misr5.com Open in urlscan Pro
2606:4700:3036::ac43:9b24 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://misr5.com/
Effective URL:
https://misr5.com/
Submission Tags: tranco_l324
Submission: On November 09 via api (November 9th 2021, 4:57:52 am UTC) from DE — Scanned from DE

Summary HTTP 211 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 55 IPs in 11 countries across 55 domains to perform 211 HTTP transactions. The main IP is 2606:4700:3036::ac43:9b24, located in United States and belongs to CLOUDFLARENET, US. The main domain is misr5.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 11th 2021. Valid for: a year.

This is the only time misr5.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	2606:4700:303... 2606:4700:3036::ac43:9b24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	136.243.63.184 136.243.63.184	24940 (HETZNER-AS) (HETZNER-AS)
10	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	205.185.216.42 205.185.216.42	20446 (HIGHWINDS3) (HIGHWINDS3)
19	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3036::6815:2cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:303... 2606:4700:3032::ac43:c67b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	167.172.183.24 167.172.183.24	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	213.174.135.2 213.174.135.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
5	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3033::6815:2de	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5	2a0c:5c81:514... 2a0c:5c81:5142::2	55081 (24SHELLS) (24SHELLS)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
1	64.225.42.52 64.225.42.52	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
4	138.68.235.115 138.68.235.115	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2	34.149.20.76 34.149.20.76	15169 (GOOGLE) (GOOGLE)
2	147.75.61.140 147.75.61.140	54825 (PACKET) (PACKET)
2	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
4	51.89.9.252 51.89.9.252	16276 (OVH) (OVH)
3	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 5	37.252.173.38 37.252.173.38	29990 (ASN-APPNEX) (ASN-APPNEX)
2	216.52.2.30 216.52.2.30	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 3	5.178.65.245 5.178.65.245	50673 (SERVERIUS-AS) (SERVERIUS-AS)
1 1	162.55.6.211 162.55.6.211	24940 (HETZNER-AS) (HETZNER-AS)
1 2	62.149.0.72 62.149.0.72	15497 (COLOCALL ...) (COLOCALL Internet Data Center ColoCALL)
1	193.200.65.5 193.200.65.5	6681 (GIVEME-CLOUD) (GIVEME-CLOUD)
1	37.18.16.22 37.18.16.22	205675 (HYBRID-AS) (HYBRID-AS)
2	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	37.157.3.28 37.157.3.28	198622 (ADFORM) (ADFORM)
21	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
3	37.157.2.247 37.157.2.247	198622 (ADFORM) (ADFORM)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1 9	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2 2	3.127.92.82 3.127.92.82	16509 (AMAZON-02) (AMAZON-02)
3 3	3.120.169.248 3.120.169.248	16509 (AMAZON-02) (AMAZON-02)
2 2	35.210.178.101 35.210.178.101	19527 (GOOGLE-2) (GOOGLE-2)
5 5	52.30.222.33 52.30.222.33	16509 (AMAZON-02) (AMAZON-02)
5 17	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
1 1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	198.148.27.139 198.148.27.139	19189 (PULSEPOINT) (PULSEPOINT)
1	185.86.137.131 185.86.137.131	201081 (SMARTADSE...) (SMARTADSERVER)
1 1	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	2620:116:800d... 2620:116:800d:21:8c6e:cf2c:8d6:9fb5	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.241 37.157.6.241	198622 (ADFORM) (ADFORM)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
11	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1 3	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	72.251.244.142 72.251.244.142	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1 1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3 3	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	185.86.139.94 185.86.139.94	201081 (SMARTADSE...) (SMARTADSERVER)
2 2	18.197.47.23 18.197.47.23	16509 (AMAZON-02) (AMAZON-02)
2 2	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2404:6800:400... 2404:6800:4008:c01::78	15169 (GOOGLE) (GOOGLE)
3	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	141.95.3.9 141.95.3.9	16276 (OVH) (OVH)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	66.155.71.25 66.155.71.25	13768 (COGECO-PEER1) (COGECO-PEER1)
2 2	213.19.147.44 213.19.147.44	26120 (RHYTHMONE) (RHYTHMONE)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	82.113.101.132 82.113.101.132	6805 (TDDE-ASN1) (TDDE-ASN1)
211	55

20 2606:4700:3036::ac43:9b24 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

misr5.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.63.184 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: xip08.oneall.com

misr5.api.oneall.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 205.185.216.42 (United States)

ASN20446 (HIGHWINDS3, US)
PTR: map2.hwcdn.net

jscdn.greeter.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3036::6815:2cb (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.ergadx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:3032::ac43:c67b (United States)

ASN13335 (CLOUDFLARENET, US)

player.adtcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 167.172.183.24 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

cdn.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.174.135.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

player.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3033::6815:2de (United States)

ASN13335 (CLOUDFLARENET, US)

adipolo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a0c:5c81:5142::2 (London, United Kingdom)

ASN55081 (24SHELLS, US)

ghb.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.225.42.52 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

bot.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 138.68.235.115 (Santa Clara, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

analytics.webpushr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 147.75.61.140 (Ashburn, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

prebid-eu.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.173.38 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.178.65.245 (Woerden, Netherlands) 1 redirects

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net

pbjs.e-planning.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.211 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.149.0.72 (Ukraine) 1 redirects

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com

sync.adtelligent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.200.65.5 (Amsterdam, Netherlands)

ASN6681 (GIVEME-CLOUD, PL)
PTR: t.trafmag.com

t.trafmag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.18.16.22 (Russian Federation)

ASN205675 (HYBRID-AS, RU)

dm.hybrid.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.3.28 (Denmark)

ASN198622 (ADFORM, DK)

track.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.2.247 (Denmark)

ASN198622 (ADFORM, DK)

s1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.92.82 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-82.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.120.169.248 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-169-248.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN19527 (GOOGLE-2, US)
PTR: 101.178.210.35.bc.googleusercontent.com

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.30.222.33 (Dublin, Ireland) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-222-33.eu-west-1.compute.amazonaws.com

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 172.217.16.130 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom) 1 redirects

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.139 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.137.131 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.244 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:8c6e:cf2c:8d6:9fb5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.241 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.244.142 (Amsterdam, Netherlands) 2 redirects

ASN29791 (VOXEL-DOT-NET, US)

tracking.m6r.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.190.78 (United Kingdom) 3 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.86.139.94 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.197.47.23 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-197-47-23.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.156.0.31 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 2 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2404:6800:4008:c01::78 (Taipei, Taiwan)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.95.3.9 (France)

ASN16276 (OVH, FR)
PTR: p32.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.19.147.44 (United Kingdom) 2 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.132 (Wetzlar, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.o2online.de

portal.o2online.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	googlesyndication.com pagead2.googlesyndication.com cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com tpc.googlesyndication.com	398 KB
37	doubleclick.net 5 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	308 KB
20	misr5.com 1 redirects misr5.com	443 KB
11	2mdn.net s0.2mdn.net	1 MB
10	openx.net 2 redirects us-u.openx.net eu-u.openx.net rtb.openx.net	2 KB
10	criteo.com 2 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	9 KB
9	adform.net 2 redirects track.adform.net s1.adform.net c1.adform.net	96 KB
9	adtelligent.com 1 redirects player.adtelligent.com ghb.adtelligent.com sync.adtelligent.com	29 KB
8	webpushr.com cdn.webpushr.com bot.webpushr.com analytics.webpushr.com	52 KB
6	google.com 1 redirects adservice.google.com www.google.com	1 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	bidr.io 5 redirects match.prod.bidr.io	3 KB
5	adnxs.com 2 redirects ib.adnxs.com	5 KB
5	googletagservices.com www.googletagservices.com	175 KB
5	cloudflare.com cdnjs.cloudflare.com	210 KB
4	pubmatic.com 4 redirects image2.pubmatic.com image6.pubmatic.com	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	55 KB
4	onetag-sys.com onetag-sys.com	1 KB
3	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	2 KB
3	smartadserver.com rtb-csync.smartadserver.com ssbsync.smartadserver.com	313 B
3	bidswitch.net 3 redirects x.bidswitch.net	2 KB
3	e-planning.net 1 redirects pbjs.e-planning.net	7 KB
3	google.de adservice.google.de	1 KB
2	3lift.com 2 redirects eb2.3lift.com	942 B
2	criteo.net static.criteo.net	54 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com sync.adaptv.advertising.com Failed	943 B
2	m6r.eu 2 redirects tracking.m6r.eu	1 KB
2	volvelle.tech 2 redirects a.volvelle.tech	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	googleapis.com fonts.googleapis.com	2 KB
2	lijit.com ap.lijit.com	1 KB
2	creativecdn.com prebid-eu.creativecdn.com	342 B
2	a-mo.net prebid.a-mo.net	515 B
2	33across.com ssc.33across.com	449 B
2	google-analytics.com www.google-analytics.com	20 KB
2	adtcdn.com player.adtcdn.com	96 KB
1	o2online.de portal.o2online.de	607 B
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	582 B
1	1rx.io 1 redirects sync.1rx.io	697 B
1	sitescout.com pixel-sync.sitescout.com	191 B
1	id5-sync.com id5-sync.com	527 B
1	travelaudience.com 1 redirects ads.travelaudience.com	524 B
1	adsrvr.org match.adsrvr.org	265 B
1	quantserve.com 1 redirects pixel.quantserve.com	498 B
1	mathtag.com 1 redirects sync.mathtag.com	611 B
1	contextweb.com 1 redirects bh.contextweb.com	497 B
1	hybrid.ai dm.hybrid.ai	238 B
1	trafmag.com t.trafmag.com	232 B
1	loopme.me 1 redirects csync.loopme.me	208 B
1	googleadservices.com partner.googleadservices.com	437 B
1	adipolo.com adipolo.com	8 KB
1	ergadx.com cdn.ergadx.com
1	greeter.me jscdn.greeter.me	8 KB
1	oneall.com misr5.api.oneall.com	12 KB
211	55

