified: Wed, 27 Sep 2023 08:55:24 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7FB5 0
0 90ms
50ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgnNI4Z4dA7sI1lYm5ohtqfpTHwO-NmNLSWRNPNCYLq9c6NcV32-WgQ-RM7K8oYzI8RA8VI-Z-LTbhB2nxO0b7-2yqG-2WOWqT6BfOWDGETXu8s0S4AzoeYVM1yP3TW66ugHxE0mtwjQ7H3iAKLXvJi8wjphfmt9Og10yI5DshP1tMStaxKkCjpTjvgU1VAxD9Fwmmx2X2jx0STwL_BiFJqFs_c5cbDd-xfelcVJVdnwiK-R6hpk5sK3WCbXeijRvGoZdKHIddMO7trrzxZtIOl_I9lZOIplDxs0Zp7UezX9M1cL8u-m8fHCedCcjqZ4EcL-J98euR4iyyWTMunSmv2Ja5Bzh4s84OvietoLqlic0tCURZkqhZhV6Goy-9dTS3WzQ4Zg1HYIVPt1yyFXfkC5JEaA9PNZqvBBqGQNJ7DqsZAfGlz7VrrUHGKwXAkAf79hLYsz4zIYQw3DpU79ASzpNPBqTUTX8Aq5MktLmlByHLXmO_CFP6MKILg-qEO0fjBMxlSnlUbyFgWqCYfLdIUOs8qLIDDbzLxtCwE173UefaLYKGjBbU72RcY5qvfYad7lFO1Ah94eI2mPnzuVqvT4vTOPreSkvB1M2fKOzD2r1WRLSCsSgPkAR7KhA5ijTbijmLn4Y98HYLn_p8lKmWJaYfnyXjGnDVd8Y885HkF9VHE0yDxxfSvlpT5BH_YGMGanWQvtztY0GP2WuTTHrqQH2vX3Ahb69ON3UJwWj4o5qAXIDKwkuA9U0QuTKkOaEzyPgF0EtCpunMY-_oQMTini2wnPeBRsM-6Vo_vqEOfkeOzo2vj2RW04-A75vvHRK0DP5Czg3-GIAwesXCThPWjU-kVDh8-7zD9-q0x6a7bnlAfy02mJ8HIPQj4_TTA209_4fSZy-ry64iVm3YWUTcKMSLG66A8v3Hopd56FP1egOlQMzNZ_lPzHUpdZjGB8oc2zznV4NlZqtD1330gxHhOfEOuUYXGRe0qpOgkjMhn7g9AZOiTbBQzKZzOGHn1uFqJbont98WDgZLZZBBUhsNyjAlF4TyRROZLaOqBhLRmnZ-4vVDQXMCGtg2VMixXVojZ1BDKezn_O1P2z6zz2dTI-ZBI8xrZsjX9Cz-vlSr21NnIx-pt7A3cieTbhEsz44c2RV7G8Xhs0ytjxVt7gNIbmxDSDI3A-D4MJfvJLK7Z64O3C_yzYT9LjMEMZC30F9Vtar5hItCYFmYezPBfjJ5YUn4_sxn3G3Hfy4otiMw9Qtv3fjQ5mUk600gSDSkKvWoQJxYJrBhQDWsHRkaqjoMB5JCCZFLicBBSgMprXdj_xzWFDN_ODr-rTyk9Oyug1n_D5Td8aVHzNR_mE1f7INIxm04C0Qt7tOGtEZ9n-DbWC0Acp-XYRQn03SS1-4x&sai=AMfl-YTV4VgJ0Qh8oA7zzUffiQLgI1xCxjwnjt2dlPzC_OgUJdCbiiohRTViSW399Bf4F5xC_qljPoIPQkFWdM_wdhUuT6dkVfwO8-O14CTw6h_-jRQQBo5C7PD2-ZhylWPhZj_1AZS5dF7Z2zOt7R0PrDi0TY9uKp0MVNnIjPLZc-nMnBPMoQzg_7xP2KkCOgx5qLZJXfRMChSP_JSlluaYe5KJ6SeG63Mx9j-6b5BfiUDzklp3BUda05NDCGKhWFTbkJ3nRVocASaVXoAu9LmregWyMpk7OK4y40f8uZhSDoSP4kBWiKz1H33LrsNAHtYTYi4&sig=Cg0ArKJSzIP4bBVdA0dhEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=79&cbvp=1&cstd=73&cisv=r20240207.53747&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sun, 11 Feb 2024 17:51:12 GMT

GET
H2

200

firstevent
skydeutschland.demdex.net/ Frame 7FB5
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184944003&d_placement=383215309&d_campaign=31191216&d_bust=2124502353&gdpr=&gdpr_con...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184944003&d_placement=383215309&d_campaign=31191216&d_bust=2124502353&gdpr=&gdp...

42 B
733 B

36ms
36ms

Image
image/gif

52.19.82.212
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184944003&d_placement=383215309&d_campaign=31191216&d_bust=2124502353&gdpr=&gdpr_consent=

Requested by

Protocol

Server

52.19.82.212 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-82-212.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

dcs: dcs-prod-irl1-1-v054-0a36f617d.edge-irl1.demdex.com 6 ms
pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-encoding: gzip
x-tid: fg3XrmftSHE=
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 59
expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs: dcs-prod-irl1-1-v054-0000ed5b8.edge-irl1.demdex.com 0 ms
pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-tid: c+e0QSIPQ4U=
p3p: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=184944003&d_placement=383215309&d_campaign=31191216&d_bust=2124502353&gdpr=&gdpr_consent=
cache-control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame BE3F 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 17:07:29 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 65ms
38ms Preflight
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 11 Feb 2024 17:51:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 style.css
s0.2mdn.net/sadbundle/5688971668733055178/ Frame 469A 5 KB
2 KB 9ms
8ms Stylesheet
text/css 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/5688971668733055178/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

922aa37a782e5153c72cf297fd1d8e42da6126fa40561be9bde0fdee4378bd0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 17:34:07 GMT
date: Fri, 09 Feb 2024 17:34:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173825
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1736
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 08:55:24 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 469A 120 KB
41 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 07:30:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Mon, 12 Feb 2024 07:30:30 GMT

GET
H3 200 gsap_3.11.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 469A 69 KB
27 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27635
x-xss-protection: 0
last-modified: Fri, 12 May 2023 16:03:23 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 17:51:12 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 469A 8 KB
6 KB 73ms
59ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f775d497407f8a8afbe0c3adfb9b582486d6e374548dcc99e932c20e34a22cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5900
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame BE3F 0
20 B 40ms
40ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B6ZgAEAnJZYm5E4XT1PIPhKaV4AkAAAAAOAHgBAI&bg=!7O-l76DNAAaxkZ3akZE7ADQBe5WfOAI3CVAexy46Lepw61Gjttbq-cvwQvLBl5rGK8PSEcuCsnqe5dh6lbY7qiszVoS_AgAAADVSAAAAAWgBB5kDCA_x-0WIoI3EA5zLynsEg_rCuRieBB-YA1pTUHS7w2t0avROK03ffnDo_4NVyb5nbqKaL0MuE4NvcugF5vwjwlqU57xc5ccjaELKjHniEPkt23p42TiXxnWys7UBPyO6k-0GVMTe1NvYEFtDHKMPrGushgz-pFJ6zLC-BWumSDXUhrO2APFaDaiN5fk-OjWeq7aN4UlKD0zntHEVp49Bey3ZiMBO8R9knwJyi2VLtvXX7BP1niu5aS0AqOv-uwHhsTtHjD1qHpPGvGr8L7rqjWBfsvPZU4zdgkYIHv0UeUTepgmYlsIsH6Sx0xoKO2ht9GShTGx_NZba_NzmjJcvZqZAZO9jUU66z54R6J5bxXchdkctGZMCRhi6QkZym-yrVt9Vyk1lzkQFxXzceo3NYdTNH1yCQVlQiE2-fBz32ZXAjV1AGCU3r2oT2Z-DXzWbT1yQ01bJ2yhxVAu-emz8pl7tKszpewn-A0gJnQuLu0pm00yt_kzvg21eYoO44SObHf2wX7JeWdj3Fp9nL4hsAdGVMDP5H11C-W_jOS2f01d-pCHLL_UpsYAlMeb72zYSUTVGh-a29FdqdxIvwA9kdwauHeONGrNi09w3aEsAeVS0ASJg2a5luE2ApkY-jg8x1Hjbo8FydnoKE13XG5rF4DrSdi8touMBtC11FGeSdBaO6Fl0QaTJemVVWYkLsqFLT5UkDKoavJ-6KbfnaobbH5E238F3V61ZThmCcua_pnuxfAAt0qnAKT6ZZour9CELxh6U129sEFFM90pTM-7To3hloe_-b9e1Lx4WgcK3uIkjqVZYVQUPLQlqzk1U-3BvNZ_1MX8bRgs4jQPpn13J2GLR26_9ODCQCIZeUH_CIhl9brVHESIfQ48WM1RY-j2LVWXuTRS2R6JvBZcp27HpQGhrNLXdTznmu-e7m3x8zQEjz2EOnHrtSKfpBLx7DOHOY9CPo-pp4g8Qy0o2F0muuD6LqqRWTRt22QUF38IRa4M7WKiahIoomzzLSwUNZCUwnYOm4iqe3gkH

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CTA_FX.png
s0.2mdn.net/creatives/assets/4736540/ Frame 469A 519 B
545 B 9ms
9ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/creatives/assets/4736540/CTA_FX.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e8e59c22f784ae124e2e4ea700d0361f147c5e67417abb1f845f49082190111