	Domain	Requested by
21	tpc.googlesyndication.com	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net
20	misr5.com	1 redirects misr5.com
19	pagead2.googlesyndication.com	misr5.com pagead2.googlesyndication.com googleads.g.doubleclick.net cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com s0.2mdn.net
17	cm.g.doubleclick.net	5 redirects us-u.openx.net cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com misr5.com googleads.g.doubleclick.net
11	s0.2mdn.net	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com misr5.com s0.2mdn.net
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net misr5.com cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
9	securepubads.g.doubleclick.net	misr5.com securepubads.g.doubleclick.net cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	match.prod.bidr.io	5 redirects
5	us-u.openx.net	1 redirects cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com us-u.openx.net
5	ib.adnxs.com	2 redirects player.adtcdn.com googleads.g.doubleclick.net
5	ghb.adtelligent.com	player.adtelligent.com
5	www.googletagservices.com	jscdn.greeter.me cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com googleads.g.doubleclick.net
5	cdnjs.cloudflare.com	misr5.com cdnjs.cloudflare.com
4	gum.criteo.com	2 redirects static.criteo.net
4	eu-u.openx.net	us-u.openx.net
4	track.adform.net	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com s1.adform.net
4	onetag-sys.com	player.adtcdn.com
4	analytics.webpushr.com	cdn.webpushr.com
4	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	mug.criteo.com
3	image6.pubmatic.com	3 redirects
3	x.bidswitch.net	3 redirects
3	s1.adform.net	track.adform.net s1.adform.net cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
3	www.google.com	1 redirects cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com tpc.googlesyndication.com
3	pbjs.e-planning.net	1 redirects misr5.com player.adtcdn.com
3	bidder.criteo.com	player.adtcdn.com static.criteo.net
3	adservice.google.com	securepubads.g.doubleclick.net
3	adservice.google.de	securepubads.g.doubleclick.net
3	cdn.webpushr.com	misr5.com
2	eb2.3lift.com	2 redirects
2	googleads4.g.doubleclick.net	misr5.com
2	static.criteo.net	player.adtcdn.com static.criteo.net
2	ups.analytics.yahoo.com	2 redirects
2	pixel.advertising.com	2 redirects
2	ssbsync.smartadserver.com	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
2	tracking.m6r.eu	2 redirects
2	a.tribalfusion.com	1 redirects cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	a.volvelle.tech	2 redirects
2	pm.w55c.net	2 redirects
2	fonts.gstatic.com	fonts.googleapis.com
2	fonts.googleapis.com	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com googleads.g.doubleclick.net
2	sync.adtelligent.com	1 redirects player.adtelligent.com
2	ap.lijit.com	player.adtcdn.com
2	prebid-eu.creativecdn.com	player.adtcdn.com
2	prebid.a-mo.net	player.adtcdn.com
2	ssc.33across.com	player.adtcdn.com
2	player.adtelligent.com	player.adtcdn.com
2	www.google-analytics.com	misr5.com www.google-analytics.com
2	player.adtcdn.com	misr5.com
1	portal.o2online.de
1	sync.targeting.unrulymedia.com	1 redirects
1	sync.1rx.io	1 redirects
1	pixel-sync.sitescout.com	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
1	id5-sync.com	player.adtcdn.com
1	csi.gstatic.com	securepubads.g.doubleclick.net
1	rtb.openx.net	1 redirects
1	ads.travelaudience.com	1 redirects
1	s.tribalfusion.com	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
1	match.adsrvr.org	us-u.openx.net
1	pixel.quantserve.com	1 redirects
1	sync.mathtag.com	1 redirects
1	rtb-csync.smartadserver.com	us-u.openx.net
1	bh.contextweb.com	1 redirects
1	image2.pubmatic.com	1 redirects
1	www.gstatic.com	googleads.g.doubleclick.net
1	dm.hybrid.ai	misr5.com
1	t.trafmag.com	misr5.com
1	csync.loopme.me	1 redirects
1	bot.webpushr.com	cdn.webpushr.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	adipolo.com	misr5.com
1	cdn.ergadx.com	misr5.com
1	jscdn.greeter.me	misr5.com
1	misr5.api.oneall.com	misr5.com
0	sync.adaptv.advertising.com Failed	cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
211	77

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.youtube.com
goo.gl
news.google.com
www.arb4host.net
www.webpushr.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-08-11` - `2022-08-10`	a year	crt.sh
*.api.oneall.com Sectigo RSA Domain Validation Secure Server CA	`2021-07-30` - `2022-07-31`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
greeter.me R3	`2021-10-23` - `2022-01-21`	3 months	crt.sh
*.webpushr.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-17` - `2022-05-17`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.adtelligent.com Sectigo RSA Domain Validation Secure Server CA	`2020-10-28` - `2021-11-27`	a year	crt.sh
ghb.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-09` - `2022-01-07`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
ssc.33across.com GTS CA 1D4	`2021-09-28` - `2021-12-27`	3 months	crt.sh
*.a-mo.net R3	`2021-10-21` - `2022-01-19`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
onetag-sys.com R3	`2021-11-02` - `2022-01-31`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
sync.adtelligent.com ZeroSSL ECC Domain Secure Site CA	`2021-10-01` - `2021-12-30`	3 months	crt.sh
*.hybrid.ai Sectigo RSA Domain Validation Secure Server CA	`2020-07-07` - `2022-10-05`	2 years	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.smartadserver.com DigiCert ECC Secure Server CA	`2020-01-30` - `2022-02-03`	2 years	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-09-09` - `2021-12-07`	3 months	crt.sh
*.e-planning.net R3	`2021-10-22` - `2022-01-20`	3 months	crt.sh
*.id5-sync.com R3	`2021-10-05` - `2022-01-03`	3 months	crt.sh
*.sitescout.com RapidSSL RSA CA 2018	`2020-01-15` - `2022-02-02`	2 years	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://misr5.com/
Frame ID: DDCAB45F8434E44B35FE0F89C1622EA8
Requests: 94 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: 9E5C8F6E47617D1CF133DAF6219B7B2D
Requests: 1 HTTP requests in this frame

Frame: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: B485D51EE43097B10D6423E3CA6F8043
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7642687660908727&output=html&h=280&adk=1900385519&adf=1946058879&w=1200&fwrn=4&fwrnh=100&lmt=1636433864&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmisr5.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433864011&bpp=4&bdt=285&idt=158&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&correlator=3864215699772&frm=20&pv=2&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062945&oid=2&pvsid=1600673754961738&pem=179&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=i9GY061VZp&p=https%3A//misr5.com&dtd=172
Frame ID: 283E64389EB4527DDF2EC0C0A4FFD736
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7642687660908727&output=html&adk=1812271804&adf=3025194257&lmt=1636433864&plat=3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmisr5.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433864203&bpp=1&bdt=477&idt=1&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=3864215699772&frm=20&pv=1&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062945&oid=2&pvsid=1600673754961738&pem=179&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=7
Frame ID: E837A29282FAD40BB3DFC31E1721D461
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d223f20-6346-4870-a6f4-5fe004a321ee
Frame ID: A711B844AC5B81F1271A2E690CE84982
Requests: 1 HTTP requests in this frame

Frame: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: CC1DEE3524A5EF92189836499BB077A2
Requests: 3 HTTP requests in this frame