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:42:19 GMT
x-content-type-options: nosniff
age: 533
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 519
x-xss-protection: 0
last-modified: Wed, 21 Dec 2022 12:50:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 17:57:19 GMT

GET
H3 200 sky_bold.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 469A 28 KB
28 KB 11ms
11ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dcda08a8d45d378df4fdeafd2529f3c7521d3e9c3a4b12daf2fe2c919940e57b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:41:53 GMT
x-content-type-options: nosniff
age: 559
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28672
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:17 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 17:56:53 GMT

GET
H3 200 sky_regular.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 469A 33 KB
33 KB 10ms
10ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:40:08 GMT
x-content-type-options: nosniff
age: 664
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33980
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 17:55:08 GMT

GET
H3 200 DCO_Residential_Blockbuster_728x90_1.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_1.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/ Frame 469A 24 KB
24 KB 12ms
11ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/DCO_Residential_Blockbuster_728x90_1.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_1.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dcb60ba9937f07c4ebf4205a0fcad657eb9f10fb9ed9918d2dd6e3ccf6793c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 21:56:13 GMT
x-content-type-options: nosniff
age: 330899
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25041
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 07:41:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 06 Feb 2025 21:56:13 GMT

GET
H3 200 DCO_Residential_Blockbuster_728x90_2.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_2.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/ Frame 469A 44 KB
44 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/DCO_Residential_Blockbuster_728x90_2.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_2.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0959051f4030ed791c0eefce2f6d67946610f638bf1ca109eff500846a177eea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 00:31:22 GMT
x-content-type-options: nosniff
age: 148790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44757
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 07:42:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 00:31:22 GMT

GET
H3 200 DCO_Residential_Blockbuster_728x90_3.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_3.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/ Frame 469A 34 KB
34 KB 16ms
15ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/DCO_Residential_Blockbuster_728x90_3.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_3.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a97036d812cd89348fe7ac9522e9b9a49bb97e9b84a0c9bee08999f620c04307

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 00:31:22 GMT
x-content-type-options: nosniff
age: 148790
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34754
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 07:42:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 00:31:22 GMT

GET
H3 200 DCO_Residential_Blockbuster_728x90_4.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_4.jpg
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/ Frame 469A 45 KB
45 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/DCO_Residential_Blockbuster_728x90_4.jpg_1706773246044_DCO_Residential_Blockbuster_728x90_4.jpg

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a72ed041bf18098183b4e66f35a82e329af7993ed6f01f2e7822304f0c365cb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 03:19:34 GMT
x-content-type-options: nosniff
age: 138698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45880
x-xss-protection: 0
last-modified: Thu, 01 Feb 2024 07:41:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 09 Feb 2025 03:19:34 GMT