Frame: https://track.adform.net/adfscript/?bn=46989091;rtbwp=AAABfQMPJrmJW-Vk0K8EasObrFbq3-yejoQMfg-Uez2y1J7kiF4UinQU8AX7MiDGPClvTkg0;rtbdata=ezzlQttZ0zNigdBk8h0p9JV1DKWV4vQHMAU7j3dE1eBtiOW_As9x-2C8Y4Le42ECCuhaRzJINWjyEsEqFQ0OBnvYbE8eYFiMLdGBL_kw8aRpLjeXrgQ4k0XvZrx3ucDl2UfqeldRwlLC05G01NxlsV1Xlrw9rrM6KYn8hTqZDzIHamZb3giogc9EZ6O-fj-dBjLfIH1cKEWX0HEcMWAW6w2
Frame ID: FF5EFD6C9DE1EECB56C477C1D1734207
Requests: 14 HTTP requests in this frame

Frame: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Frame ID: 565A87AEA98FB734D42ECFBA46E0873D
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 4EADC1AD1173CE5CCCCFAD7D2AEA7EDA
Requests: 1 HTTP requests in this frame

Frame: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2AA8DB0EABBFE4E6804B4497EFBC7D28
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: D918BB710195AE9B96D6431D31378246
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BBC1A649A2CB08C9EB86DAA432D2661B
Requests: 9 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=misr5.com
Frame ID: 41D9FDBDC9DCBE3242CC2068E9A51769
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 6B022CED18B16A6F4DF39EF1BDE3AB8F
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 73550079E9734C4FE822BA60FFD4DD1A
Requests: 2 HTTP requests in this frame

Frame: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D77F0924655B118E40F54CC0591BC684
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj8tLyZATAB&v=APEucNUGNCYNmQG-VLBE_Iieht6jBkGEru6SjWqjYNQ7QiSEekS2dItogjrQrCikhdxi-OwlxP9Z_0OPpu2Wu44aY-JgfMKOLWGQlQssUi9zl6lCL8OfSTu8v0BwQ_LfSRKyAOIWtlcwDSJ6iLGppoNB6Ggh70Zcz-I4b2vou1VuJtJsW9EGVm0
Frame ID: 483A50EBDF90BBCC2DEF1293BF6CC7F4
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F37EC4D4FC73D0793DB1D17D0D15127E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 5E6D0B2453490E52219EEBA845498DC9
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
Frame ID: B9BA210A399CC05D57C5BA5C1695D6C8
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 48E8AF8925878F939145C4FD77F9B693
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

مصر فايف | البوابة الأولى للأخبار الإجتماعية في مصر

Page URL History Show full URLs

http://misr5.com/ HTTP 301
https://misr5.com/ Page URL

Page Statistics

211
Requests

88 %
HTTPS

33 %
IPv6

55
Domains

77
Subdomains

55
IPs

11
Countries

3116 kB
Transfer

5874 kB
Size

64
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/misr5.official
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/Misr5official
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/misr5official
Title: YouTube

Search URL Search Domain Scan URL

URL: https://goo.gl/V3Vhtt
Title: Android App

Search URL Search Domain Scan URL

URL: https://news.google.com/publications/CAAqBwgKMMycgAsw25qMAw?hl=ar&gl=EG&ceid=EG:ar
Title: Misr5 on Google

Search URL Search Domain Scan URL

URL: https://www.arb4host.net/
Title: برمجة وتصميم عرب فور هوست

Search URL Search Domain Scan URL

URL: https://www.webpushr.com/
Title: Webpushr

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://misr5.com/ HTTP 301
https://misr5.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://pbjs.e-planning.net/pbjs/1/2e43c/1/misr5.com/ROS?rnd=0.3794463243727695&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmisr5.com%2F&pbv=5.18.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fmisr5.com%2F&e_pubcid=c07521d1-e72f-480a-8e3e-555d5b345df5 HTTP 302
https://pbjs.e-planning.net/hb/1/2e43c/1/misr5.com/ROS?ct=1&r=pbjs&rnd=0.3794463243727695&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmisr5.com%2F&pbv=5.18.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fmisr5.com%2F&e_pubcid=c07521d1-e72f-480a-8e3e-555d5b345df5

Request Chain 63

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D HTTP 307
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d223f20-6346-4870-a6f4-5fe004a321ee

Request Chain 64

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D HTTP 302
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b62316979185d042

Request Chain 95

https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc HTTP 302
https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc

Request Chain 106

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GfDnedep1MKjcB5

Request Chain 107

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=ec043c53-d505-4cf4-8986-4c0f1415fa54 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=ec043c53-d505-4cf4-8986-4c0f1415fa54 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=707ce5b0-508f-4c3f-a370-a6b3070d83fa&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=ec043c53-d505-4cf4-8986-4c0f1415fa54

Request Chain 108

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2324075751115704398

Request Chain 109

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUzkwN0RGQUFBQURlVXUwczZEQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADS907DFAAAADeUu0s6DA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Csas%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADS907DFAAAADeUu0s6DA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADS907DFAAAADeUu0s6DA&pid=558502&do=add HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADS907DFAAAADeUu0s6DA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID

Request Chain 110

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b04c6189-ffc9-4000-aa92-a8112cccf689

Request Chain 111

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Vxu8QwdM50NMErQZUk-pSlYdsB9MSOEeAhojui_r

Request Chain 112

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8270796314496779218

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH8Ekw0w5SXwB9PggELwKxs&google_cver=1

Request Chain 130

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 131

https://a.tribalfusion.com/i.match?p=b6&u=CAESECw5pdy3Tu99hKmGGjOOGvs&google_cver=1&google_push=AYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECw5pdy3Tu99hKmGGjOOGvs&google_cver=1&google_push=AYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 132

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMQSRtRgNODS5gRSVcAPTwU&google_cver=1&google_push=AYg5qPL6xMoCMCvyQgwwd2lI5NRt8aw4QkSaLJHdfjZqQtY0YrfikZIHDzxDehEi1g2ZOdkRCqjXYlFEc27mlK4oo3zwQ16GB4jiSg HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=V2uWAQYST9-cTjccCr0Xjg2&google_push=AYg5qPL6xMoCMCvyQgwwd2lI5NRt8aw4QkSaLJHdfjZqQtY0YrfikZIHDzxDehEi1g2ZOdkRCqjXYlFEc27mlK4oo3zwQ16GB4jiSg

Request Chain 133

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF2Pg6pwtxnjV2WPgMokSPI&google_cver=1&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-spVcbtJfhvT0zSlx9sloADPxj9PQ0M-NC3mM71rD HTTP 302
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF2Pg6pwtxnjV2WPgMokSPI&google_cver=1&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-spVcbtJfhvT0zSlx9sloADPxj9PQ0M-NC3mM71rD&checkcookies=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lOoJQ2v1j6Pkv6l6Sv3Erw&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-spVcbtJfhvT0zSlx9sloADPxj9PQ0M-NC3mM71rD

Request Chain 134

https://rtb.openx.net/sync/dds?google_gid=CAESEELkrywHKU4NgjWeOjbt4Wo&google_cver=1&google_push=AYg5qPKNpjzZljvAzHf1mIQfP4wtXYWpgImBbaSLbr9B3DjEngJctGC69ue82ooxKwvL5VfVft_fM1BXncv-p_Z8ZGWKeZkMtBRX HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNpjzZljvAzHf1mIQfP4wtXYWpgImBbaSLbr9B3DjEngJctGC69ue82ooxKwvL5VfVft_fM1BXncv-p_Z8ZGWKeZkMtBRX&google_hm=Fz1sVGzOjamsQdeWPuPFZA==

Request Chain 135

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKbEI2_Zamnl5U9iO4KLfLA&google_cver=1&google_push=AYg5qPKnT2eddRitcwBQiObB2xh7gtkPfGxsSuPCmquH8XpgpQaPPWlkwOGGq-x6N__84mZuCVNPfcD2LimkvuOLrdfPKlz_5EiBcg HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKbEI2_Zamnl5U9iO4KLfLA&google_cver=1&google_push=AYg5qPKnT2eddRitcwBQiObB2xh7gtkPfGxsSuPCmquH8XpgpQaPPWlkwOGGq-x6N__84mZuCVNPfcD2LimkvuOLrdfPKlz_5EiBcg&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKnT2eddRitcwBQiObB2xh7gtkPfGxsSuPCmquH8XpgpQaPPWlkwOGGq-x6N__84mZuCVNPfcD2LimkvuOLrdfPKlz_5EiBcg

Request Chain 137

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90EjiQs5Y1yXxoh-I_yAZM-TGZG_Bvp9OZg_oohM HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90EjiQs5Y1yXxoh-I_yAZM-TGZG_Bvp9OZg_oohM&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90EjiQs5Y1yXxoh-I_yAZM-TGZG_Bvp9OZg_oohM&apid=UP94371bd5-4119-11ec-9c8c-06f28f52458a HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90EjiQs5Y1yXxoh-I_yAZM-TGZG_Bvp9OZg_oohM&apid=UP94371bd5-4119-11ec-9c8c-06f28f52458a&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDM3MWJkNS00MTE5LTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90EjiQs5Y1yXxoh-I_yAZM-TGZG_Bvp9OZg_oohM

Request Chain 148

https://gum.criteo.com/sid/json?origin=publishertag&domain=misr5.com&sn=ChromeSyncframe&so=0&topUrl=misr5.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=cpWWR3wza2ZiRkJwREN6ZjczYytuZnVlRDV4emhTTzdXdTR1d3JmOERXaURobnZEejJJWVJwblBXb2tCQW1rRGlzeFpMYUJlTHFFVmtoY1o5WTZDTENCaTFNTThtVlljZjNYeXJTWmgxZzFMc1lqOU41eUZJUjJEZ2oxdmYwWk0zTjZWQTVOb2RqeUNwWXpsczhCM2l3NUwwbEFrTi9uSkhYV0UxZ2R3djYyaklHcnM3V3ZtclF4a0RnVjl3RUJBQnlvaFZic2Z3ekdVWktTejh3akQ1aDNXNjF4cmxHMER6cmJ3K2FXRWVWZlRyQXlVdnVaL2g0cVlKMndzZTB3R2xaWUJ5QXI1Nk0zQ051N1BNUm1qM3dkOUFkUT09fA&cppv=2

Request Chain 164

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmisr5.com%2F&domain=misr5.com&cw=1&pbt=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=LZYhjnxlRkpNNDI5TWhFcmQxdFdaaU9sQXhBT0ZHUkwzN2k0TlllN1NMRVM2MW41bFNoVTJETWo0L0N0dmlaWUFJSVEzZ1dGUVM5Nm5tclFVNFdadm1FL1hFQWp6Q0pwREtreGZPcWlvQTdNYmpyV2h1dUt1Wi9meXRRRDRLcjVqUnVrYlloQWRoNDFNQ1dVTVp4UnVjR3RMNGFOSldwYW5UWCtyZFBic0p4aFVIQUlxL3ViV0JROFFNcm9VUjZzTmdreU5JdWQrclgxdVd0WFdScWJVYTI5eUdsQkVUSkJrWnd6OEV1eDNVWWkyYldORWNEd3M2N3hGNGtpL0NweW9IVy8rTTg1SXluVVZYNVFyTnVueXBWVGh6Zz09fA&cppv=2

Request Chain 177

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1&C=1

Request Chain 178

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYn-zGBZJdF09HiZczj-ewAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1

Request Chain 179

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEA0LvtCfm3-Eht6UNUK_R8U&google_cver=1

Request Chain 180

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNDA3NTc1MTExNTcwNDM5OA%3D%3D

Request Chain 193

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEKbEI2_Zamnl5U9iO4KLfLA&google_cver=1&google_push=AYg5qPJ7le-eQ37HWHpWnq2AXYvR3RemrvLpV3M_5mTRY5DkNZdHtqxHy27cgOv8OV93KsJzgRflM8gwF44Nti5UnHzhiza1R8i4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ7le-eQ37HWHpWnq2AXYvR3RemrvLpV3M_5mTRY5DkNZdHtqxHy27cgOv8OV93KsJzgRflM8gwF44Nti5UnHzhiza1R8i4

Request Chain 194

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEMzSVGsSoBlH-LnckujZygw&google_cver=1&google_push=AYg5qPIW0xWun6HS6YUtfwp9nsIXN1qIsWYS-uCqu5-L9NxuG8iVnwo0vZCmihKqO8o8KBxCLsosWlCSjSgigXlXKX2XFrh-2J6H HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-083b000c-2ebd-4065-9b76-3e251ec49537-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIW0xWun6HS6YUtfwp9nsIXN1qIsWYS-uCqu5-L9NxuG8iVnwo0vZCmihKqO8o8KBxCLsosWlCSjSgigXlXKX2XFrh-2J6H%26google_hm%3DAwg7AAwuvUBlm3Y-JR7ElTc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIW0xWun6HS6YUtfwp9nsIXN1qIsWYS-uCqu5-L9NxuG8iVnwo0vZCmihKqO8o8KBxCLsosWlCSjSgigXlXKX2XFrh-2J6H&google_hm=Awg7AAwuvUBlm3Y-JR7ElTc

Request Chain 195

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBZXtUTX0-4dwH-_rzqt32A&google_cver=1&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ruOtCA9VygHXWvOefoOiettpdpgWmDwMnAukqPHS8L HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ruOtCA9VygHXWvOefoOiettpdpgWmDwMnAukqPHS8L&google_gid=CAESEBZXtUTX0-4dwH-_rzqt32A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU1NTI4MDQ4ODYzOTg2MTkxMg%3D%3D&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ruOtCA9VygHXWvOefoOiettpdpgWmDwMnAukqPHS8L

211 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
misr5.com/
Redirect Chain

http://misr5.com/
https://misr5.com/

57 KB
11 KB

176ms
134ms

Document
text/html

2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.2.34
Resource Hash: e66306564a262c0c1c57f576c6578eca19da2ef3a1da9e63680fcf62b1593bf7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding Accept-Encoding, Cookie
x-powered-by: PHP/7.2.34
cache-control: max-age=3, must-revalidate
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hdLlSmdNf5LyHKdJknKxWDFvL0AUTc5qSnf%2BLZJlImvaKAmQuqBigkF7QUW%2BCla41K6M%2BdC02g1A2MhaAbeWQJBq8sz0Ts2JcQtdKVkqEUSYCIQSEd0d4bC9MM8lMrCiOGPJhoTxpiY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6ab4763f8aa33761-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

Redirect headers

Date: Tue, 09 Nov 2021 04:57:43 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Tue, 09 Nov 2021 05:57:43 GMT
Location: https://misr5.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1Jf4UvMnV%2B0nARAcb7ri6GPrBhDCYD4FuiU8smL0oUrjTavYhoyEvWEXH%2FmU77M%2F3KQXguIzCgklVp3bZ2uToHRFd6SxC4BOxQ4lyQQ3QVFa1UqSItOoZ932J2rI9eEO%2BPqZbc8MbKk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ab4763f1e304e43-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 style-rtl.min.css
misr5.com/wp-includes/css/dist/block-library/ 79 KB
11 KB 43ms
41ms Stylesheet
text/css 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.8.1
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd26232315c5199c77306e32e6d400ff94626317cf370d19595d9153cbbf0b5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 129979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 12 Sep 2021 16:46:08 GMT
server: cloudflare
etag: W/"613e2ed0-13a1c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUXaDlUfzqjIE1UGgGSCi2SZLri8pq8QTUm5tWpr%2FfjYZcleQzJ2cO0qM6quUpMJWWZoxDVw3cZblU3pqM90XqAowuStOYGu%2BAWfn1ziihMOGsw%2BYNZ3bwWdcS6SjoyKcsqhxvVcx%2BI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6ab476407b5f3761-MXP
expires: Sun, 21 Nov 2021 16:51:24 GMT

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/ 58 KB
11 KB 60ms
24ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 299134
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 10491
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-e7d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BHbQZwDCO%2F1nCm2V8OrpozHsHlHeQHKokUthyK6llXtxv63IKSf0l3oGAul6cyzEnBx2vwN8gl7%2FdI8fvT0QTx9KrTHr5yXnFyHxlF7sronKNWL6AS8qNNtqXsdTae9ToLn8ysDtg8Zn1Mz7dJet5TAB"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab47640bc6f59f5-MXP
expires: Sun, 30 Oct 2022 04:57:43 GMT

GET
H2 200 bootstrap.rtl.min.css
misr5.com/wp-content/themes/boxnews/assets/css/ 150 KB
24 KB 44ms
43ms Stylesheet
text/css 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-content/themes/boxnews/assets/css/bootstrap.rtl.min.css
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 181497
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Feb 2021 18:41:11 GMT
server: cloudflare
etag: W/"602d6347-25680"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sZgWvtZ4cIg4KWrg74qm8kGoyJp2tXUJTTH03jMYX7JUTC5x2MzvH6eKzLQ5%2BtYV8JjR9NJTikkk7Eq2KSL3025mKVeTByFzJr1oDdDSCAn1zgxduYj80S9CPOK1hTnxM1VryxgESJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6ab476407b603761-MXP
expires: Sun, 21 Nov 2021 02:32:46 GMT