GET
H3 200 blank.png_1704784653657_blank.png
s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/ Frame 469A 1 KB
1 KB 18ms
18ms Image
image/png 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/11041269/s0.2mdn.net/creatives/assets/5097321/blank.png_1704784653657_blank.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7247cfe2efdf5076810da0cfc153fdb7a077f385bc6f721a202bc39516cfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/index.html?e=69&leftOffset=0&topOffset=0&c=GeKONtrMEq&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Thu, 08 Feb 2024 00:06:33 GMT
x-content-type-options: nosniff
age: 323079
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1371
x-xss-protection: 0
last-modified: Tue, 09 Jan 2024 07:18:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Feb 2025 00:06:33 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7FB5 0
0 43ms
43ms Fetch
image/gif 216.58.206.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgnNI4Z4dA7sI1lYm5ohtqfpTHwO-NmNLSWRNPNCYLq9c6NcV32-WgQ-RM7K8oYzI8RA8VI-Z-LTbhB2nxO0b7-2yqG-2WOWqT6BfOWDGETXu8s0S4AzoeYVM1yP3TW66ugHxE0mtwjQ7H3iAKLXvJi8wjphfmt9Og10yI5DshP1tMStaxKkCjpTjvgU1VAxD9Fwmmx2X2jx0STwL_BiFJqFs_c5cbDd-xfelcVJVdnwiK-R6hpk5sK3WCbXeijRvGoZdKHIddMO7trrzxZtIOl_I9lZOIplDxs0Zp7UezX9M1cL8u-m8fHCedCcjqZ4EcL-J98euR4iyyWTMunSmv2Ja5Bzh4s84OvietoLqlic0tCURZkqhZhV6Goy-9dTS3WzQ4Zg1HYIVPt1yyFXfkC5JEaA9PNZqvBBqGQNJ7DqsZAfGlz7VrrUHGKwXAkAf79hLYsz4zIYQw3DpU79ASzpNPBqTUTX8Aq5MktLmlByHLXmO_CFP6MKILg-qEO0fjBMxlSnlUbyFgWqCYfLdIUOs8qLIDDbzLxtCwE173UefaLYKGjBbU72RcY5qvfYad7lFO1Ah94eI2mPnzuVqvT4vTOPreSkvB1M2fKOzD2r1WRLSCsSgPkAR7KhA5ijTbijmLn4Y98HYLn_p8lKmWJaYfnyXjGnDVd8Y885HkF9VHE0yDxxfSvlpT5BH_YGMGanWQvtztY0GP2WuTTHrqQH2vX3Ahb69ON3UJwWj4o5qAXIDKwkuA9U0QuTKkOaEzyPgF0EtCpunMY-_oQMTini2wnPeBRsM-6Vo_vqEOfkeOzo2vj2RW04-A75vvHRK0DP5Czg3-GIAwesXCThPWjU-kVDh8-7zD9-q0x6a7bnlAfy02mJ8HIPQj4_TTA209_4fSZy-ry64iVm3YWUTcKMSLG66A8v3Hopd56FP1egOlQMzNZ_lPzHUpdZjGB8oc2zznV4NlZqtD1330gxHhOfEOuUYXGRe0qpOgkjMhn7g9AZOiTbBQzKZzOGHn1uFqJbont98WDgZLZZBBUhsNyjAlF4TyRROZLaOqBhLRmnZ-4vVDQXMCGtg2VMixXVojZ1BDKezn_O1P2z6zz2dTI-ZBI8xrZsjX9Cz-vlSr21NnIx-pt7A3cieTbhEsz44c2RV7G8Xhs0ytjxVt7gNIbmxDSDI3A-D4MJfvJLK7Z64O3C_yzYT9LjMEMZC30F9Vtar5hItCYFmYezPBfjJ5YUn4_sxn3G3Hfy4otiMw9Qtv3fjQ5mUk600gSDSkKvWoQJxYJrBhQDWsHRkaqjoMB5JCCZFLicBBSgMprXdj_xzWFDN_ODr-rTyk9Oyug1n_D5Td8aVHzNR_mE1f7INIxm04C0Qt7tOGtEZ9n-DbWC0Acp-XYRQn03SS1-4x&sai=AMfl-YTV4VgJ0Qh8oA7zzUffiQLgI1xCxjwnjt2dlPzC_OgUJdCbiiohRTViSW399Bf4F5xC_qljPoIPQkFWdM_wdhUuT6dkVfwO8-O14CTw6h_-jRQQBo5C7PD2-ZhylWPhZj_1AZS5dF7Z2zOt7R0PrDi0TY9uKp0MVNnIjPLZc-nMnBPMoQzg_7xP2KkCOgx5qLZJXfRMChSP_JSlluaYe5KJ6SeG63Mx9j-6b5BfiUDzklp3BUda05NDCGKhWFTbkJ3nRVocASaVXoAu9LmregWyMpk7OK4y40f8uZhSDoSP4kBWiKz1H33LrsNAHtYTYi4&sig=Cg0ArKJSzIP4bBVdA0dhEAE&uach_m=%5BUACH%5D&cry=1&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=213&vt=11&dtpt=134&dett=3&cstd=73&cisv=r20240207.53747&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: cuspajz.com
URL: https://cuspajz.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lcfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 11 Feb 2024 17:51:12 GMT

GET
H3 200 sky_medium.woff
s0.2mdn.net/creatives/assets/3668815/ Frame 469A 27 KB
27 KB 11ms
10ms Font
font/woff 2a00:1450:4001:82a::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/3668815/sky_medium.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/5688971668733055178/style.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:47:14 GMT
x-content-type-options: nosniff
age: 238
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27952
x-xss-protection: 0
last-modified: Thu, 20 Feb 2020 12:38:21 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 11 Feb 2024 18:02:14 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 469A 17 KB
6 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 11 Feb 2024 17:51:12 GMT