GET
H2 200 style.css
misr5.com/wp-content/themes/boxnews/ 31 KB
7 KB 29ms
28ms Stylesheet
text/css 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-content/themes/boxnews/style.css?ver=26.00
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfe350c0f72aeed783d9eeff37ca9b36391334324ef62397b6e1bebaf324e530

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1069597
cf-polished: origSize=39033
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Feb 2021 18:41:11 GMT
server: cloudflare
etag: W/"602d6347-9879"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lXBb24VmbMuoNtGwcahlyM4knZ1n6tFNuJop152D48yeNYtUmwN6cjWzPTV35fZxxIgXUbtb5eiCTMJ3%2FUlqfUqk2lFvXVuy%2FpgNiR6QfXunlLtTVtpjLxbgh2GFB2BwKGtLCnZDhhk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6ab476407b613761-MXP
expires: Wed, 10 Nov 2021 19:51:06 GMT

GET
H2 200 style.css
misr5.com/wp-content/themes/2021/ 2 KB
1 KB 49ms
48ms Stylesheet
text/css 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-content/themes/2021/style.css?ver=30
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a83e5458e6894da79a1cab8b6c2eb06ffe10ab509f3c27918a47da2f7baf023

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1075642
cf-polished: origSize=2952
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Fri, 05 Feb 2021 16:39:36 GMT
server: cloudflare
etag: W/"601d74c8-b88"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DwxHSyeURqmNVv275rbQuxILYOIJEK39CNfwX%2FDnZY3bW5aSN75gCvFPiGVtqat4FJ%2F7GkXse0DUQZ3n4rBgsb3ApCYQaB8JcZOVBd3eMei0%2FnbrjoYGvmxIJ9ovRKOqpcPKxzcHTf4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=1209600
cf-ray: 6ab476407b623761-MXP
expires: Wed, 10 Nov 2021 18:10:21 GMT

GET
H/1.1 200
OK library.js Show response
misr5.api.oneall.com/socialize/ 45 KB
12 KB 75ms
16ms Script
text/javascript 136.243.63.184
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.api.oneall.com/socialize/library.js
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 136.243.63.184 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: xip08.oneall.com
Software: nginx /
Resource Hash: cae3500732f44a638f023a7c62c3934f13c4941fba577f49bccc4279126a2b2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: private
Date: Tue, 09 Nov 2021 04:57:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 19 Mar 2014 02:51:18 GMT
Server: nginx
X-Forwarded-Target: xquebec.oneall.com
Vary: Accept-Encoding
P3P: CP="IDC DSP COR CURa ADMa OUR IND PHY ONL COM STA"
Cache-Control: max-age=14400, private
Connection: keep-alive
Content-Type: text/javascript; charset=UTF-8
Content-Length: 12313
X-Cached: HIT
Expires: Tue, 09 Nov 2021 08:57:23 GMT

GET
H2 200 sky.woff2
misr5.com/wp-content/themes/boxnews/assets/fonts/ 51 KB
51 KB 24ms
23ms Font
application/octet-stream 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-content/themes/boxnews/assets/fonts/sky.woff2
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7efdd2612920d064605be3b32776d981e98177b5b141882fac89bacbafd36fc0

Request headers

Referer: https://misr5.com/
Origin: https://misr5.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 3654
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 52256
last-modified: Wed, 17 Feb 2021 18:41:11 GMT
server: cloudflare
etag: "602d6347-cc20"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kxgqGXk5DXKzVDGM77sq2ZFiEZ2Ua9a%2BIRFtYmtpY%2F3Fu%2FpOPcdWwOaYJPY%2FqeCA5wic80npH9%2Fn%2BFjBVluuCNjqfcaTW37Rrd5Fsi9j4IBgD88BKUubjefWDSGVMPn9OQY0MsixC3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=7200
accept-ranges: bytes
cf-ray: 6ab476407b633761-MXP

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 53ms
21ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 292 of 1000 / last-modified: 1636412772"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27060
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 04:57:43 GMT

GET
H/1.1 200
OK misr5dynamic.js Show response
jscdn.greeter.me/ 8 KB
8 KB 122ms
41ms Script
text/javascript 205.185.216.42
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL

https://jscdn.greeter.me/misr5dynamic.js

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

205.185.216.42 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

map2.hwcdn.net

Software

Resource Hash

7d6253e189e86a0bea5788ee2fe5c8885bc1a4f7010181a226d7884f81730b69

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 04:57:43 GMT
Connection: Keep-Alive
Last-Modified: Thu, 07 Oct 2021 10:14:41 GMT
x-amz-request-id: tx00000000000003fbe2776-006189fea1-25a456e3-fra1b
etag: "c1504cfee04b4893cda855bc8c650d33"
Vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin
X-HW: 1636433863.dop234.fr8.t,1636433863.cds228.fr8.shn,1636433863.dop234.fr8.t,1636433863.cds135.fr8.c
Content-Type: text/javascript
Cache-Control: max-age=3306
x-rgw-object-type: Normal
strict-transport-security: max-age=15552000; includeSubDomains; preload
Accept-Ranges: bytes
Content-Length: 7962

GET
H3 200 logo23.png
misr5.com/wp-content/uploads/2020/07/ 32 KB
33 KB 39ms
38ms Image
image/png 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2020/07/logo23.png
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8aadfd043de5da473809b9bde68049c3baf335eaa7f983d957cacec9610ffaf0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 360919
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 32655
last-modified: Thu, 09 Jul 2020 01:31:05 GMT
server: cloudflare
etag: "5f067359-7f8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SIJ0olV7DRQiOBAY0YFQAtekAi0HLqQwOS4zj5%2FWNwMz4fRdEIWdxmdZsnAy4owwg8WOWd6GkgSLFo2WwbQI1PU3Ci2Hf7Jvdvm%2FacwOLKqBdbSdEylIqCsmF78yzej8jgcb2Tmvevk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab47640f8915a13-MXP
expires: Fri, 19 Nov 2021 00:42:24 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 165 KB
58 KB 113ms
72ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e92db9b06fde4ce82c7c09c03a09a9a6040efd03520a8074bd67e6b1c6ad6a25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59247
x-xss-protection: 0
server: cafe
etag: 17969381473957676904
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Nov 2021 04:57:43 GMT

GET
H3 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/ 87 KB
28 KB 58ms
30ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3488241
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27958
timing-allow-origin: *
last-modified: Mon, 04 May 2020 23:01:39 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb09ed3-15d84"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GpMIuthPm%2BnbjfmzsQ535FKt%2FyTVPZXwcqjeokYrtqOmHmRzrBbuUZH5YqYzslrN28bfhWdWRDPVKPfupNda%2BI8CBerlpYSPF6qJbZRrmeXZnfZo4N%2FJoaddSbATM7JkWrdalSJt4NgtBZyEwbCCOlW0"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab476410aa5375b-MXP
expires: Sun, 30 Oct 2022 04:57:43 GMT

GET
H3 200 style.js Show response
misr5.com/wp-content/themes/boxnews/assets/js/ 7 KB
2 KB 25ms
25ms Script
application/javascript 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-content/themes/boxnews/assets/js/style.js?ver=26.00
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21d54eefe9a7097b394ee6c4675a5686f64394858f1ff836c6a8edd00f3da2fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1069501
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Feb 2021 18:41:11 GMT
server: cloudflare
etag: W/"602d6347-1c96"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ct6bTo9zqbl4S3YDiZKoGoI2ZxbG%2FGhjyyYnbIopwfmeaLICskzpv5dVOYzrp1O%2BX8LhL%2FilwBI2FtomqYtJPwgmx3YopOojRn6vmWuTUmuplgNXJLWt6C8eQWH4YvJDcyquET1xldM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6ab47640f8825a13-MXP
expires: Wed, 10 Nov 2021 19:52:42 GMT

GET
H3 200 infinite-scroll.pkgd.min.js Show response
misr5.com/wp-content/themes/boxnews/assets/js/ 22 KB
7 KB 24ms
24ms Script
application/javascript 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-content/themes/boxnews/assets/js/infinite-scroll.pkgd.min.js?ver=26.00
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c9e9d369b235905c32e3ae399f4499cc30e60a1180be631d548ca2f98099ac1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1070410
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Wed, 17 Feb 2021 18:41:11 GMT
server: cloudflare
etag: W/"602d6347-580b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N42JDmaomLnxwYw2Dz4ZiOwiNJIN1NhRcDQVODtLh4Z%2B0bApv%2BIDW%2BuWDVNTjrV8XCJLM4yY8Z%2FUXTTz1%2BquJJOj53jCgb64EdSZBEJss3M1f3e%2BKicbd2yjTEXX1cJ4aNRb3MEHH1A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6ab47640f8885a13-MXP
expires: Wed, 10 Nov 2021 19:37:33 GMT