GET
H3 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame DCF0 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:07:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 10 Feb 2025 17:07:29 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5C3A 42 B
64 B 51ms
51ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssxK1nM4TPGMwDFqOi_aGHbz9BAhkB8CqG7IRJC08Ky2uH2Md--zxUwIC0-2BnFwAB_pZFYvCkW-2cb1iHBbTFdYvP1UV5irs4ngIAQckT3Psgv1G3Zse21V_n1aYWOmPvtZbQbwNfG-IPtOh5hsoyEL0mP3eoTiSjqZQ&sai=AMfl-YTF-EJG1-0oUFe4wGXpSeWZUpnXFgWuFeYZ7oT_Gz5wjgkNKs-Z3tBCIF6igT7Foyr8D103xO7Clms0UQT4y2AXrDpcqKcKNxvs7ycanZ1dBlb-COMTOWiaqraVilIeW4e9ecy5DvMYH2NCCrPI&sig=Cg0ArKJSzBEDBpvIWczVEAE&cid=CAQSTgAvHhf_i5b1u2kq8sRi1KXMXx06VJXuCX2bFm2h2E2WeBfmmXXp1RE0cklPrPBoTyPtHyuNAXesE53CxUVdkltK80tdbs9zuCbNe0-fxRgB&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=3798632441&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=360667200&rst=1707673871812&rpt=608&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7FB5 42 B
64 B 52ms
52ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssmBC6Dh7Vgxvi44nQYEbVUX7Vf3taoBB3n8aM1fSzxdZ-iTayyLPrp9W3bs64I1FO_KQDR4lQqBJ_43vf1R705BGe8f383Gm26dEb8ho6eVljoKY0gxA6bY5Aktj8nJ-GFKBE0V-_DwAvsWiRGJUFuuJT4f5fXyseqZw&sai=AMfl-YTbQqVEQiTzp5OeGXkHdINCOA9gGsegOiUWQCm-w5vGicexoRiJUKkgf1NDPWatBV-5Huxt5sM4nDyez0tcjyyNnr67XTOksC8mCo0xyMv2uz8ZdIj_EJk9Qrj96oM0V9Gi2On5oDzC2Y2O_Ox9BQ&sig=Cg0ArKJSzM-xsZ2TKR04EAE&cid=CAQSTwAvHhf_yhTMAa6FTyzog_UIDqpcT7t-PPKa4RjQEcO3Z0B-HEwD_NhGMnxMBBtbYpkbqp7mubXSSTMH5arXretaZHX0_AwsP0zJ4lf2PjIYAQ&id=lidar2&mcvt=1000&p=0,0,108,728&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20240208&bin=7&avms=nio&bs=0,0&mc=0.83&if=1&vu=1&app=0&itpl=20&adk=3898366583&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=360667200&rst=1707673872231&rpt=235&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FB5 0
20 B 39ms
39ms Ping
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8897188549146&version=m202401290101&ct=76&x=1&cor=1065478885125344800

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 11 Feb 2024 17:51:13 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 iframeResizer.contentWindow.min.js Show response
www.vegcook.net/wp-content/themes/vegcook/js/ Frame 75CF 14 KB
6 KB 354ms
354ms Script
application/x-javascript 2606:4700:3037::6815:3248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.vegcook.net/wp-content/themes/vegcook/js/iframeResizer.contentWindow.min.js
Requested by: Host: www.vegcook.net
URL: https://www.vegcook.net/cuspajz-com/?version=1792112106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5695f8317f3c82772c4793fb9145d45cd56cc43d79b27737a37e3bd030ab3baa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vegcook.net/cuspajz-com/?version=1792112106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:14 GMT
content-encoding: br
referrer-policy: no-referrer-when-downgrade
cf-cache-status: HIT
last-modified: Tue, 11 Apr 2017 17:47:21 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"3743-54ce7af043c40-gzip"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2Ftlxo%2BmzaSxsBKBlvTmjJV3YclHB%2BhSzUZSeAE1DIlq7ZjWQUWUGvykVBc6x3msdix0vFl9RtYKk4oI9uOYfrnFygk5zcnxVDIeGE8cqJHSz7FAU1739K0oAtnHWtIEcE26WkaRKGW56Tk%2FEiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: max-age=31536000
cf-ray: 853e7052ef29462b-SIN
alt-svc: h3=":443"; ma=86400
expires: Fri, 22 Nov 2024 09:18:19 GMT

GET
H2 200 Proteinska-salata-400x200.jpg
www.vegcook.net/wp-content/uploads/2017/09/ Frame 75CF 25 KB
25 KB 362ms
362ms Image
image/jpeg 2606:4700:3037::6815:3248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vegcook.net/wp-content/uploads/2017/09/Proteinska-salata-400x200.jpg
Requested by: Host: www.vegcook.net
URL: https://www.vegcook.net/cuspajz-com/?version=1792112106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46f4e2304c358918be6024e415f76e38247ff5746c5436151ad391cd7feae77b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vegcook.net/cuspajz-com/?version=1792112106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:14 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 25668
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 23 Sep 2017 12:53:08 GMT
server: cloudflare
etag: "6444-559dacea327ce"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cveDdHSmpao8vnBfm%2F6Vp%2BnMxn9E8K2v4bohIjUUMz3xrUfSj%2BBY4i2jYU4ECp85PRvPBbpQxPqRgPcKttiUd9n1CVqy0EbcRjdCL8KmPug272E1yLxZoUEJ%2BPmGHMUGdvhxrv5%2FRd6cZ5n8ijU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853e7052ef2a462b-SIN
expires: Fri, 07 Feb 2025 12:29:31 GMT

GET
H2 200 14753870_1816895635249846_2098500979407361365_o-400x200.jpg
www.vegcook.net/wp-content/uploads/2016/10/ Frame 75CF 18 KB
18 KB 928ms
928ms Image
image/jpeg 2606:4700:3037::6815:3248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vegcook.net/wp-content/uploads/2016/10/14753870_1816895635249846_2098500979407361365_o-400x200.jpg
Requested by: Host: www.vegcook.net
URL: https://www.vegcook.net/cuspajz-com/?version=1792112106
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:3248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4f5d00f028c4f99a1841d6cedae41c0170a9c87e096e390aa6f4c62e67a51e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vegcook.net/cuspajz-com/?version=1792112106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 17987
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 24 Oct 2016 19:39:34 GMT
server: cloudflare
etag: "4643-53fa18d32d199"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROXYVT40jcLv1tPo7NqzUprchibN9o%2BlBPibMXdyd%2FsvUwpxjPuwVVYwDe1uuIn57C67zqC6bYYpGjCyLyFIQu1oj%2FDzcsHgxuY9BQLGF95tGUGnzD1QX2Srh8IVaC185CiE5AdXXly7kdwlVWs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853e7052ef2e462b-SIN
expires: Fri, 22 Nov 2024 15:53:38 GMT

GET
H3 200 Integralna-tjestenina-s-umakom-od-poriluka-i-sampinjona-s-vrhnjem-400x200.jpg
www.vegcook.net/wp-content/uploads/2017/06/ Frame 75CF 33 KB
34 KB 1130ms
1130ms Image
image/jpeg 2606:4700:3037::6815:3248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vegcook.net/wp-content/uploads/2017/06/Integralna-tjestenina-s-umakom-od-poriluka-i-sampinjona-s-vrhnjem-400x200.jpg
Requested by: Host: www.vegcook.net
URL: https://www.vegcook.net/cuspajz-com/?version=1792112106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 431d8c7b1c77eac4e6195246faaaafbf1ade3a9f1fd77a40a9c4f695d8eb2352

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vegcook.net/cuspajz-com/?version=1792112106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 34028
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 22 Jun 2017 14:25:31 GMT
server: cloudflare
etag: "84ec-5528d41c8b43c"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2HHdo60NWoNX%2FHqgOnUtZC1udlkJCPmNGXUFYMKbmcRkHZGFJT37SRpBsXCO%2Fyxq2Gr1NDdygAdasB0%2BgioMS0kXXFQjxTkNIeMM%2BfvmBTXZXj%2BHnMj0YBosfBnm3vfnLKv3arCOewZ1vy2ukvQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853e7054ab60bbe5-FRA
expires: Fri, 22 Nov 2024 10:23:31 GMT

GET
H3 200 Torta-od-limuna-s-preljevom-od-borovnice.0-400x200.jpg
www.vegcook.net/wp-content/uploads/2017/04/ Frame 75CF 26 KB
26 KB 1112ms
1111ms Image
image/jpeg 2606:4700:3037::6815:3248
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.vegcook.net/wp-content/uploads/2017/04/Torta-od-limuna-s-preljevom-od-borovnice.0-400x200.jpg
Requested by: Host: www.vegcook.net
URL: https://www.vegcook.net/cuspajz-com/?version=1792112106
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3037::6815:3248 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3736b50bb54314fbc3d23b4f752395b7e04ea23e88a7e9d80f2f5498285cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.vegcook.net/cuspajz-com/?version=1792112106
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sun, 11 Feb 2024 17:51:15 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 26207
referrer-policy: no-referrer-when-downgrade
last-modified: Sat, 15 Apr 2017 15:08:49 GMT
server: cloudflare
etag: "665f-54d35ef7a2dc8"
vary: X-Forwarded-Proto,Accept-Encoding,User-Agent
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gS3olqw%2F7yO8rAHmnjIlQkpKFaiKddlMeWklILQ4mp0ES16C%2BSvy12gFifvrUkFKflmUD5ch102pgD687WIgorEB5F4mzxqM%2F8DQXi7XoGOAFC0cJhW%2BTT9YyYgDJbn4zw4Sk4taKOWhd4umeuo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 853e7054ab62bbe5-FRA
expires: Sat, 23 Nov 2024 12:02:49 GMT

GET like.php
www.facebook.com/v2.0/plugins/ Frame 79DE 0
0

GET sodar
pagead2.googlesyndication.com/getconfig/ 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.facebook.com
URL: https://www.facebook.com/v2.0/plugins/like.php?app_id=251862128215878&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Df9dc4f5a2be2d2e35%26domain%3Dcuspajz.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fcuspajz.com%252Ff4bc092a88387e3dc%26relation%3Dparent.parent&container_width=61&font=verdana&href=http%3A%2F%2Fcuspajz.com%2F&locale=en_GB&sdk=joey&send=true&show_faces=false&width=576