GET
H3 200 wp-embed.min.js Show response
misr5.com/wp-includes/js/ 1 KB
1 KB 23ms
22ms Script
application/javascript 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-includes/js/wp-embed.min.js?ver=5.8.1
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130191
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sat, 31 Jul 2021 22:34:11 GMT
server: cloudflare
etag: W/"6105cfe3-592"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CeGfyNnpgcjbhkwh9fNLKeF%2BvhlbcJiALIzv6JJhvwyl51YWF8xL5ePoJlw9R4hEkab6VF1YC%2FEIYduzrlrX38CK0lH95cQRbWg6GBh5C%2FfrL5yGEhy1ZFle9Xze%2F4RGM61wrH4J3m0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6ab47640f88b5a13-MXP
expires: Sun, 21 Nov 2021 16:47:52 GMT

GET
H2 404 ads.js
cdn.ergadx.com/js/1636/ 0
0 360ms
298ms Script
text/html 2606:4700:3036::6815:2cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ergadx.com/js/1636/ads.js
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2cb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 wp-emoji-release.min.js Show response
misr5.com/wp-includes/js/ 18 KB
5 KB 40ms
39ms Script
application/javascript 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://misr5.com/wp-includes/js/wp-emoji-release.min.js?ver=5.8.1
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 130185
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Sun, 12 Sep 2021 16:46:08 GMT
server: cloudflare
etag: W/"613e2ed0-4705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jezvVDNtockQ0%2FewQBKZo3T6gLfI5uf1V1rInvZC4L299B8%2F11d%2FR3VKuCkZUk10W0yMsCVQMducAh4iej9wE0nOf%2FCOAsAb41zMNLJC8SxUpuVX8OpjTFOJNyRj84r8Rk4UIHvQzLs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=1209600
cf-ray: 6ab47640f8935a13-MXP
expires: Sun, 21 Nov 2021 16:47:58 GMT

GET
H2 200 hb_323303_12551.js Show response
player.adtcdn.com/prebidlink/454564/ 319 KB
95 KB 91ms
60ms Script
application/javascript 2606:4700:3032::ac43:c67b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d0db10cc75124ba4c699714a218728f272dc2d1881439fe1903fafbcf8fe2d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 660
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 02 Nov 2021 11:33:33 GMT
server: cloudflare
etag: W/"6181220d-4fa3f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SXRa8ETJ7O4n%2BwC8XU00z0QWmXDhimlU1R0NkCTMaKMpO9BcfFID0USdYVsQZJGHKc9z4hDBp8%2Bxtj3lS99fkb52IrgQLJtnKVWyhOCjBp%2ByOsXnHLqaTnt6IDHmMOZkYM3xj95qhLMSoHYtiNs2AA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6ab476413c274a62-FRA
expires: Tue, 09 Nov 2021 05:01:43 GMT

GET
H2 200 wrapper_hb_323303_12551.js Show response
player.adtcdn.com/prebidlink/454564/ 958 B
1 KB 58ms
27ms Script
application/javascript 2606:4700:3032::ac43:c67b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtcdn.com/prebidlink/454564/wrapper_hb_323303_12551.js
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:c67b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1aa60c13e5f19ae4b56339a48cbb2119ad913ddc17499098322d8bdf47f7e850

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 660
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Mon, 08 Nov 2021 09:52:10 GMT
server: cloudflare
etag: W/"6188f34a-3be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ryyqin1QStVkpJzraJtw3%2B8MT%2Bqq6SCwFgoPMtKAE0dkJE57bpSWwEYTnCi85IQVmXeDfXm%2FEQ%2BrfjYnaSaldkTJTTpsEpB3cM%2FDlQyV88DQ%2Fq3Ie0C6OMGG1qIb4BPhiyjXWa2poEZI5cSayhM0mQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=345600
cf-ray: 6ab476413c294a62-FRA
expires: Tue, 09 Nov 2021 05:01:43 GMT

GET
H3 200 fa-solid-900.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 78 KB
79 KB 64ms
39ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-solid-900.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://misr5.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 298240
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 80300
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-139ac"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2wye2SF9kEBO5tD3sj18hRirN0vapJS5UpXe1Upxkn%2BGlG3jd%2BWYgWS%2BTU7kHyWUfZHvlb7Pn2X5ovmpjvUTOkIQ4AmUe3QtegtZI4fNikBgnIm%2Bafsw3KfC6Ubw6GPolsdwkf4whtYtstqFJYTYSs5h"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab476413b1f3760-MXP
expires: Sun, 30 Oct 2022 04:57:43 GMT

GET
H3 200 fa-regular-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 13 KB
14 KB 184ms
159ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-regular-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://misr5.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 453479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 13548
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-34ec"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kcvm9h0BlRmsLXWiYVB8jhxkKxtjjrKYYnJ81LtgPk4kpUf6z1Mu8JJ6r04VsBY%2Fro9rosAK6VL%2Ft%2FuzhcHU8DXGh94w11zv2IQdwpCVAbv%2FTzyZdH9UviB0NyWRsj2GRmkHThcTz%2Bb4CEOIBHR42eB%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab476413b213760-MXP
expires: Sun, 30 Oct 2022 04:57:43 GMT

GET
H3 200 fa-brands-400.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/ 77 KB
77 KB 212ms
188ms Font
application/octet-stream 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/webfonts/fa-brands-400.woff2

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.1/css/all.min.css
Origin: https://misr5.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 193804
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 78460
timing-allow-origin: *
last-modified: Mon, 05 Oct 2020 17:43:59 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f7b5b5f-1327c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cTLPiFw8s%2BlYtZsvxU72nMwKpCxzEtZv03tIfkXRhDBhPW%2FYn7iRdc%2BgpVzdZ2H2BvTwdTwILklcmuV%2B649%2FmFnk3ASjDOKCMujaGQXhDSdStkmzN%2FnQ%2F99FPAIg%2F5zaj4%2Bp23AaD95bczhmM5hptOT3"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6ab476413b233760-MXP
expires: Sun, 30 Oct 2022 04:57:43 GMT

GET
H3 200 %D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-2-360x360.jpg
misr5.com/wp-content/uploads/2021/11/ 25 KB
26 KB 31ms
31ms Image
image/jpeg 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2021/11/%D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-2-360x360.jpg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82d1783fd2ad15979a24c65dcc50b98b6dcadb2cf99024a606630f388c65b17c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4047
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 25742
last-modified: Mon, 08 Nov 2021 18:45:11 GMT
server: cloudflare
etag: "61897037-648e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=On%2BusTdzUQW5VPho5AnClZ8lYC%2B7AVSM39nD8KcuVsbG6dhP9TO5rFrS8gQgSLCB6s5RN9YKm1eze0eFalfZVXIBC255Y%2BVMXWcFPLS%2BUDDFpYpqnygQ%2BkJF5NATeR%2Bf36ykwlujw2Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128d35a13-MXP
expires: Tue, 23 Nov 2021 03:50:16 GMT

GET
H3 200 %D8%B4-360x360.jpg
misr5.com/wp-content/uploads/2021/11/ 22 KB
22 KB 87ms
87ms Image
image/jpeg 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2021/11/%D8%B4-360x360.jpg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c8a662a43465f14fa063bca359386b459f1408791e30f1b82f279f9166355983

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1869
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22163
last-modified: Sun, 07 Nov 2021 22:27:28 GMT
server: cloudflare
etag: "618852d0-5693"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4HWfsE5PJ58q9lpa%2FgTm2xakqZN0BU63rLMLsw6DH%2BtvmCIcD5B1K1bWF836hSvDPFxadwcD0rVN768UE1smPM76tfA8U53MYsdBLkyee4oD%2FqW6C5fzS5lZjSzho6gq%2FNH9i%2Fzbtmg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128d55a13-MXP
expires: Tue, 23 Nov 2021 04:26:34 GMT

GET
H3 200 %D8%A3%D9%82%D9%88%D9%89-%D8%B9%D8%B1%D9%88%D8%B6-%D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-360x360.jpg
misr5.com/wp-content/uploads/2021/11/ 17 KB
18 KB 80ms
80ms Image
image/jpeg 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2021/11/%D8%A3%D9%82%D9%88%D9%89-%D8%B9%D8%B1%D9%88%D8%B6-%D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-360x360.jpg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d6a18190ae5c42b4b92209a0e806dd33bbe716c3b8cb10d5cb1458e8a7435053