Domain: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cuspajz.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: njm6l6gpbvkmq41sl4npf590n3
.cuspajz.com/	1970-01-21 03:57:13	Name: _ga Value: GA1.2.166702139.1707673872
.cuspajz.com/	1970-01-20 18:22:40	Name: _gid Value: GA1.2.1825266982.1707673872
.cuspajz.com/	1970-01-20 18:21:13	Name: _gat Value: 1
.cuspajz.com/	1970-01-21 03:57:13	Name: _ga_V6YZJ4YFKG Value: GS1.2.1707673871.1.0.1707673871.0.0.0
.statcounter.com/	1970-01-21 03:57:13	Name: is_unique Value: sc1935988.1707673872.0
.doubleclick.net/	1970-01-21 03:42:49	Name: IDE Value: AHWqTUkUiKuvtQuNMToTkg1R8ZekzO7PR3B5iwioXr-B_E6mSKpHsdREALPXPqge
.adnxs.com/	1970-01-20 20:30:49	Name: XANDR_PANID Value: NtANViHGMGFOemK6-TLg9YU1Nb5v4d_16NWqs1C6z4EbO_T9nSO3Ig864m4sy2COnPwcyUw1YZJVJpL41GAv0TR3V-HszJXBGLF9deIKSfY.
.adnxs.com/	1970-01-21 03:57:13	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:30:49	Name: uuid2 Value: 1463415762718478785
.doubleclick.net/	1970-01-20 18:21:14	Name: test_cookie Value: CheckForPermission
.doubleclick.net/	1970-01-20 22:40:25	Name: APC Value: AfxxVi4PPkcLeUt-anJU7fbD88tzWm7qXKyrc88oAsvSSgSJnA6AHg
.doubleclick.net/	1970-01-20 22:40:25	Name: receive-cookie-deprecation Value: 1
.cuspajz.com/	1970-01-21 03:42:49	Name: __gads Value: ID=77944a5388cafbcc:T=1707673871:RT=1707673871:S=ALNI_MaFgoho-h4unjGdTh5yD0m7enHSjQ
.cuspajz.com/	1970-01-21 03:42:49	Name: __gpi Value: UID=00000d5610f4a42a:T=1707673871:RT=1707673871:S=ALNI_MZMqu1cH7nMoZbLpK4ww3IjCa48Cw
.cuspajz.com/	1970-01-20 22:40:25	Name: __eoi Value: ID=50c920883dbf6698:T=1707673871:RT=1707673871:S=AA-Afjb8pvc17pQAqceicvoRyPEQ
.adnxs.com/	1970-01-20 20:30:49	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTrfge+E!]tbPl1M>e)ZlrFUfJ+tGXxo@DV[syOq>]H?0<#DE%Fed^c+M+aaRpn=DlDB3If)y3KL9D3I?+<KWY5]
.casalemedia.com/	1970-01-20 20:30:49	Name: CMPS Value: 5298
.casalemedia.com/	1970-01-21 03:06:49	Name: CMID Value: ZckJEFVbLT8AABP4AD0CBgAA
.casalemedia.com/	1970-01-20 20:30:49	Name: CMPRO Value: 5149
.doubleclick.net/	1970-01-20 18:21:17	Name: DSID Value: NO_DATA
.demdex.net/	1970-01-20 22:40:25	Name: demdex Value: 83204168264898494632328079893024458671
.googleadservices.com/	1970-01-20 20:30:49	Name: ar_debug Value: 1
.skydeutschland.demdex.net/	1970-01-20 22:40:25	Name: skydeutschland Value: 83204168264898494632328079893024458671