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1869
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17889
last-modified: Thu, 04 Nov 2021 14:14:47 GMT
server: cloudflare
etag: "6183ead7-45e1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0qLuRVu6wFOpJXiBGT6Zx0280gnEtydhC2QXm69tc430hxmpiTLk9%2FX5YS5AdrDJTPOkoF5ueZhiq%2ByGxa4uZ%2FadjvcAUqBTKCzLjpUQJkgaeLEzTiTUxs16yl%2F7fuKuY5psYeM92Qk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128d65a13-MXP
expires: Tue, 23 Nov 2021 04:26:34 GMT

GET
H3 200 %D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-1-360x360.jpg
misr5.com/wp-content/uploads/2021/11/ 34 KB
35 KB 34ms
33ms Image
image/jpeg 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2021/11/%D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-1-360x360.jpg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c39f6c877fceda06f7c689417db8901debc08e9688c75eeeda560134fb3268f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1869
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 34736
last-modified: Sat, 06 Nov 2021 12:45:05 GMT
server: cloudflare
etag: "618678d1-87b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QdjDOoJIR171W%2B1UFTkqYS%2BGQl%2BAy5fZPT9PFuo4YJzmZ4ca0nMLfmrhppQFWXZIdb%2B76e8qNrsdwqFs0Gj1EnOUQSn63g51STr7HvO%2FHCIjZxhftgUBdEHZTKScvzg%2F1E1HFdPK5WA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128d75a13-MXP
expires: Tue, 23 Nov 2021 04:26:34 GMT

GET
H3 200 %D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A7%D9%84%D8%AD%D9%83%D9%88%D9%85%D8%A9-%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A%D8%A9-2020-4-360x360.png
misr5.com/wp-content/uploads/2020/04/ 112 KB
113 KB 122ms
121ms Image
image/png 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2020/04/%D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A7%D9%84%D8%AD%D9%83%D9%88%D9%85%D8%A9-%D8%A7%D9%84%D9%85%D8%B5%D8%B1%D9%8A%D8%A9-2020-4-360x360.png
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 520b48b4e403f11c27270cb88d6b8b3d4a80fffaeec4228e556a14c6ea12a252

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 319451
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 115024
last-modified: Mon, 20 Apr 2020 15:24:10 GMT
server: cloudflare
etag: "5e9dbe9a-1c150"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jLc7mWigkBMhggVuohSf91n7LsaygZDnf8omfMOJFmM0YnQwlQhobR2ZlMXybwg6zBDiqN%2BWGnfio1ogVq%2BT4TX0uE9pJVCpmBpmGjFS%2FoS4wR7tMWSDMa4bqACqP%2FvnxIgj6bLPO1c%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128da5a13-MXP
expires: Fri, 19 Nov 2021 12:13:32 GMT

GET
H3 200 %D8%B9%D8%B1%D9%88%D8%B6-%D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-%D9%85%D8%B5%D8%B1-2021-6-360x360.jpg
misr5.com/wp-content/uploads/2021/10/ 30 KB
30 KB 322ms
322ms Image
image/jpeg 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2021/10/%D8%B9%D8%B1%D9%88%D8%B6-%D9%83%D8%A7%D8%B1%D9%81%D9%88%D8%B1-%D9%85%D8%B5%D8%B1-2021-6-360x360.jpg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d9d9e3566e9ef77ca43a9e814c0f0182cdf11351d34f1d84c65357a4e05e6ce8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 30469
last-modified: Mon, 01 Nov 2021 06:49:17 GMT
server: cloudflare
etag: "617f8ded-7705"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3UPPXRVQyMXhvyaWct0h8rubFmQNFumprRmfQjxH%2F5bOeknOZVxcKGL4qDY1j8KRsuZ75t0BRI7Gwm5w8HehajOBiy36pPMbeNXL5TZWT1YLrHrelz%2B2VZr0xhDuNlsiIzIH5bODUV0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128db5a13-MXP
expires: Tue, 23 Nov 2021 04:57:44 GMT

GET
H3 200 %D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A7%D9%84%D8%B5%D8%AD%D9%81-%D8%A7%D9%84%D8%A7%D9%85%D8%A7%D8%B1%D8%A7%D8%AA%D9%8A%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-360x360.jpg
misr5.com/wp-content/uploads/2019/09/ 17 KB
18 KB 290ms
290ms Image
image/jpeg 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2019/09/%D9%88%D8%B8%D8%A7%D8%A6%D9%81-%D8%A7%D9%84%D8%B5%D8%AD%D9%81-%D8%A7%D9%84%D8%A7%D9%85%D8%A7%D8%B1%D8%A7%D8%AA%D9%8A%D8%A9-%D8%A7%D9%84%D9%8A%D9%88%D9%85-360x360.jpg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55edf7a5665a184b34bc8ed7150de98892a2d5d0d560e3df434c1464047f8fc7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 17318
last-modified: Sat, 09 May 2020 12:21:32 GMT
server: cloudflare
etag: "5eb6a04c-43a6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rolq17Ee0uVNmtKJDyE83Vqjkx4NHymYQnwTp3ORB5JKud1Yd%2BRVRe4sWI9PHegnHGHy%2Bd9fISmjLWyf5M0VnA6WPIDmXg4lOCaWkzokr5kTvgL1r%2FcEmfk751kiyLAT6baFpu2lLJc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128dd5a13-MXP
expires: Tue, 23 Nov 2021 04:57:44 GMT

GET
H3 200 unnamed-file-1-360x360.jpg
misr5.com/wp-content/uploads/2021/04/ 27 KB
27 KB 183ms
182ms Image
image/jpeg 2606:4700:3036::ac43:9b24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://misr5.com/wp-content/uploads/2021/04/unnamed-file-1-360x360.jpg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::ac43:9b24 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35907ea305da941b3960383690b95e8afcede1725f3b495706e2a0e19210ee4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 715574
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 27279
last-modified: Fri, 16 Apr 2021 23:18:39 GMT
server: cloudflare
etag: "607a1b4f-6a8f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sbDEuTDrA3azT47JFXIktdAJjAKLZCfdXyzPL6nNxAog01lfCe6%2FvKsBAM3DfgEoWTGdiKNzWdv5mYpEPo2RVolZpx25VN01%2BgTr97RRWR%2Bb383XFtty3Uj2LzVF2sUIKMuKahHStN8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=1209600
accept-ranges: bytes
cf-ray: 6ab4764128de5a13-MXP
expires: Sun, 14 Nov 2021 22:11:29 GMT

GET
H2 200 app.min.js Show response
cdn.webpushr.com/ 39 KB
12 KB 118ms
22ms Script
application/javascript 167.172.183.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.webpushr.com/app.min.js
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.183.24 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 043136bfa4e20d65a72219479759be169b64d7384bb089cf0479442156adcddc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 21:24:29 GMT
server: nginx/1.16.1
etag: W/"607f468d-9aca"
vary: Accept-Encoding, Accept-Encoding
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: application/javascript
x-gg-cache-status: HIT, HIT
cache-control: max-age=86400
expires: Wed, 10 Nov 2021 04:57:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 101ms
19ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3397
date: Tue, 09 Nov 2021 04:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Nov 2021 06:01:06 GMT

GET
H2 200 wrapper_hb_323303_12551.es6.js Show response
player.adtelligent.com/prebidlink/454564/ 68 KB
23 KB 142ms
22ms Script
application/javascript 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/prebidlink/454564/wrapper_hb_323303_12551.es6.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/wrapper_hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 06e92c0485bd62b546482942cdd9bb9c8956c63251f3c7d9e5a5a1b5905a929c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Mon, 08 Nov 2021 09:52:10 GMT
server: nginx/1.18.0
etag: W/"6188f34a-11175"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
expires: Tue, 09 Nov 2021 05:57:44 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 74ms
30ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 04:57:43 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 4 KB
1009 B 74ms
30ms XHR
application/json 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=misr5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

beaf29de8df6f6581d164c1626caa1380010d05d7740668a57ee0c5b8d676a84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 984
x-xss-protection: 0
expires: Tue, 09 Nov 2021 04:57:43 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 88ms
33ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: jscdn.greeter.me
URL: https://jscdn.greeter.me/misr5dynamic.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1038 / 959 of 1000 / last-modified: 1636412720"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27059
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H2 200 adipolo_logo.png
adipolo.com/wp-content/uploads/2020/06/ 7 KB
8 KB 125ms
24ms Image
image/png 2606:4700:3033::6815:2de
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adipolo.com/wp-content/uploads/2020/06/adipolo_logo.png
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:2de , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1476
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7068
last-modified: Tue, 02 Jun 2020 09:04:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cYuKF5v0idnekpcfsvKz%2FBz7oCsFgkbBiqrovXEjJjlRIATH0Z6ZLssTSj1A1vPlKB7rmIyu1YCwYqS%2BzOXe6PQYl2OU0UsRybZfOAQoJ3v9WY%2BHA72NDfC4d9%2FgdpcYlq3ynto7KNe1Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=14400
accept-ranges: bytes
cf-ray: 6ab476426d49374c-MXP