59 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://cuspajz.com/inc/iframeResizer.min.js(Line 7) Message: Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://www.vegcook.net') does not match the recipient window's origin ('https://cuspajz.com').
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cuspajz.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c18.statcounter.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
cuspajz.com
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
region1.google-analytics.com
s0.2mdn.net
skydeutschland.demdex.net
static.adsafeprotected.com
stats.g.doubleclick.net
tpc.googlesyndication.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.vegcook.net
pagead2.googlesyndication.com
www.facebook.com
104.20.94.138
142.250.184.194
142.250.186.162
172.64.151.101
2001:4860:4802:32::36
213.202.101.122
216.58.206.34
2600:9000:20ab:8a00:8:48e:53c0:93a1
2606:4700:3037::6815:3248
2606:4700::6811:190e
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2008
2a00:1450:4001:828::2001
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2006
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c00::9b
2a03:2880:f083:100:face:b00c:0:3
37.252.171.52
52.19.82.212
54.78.153.75
0242a88d05eb9416454f1219b7a483cc9db82ab8a95d584062a4764b8aed9d88
083453bf4d12b9c46f44e3b434994e63ab8d8507300e67eaa25d9c7a9c0354bf
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
092b8c9ebc1cd4ed98c8fa0a20d118737649861ce8cdb7ccf40cc61ce495ea8c
0959051f4030ed791c0eefce2f6d67946610f638bf1ca109eff500846a177eea
0b3f596de815de6bc605ce5a331ed40f7225d5302ffc281890d2ac9bfdd810ce
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bbb596346cb7cfb9d60f5b2269d60437d8e784ac3ef5a4ec5f6bab8d539debe
0e8e59c22f784ae124e2e4ea700d0361f147c5e67417abb1f845f49082190111
116a5caf1f72e596317b2ea08f62f39ecc42c95c95f5f015f63b61141f0ab1be
14859b1c65439ee387351ff8fb06127e4a60402302612a3da013fc294f73ca5a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
2554e6b4ffbd23d2299306d9fc04c3f2d72ea3b7e9d041748ef1f6a9fa9438e8
2f738547bbcdbef189de47347ad84fc0bb0c15164980f51a0214706fa5c94a73
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
33cc1c627e11728c9da5765196b4c36af8889fc15af10158c5912c732dc82835
3c3736b50bb54314fbc3d23b4f752395b7e04ea23e88a7e9d80f2f5498285cf0
3f7bd3e5da73119bd384be741e5267f35ffd6e02c06d1988a693625fcead81e0
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
431d8c7b1c77eac4e6195246faaaafbf1ade3a9f1fd77a40a9c4f695d8eb2352
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
4373878b9f750698b6a199ebc0eb0e550df208c5a1f9f778a346e271a2b4d733
456ab1a71507ed91abae14c9d08faffb373a7bc711a66e44341b7b8b7bb72ab4
46f4e2304c358918be6024e415f76e38247ff5746c5436151ad391cd7feae77b
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bb025cebc86de34d61f141a2772929cbdf0e1a9a55fe016dec0dd4c5fa9cdbd
5695f8317f3c82772c4793fb9145d45cd56cc43d79b27737a37e3bd030ab3baa
58843ede0f98019fae2130feb320d9d715b1e8068af23002d4f7be8546b09be0
6115a449c31f763d7ba09b3365546e5c5579c531557515a9326fa7e2e2e0f0da
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6384c0e613651a07daee210a57a9f6ba941b77a15c4e12a3d489023fd0cc854a
69f5d3191dc883795ffd06149c49d8b097e4aa1c053433db3f2531d3d6074d1a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f775d497407f8a8afbe0c3adfb9b582486d6e374548dcc99e932c20e34a22cf
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
818d679ad5505e37bdde3140e76c1672e9c5b06b7474cd3fc6b75e552a221f50
84ddb7165374259e268e895b78226182cd9c45085acfb85198e79c73baa95e1d
87f7247cfe2efdf5076810da0cfc153fdb7a077f385bc6f721a202bc39516cfb
8dcb60ba9937f07c4ebf4205a0fcad657eb9f10fb9ed9918d2dd6e3ccf6793c3
9159ff44d7094b8c99c902b187018a7e1115252e3c0438f9d4622295cd00d287
922aa37a782e5153c72cf297fd1d8e42da6126fa40561be9bde0fdee4378bd0a
9230675eb04d0dc784320dbbf198ec094109f15ad63f64e9d79f0df6eed885d9
94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9db30e68535b50b60144356417e573bd6db535d839023c52ddcd11a6f68291c6
9e24396413e46d9f9abbe6ef1d3891fe61fce061e5b8bbbd21ecf14b4377415a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a72ed041bf18098183b4e66f35a82e329af7993ed6f01f2e7822304f0c365cb9
a97036d812cd89348fe7ac9522e9b9a49bb97e9b84a0c9bee08999f620c04307
aac41a6e78574096f98af8bf677d8cf8af823dede0a66d2e6226bd0400c32f43
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b3bc505f6331ee43865b057368bceae706776d44ed6d225c40c58a8d8580bd7c
b4f5d00f028c4f99a1841d6cedae41c0170a9c87e096e390aa6f4c62e67a51e6
ce96e73c1dc9e9f1a92551a0b34d82ed700d969ade502b93d72335a97a754615
dcda08a8d45d378df4fdeafd2529f3c7521d3e9c3a4b12daf2fe2c919940e57b
de3163bbd3b57dccf21bdfa2bd4dc5339ab5b8a815950b7677aa539bb90e7dbf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
debf5176c2e02659168068f663a50c9c9e29a8d42b49d3b6ae42c527d75b65c0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
fbae080321632ad4ce06e9207ef9a534abd1d6488a96a0a4334fa768d1f93717

cuspajz.com Open in urlscan Pro 213.202.101.122 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

86 Requests

90 %HTTPS

59 %IPv6

17 Domains

23 Subdomains

21 IPs

6 Countries

1449 kBTransfer

3243 kBSize

24 Cookies

2 Outgoing links

Page URL History

Redirected requests

86 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cuspajz.com Open in urlscan Pro
213.202.101.122 Public Scan

Screenshot
Live screenshot

Full Image

86
Requests

90 %
HTTPS

59 %
IPv6

17
Domains

23
Subdomains

21
IPs

6
Countries

1449 kB
Transfer

3243 kB
Size

24
Cookies

86 HTTP transactions
2 data transactions