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/ 267 KB
96 KB 64ms
31ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=pub-7642687660908727&plah=misr5.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 97992
x-xss-protection: 0
server: cafe
etag: 6769920751861283988
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame 9E5C 11 KB
5 KB 60ms
14ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:38:54 GMT
expires: Mon, 22 Nov 2021 18:38:54 GMT
content-type: text/html; charset=UTF-8
etag: 2948287274155451234
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4905
x-xss-protection: 0
age: 37130
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 52ms
35ms XHR
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1709241&t=pageview&_s=1&dl=https%3A%2F%2Fmisr5.com%2F&ul=en-us&de=UTF-8&dt=%D9%85%D8%B5%D8%B1%20%D9%81%D8%A7%D9%8A%D9%81%20%7C%20%D8%A7%D9%84%D8%A8%D9%88%D8%A7%D8%A8%D8%A9%20%D8%A7%D9%84%D8%A3%D9%88%D9%84%D9%89%20%D9%84%D9%84%D8%A3%D8%AE%D8%A8%D8%A7%D8%B1%20%D8%A7%D9%84%D8%A5%D8%AC%D8%AA%D9%85%D8%A7%D8%B9%D9%8A%D8%A9%20%D9%81%D9%8A%20%D9%85%D8%B5%D8%B1&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=500095494&gjid=664062635&cid=1103340534.1636433864&tid=UA-1409460-27&_gid=493838119.1636433864&_r=1&_slc=1&z=139848811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://misr5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config.json Show response
player.adtelligent.com/exchange_rates/313490/ 9 KB
4 KB 61ms
8ms XHR
application/json 213.174.135.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://player.adtelligent.com/exchange_rates/313490/config.json?cb=https%3A%2F%2Fmisr5.com%2F
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 213.174.135.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 26fb38ae1284c19e62a01f2f59e2290bb19b71499ac74abf10193d43a20e8349

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 00:03:32 GMT
server: nginx/1.18.0
etag: W/"6189bad4-2250"
content-type: application/json
access-control-allow-origin: https://misr5.com
expires: Tue, 09 Nov 2021 05:57:44 GMT
cache-control: max-age=3600
x-proxy-cache: HIT

GET
H/1.1 200
OK / Show response
ghb.adtelligent.com/geo/ 141 B
386 B 103ms
22ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/geo/
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454564/wrapper_hb_323303_12551.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: d06e8c6ca886c58b3bd5072d6cd86a5151849c4fc7cee63aa560aa19a2a88ee9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://misr5.com
Date: Tue, 09 Nov 2021 04:57:43 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 141
Content-Type: application/json

GET
H/1.1 200
OK tracking Show response
ghb.adtelligent.com/adunit/ 43 B
411 B 103ms
23ms XHR
image/gif 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/tracking?event=11&type=0&client_id=323303&site_id=12551&full_page_url=https%3A%2F%2Fmisr5.com%2F&adid=rmgyos.ur&vpbv=N005&lifecycle_tte=599
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454564/wrapper_hb_323303_12551.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Access-Control-Allow-Origin: https://misr5.com
Date: Tue, 09 Nov 2021 04:57:43 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 52ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=misr5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 44ms
15ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=misr5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 52 KB
15 KB 265ms
264ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1600673754961738&correlator=2539841725691813&output=ldjh&impl=fifs&eid=31063214%2C31063683%2C44752541%2C44754276%2C21068031&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=21939239661%3A22614029701%2Capl%2Cinter&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ists=1&fas=8&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1636433864&dt=1636433864156&dlt=1636433863726&idt=357&frm=20&biw=1600&bih=1200&oid=2&adxs=-9&adys=-9&adks=3610251011&ucis=1&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmisr5.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=true&fws=2&ohw=0&btvi=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

d039b53b744b87eeb0b2bf2cfb9b0400914c1c8c7329196299b7e480a7a84a7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 218385
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15703
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 331303
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://misr5.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B485 6 KB
4 KB 67ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 04:57:44 GMT
expires: Wed, 09 Nov 2022 04:57:44 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pubads_impl_page_level_ads_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 15ms
15ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2021110401.js?cb=31063683

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

sffe /

Resource Hash

ac4bb6d11eb6bc2f873df517370ccaa3e31a0dacbf5b217e28ab97f1eed53a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13414
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 199 B
437 B 16ms
15ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=misr5.com&callback=_gfp_s_&client=ca-pub-7642687660908727

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111040101/show_ads_impl_with_ama_fy2019.js?client=pub-7642687660908727&plah=misr5.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

06b51d8791791cf5b11c9ff7508aa37284bfa125d365f8f39fb641a8b7255a94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 191
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 283E 81 KB
28 KB 688ms
673ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7642687660908727&output=html&h=280&adk=1900385519&adf=1946058879&w=1200&fwrn=4&fwrnh=100&lmt=1636433864&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmisr5.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433864011&bpp=4&bdt=285&idt=158&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&correlator=3864215699772&frm=20&pv=2&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062945&oid=2&pvsid=1600673754961738&pem=179&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=i9GY061VZp&p=https%3A//misr5.com&dtd=172

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b26fbad2faebe2be13c01a9c115a6a81ed2f021b9d59959e9badb182a496bcaf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 09 Nov 2021 04:57:44 GMT
server: cafe
content-length: 28157
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 09 Nov 2021 04:57:44 GMT
cache-control: private

POST
H/1.1 200
OK get_info Show response
bot.webpushr.com/prompt/ 30 KB
8 KB 569ms
182ms Fetch
text/html 64.225.42.52
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://bot.webpushr.com/prompt/get_info
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.225.42.52 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: a303f84255feeb46d38ce2a8a9ce7fcfd2ac83f46448cc518f07e3bf87126b7f

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 04:57:44 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
X-Fastcgi-Cache: HIT
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
server_name: lookup4

POST
H/1.1 200
OK session Show response
analytics.webpushr.com/impression/ 0
532 B 554ms
178ms Fetch
text/html 138.68.235.115
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/session
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.235.115 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 04:57:44 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E837 12 KB
5 KB 408ms
408ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7642687660908727&output=html&adk=1812271804&adf=3025194257&lmt=1636433864&plat=3%3A32%2C4%3A32%2C8%3A64%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fmisr5.com%2F&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433864203&bpp=1&bdt=477&idt=1&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&nras=1&correlator=3864215699772&frm=20&pv=1&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062945&oid=2&pvsid=1600673754961738&pem=179&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=7

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36e2e4bd6d6d36110eaade00f0edebe8d6fb10b2b40d8dc97a3ac38e94acc58f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Tue, 09 Nov 2021 04:57:44 GMT
server: cafe
content-length: 4881
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 09 Nov 2021 04:57:44 GMT
cache-control: private

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
292 B 155ms
126ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: ae0f69022f40c6227e385419ae99f034547eb67fb060db749d3838a3b0e4f13b

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://misr5.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
374 B 517ms
284ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://misr5.com
date: Tue, 09 Nov 2021 04:57:44 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 172
vary: origin, Accept-Encoding

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 76ms
37ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://misr5.com
date: Tue, 09 Nov 2021 04:57:44 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 37ms
15ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://misr5.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
182 B 105ms
39ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0-pre&cb=60093417248
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://misr5.com
date: Tue, 09 Nov 2021 04:57:43 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 144 B
1 KB 845ms
829ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

38ba5ba970f4625317281ba957bf879895625485957d4b83228dad11ef89a742

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:45 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b43105c4-3b3c-4318-9d42-d2714c4f27e5
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://misr5.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 31ms
12ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://misr5.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 24 B
514 B 92ms
38ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0-pre
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 6682db417cae265b83ed6d54db0aad6b17fbd9e3ec5c2d6383a0c674c1431a5b

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 09 Nov 2021 04:57:44 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 24

GET
H2

200

ROS Show response
pbjs.e-planning.net/hb/1/2e43c/1/misr5.com/
Redirect Chain

https://pbjs.e-planning.net/pbjs/1/2e43c/1/misr5.com/ROS?rnd=0.3794463243727695&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmisr...
https://pbjs.e-planning.net/hb/1/2e43c/1/misr5.com/ROS?ct=1&r=pbjs&rnd=0.3794463243727695&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A...

548 B
959 B

250ms
249ms

XHR
application/json

5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/hb/1/2e43c/1/misr5.com/ROS?ct=1&r=pbjs&rnd=0.3794463243727695&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmisr5.com%2F&pbv=5.18.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fmisr5.com%2F&e_pubcid=c07521d1-e72f-480a-8e3e-555d5b345df5
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 474e0b2bf388d7757402e5a2a75460f0fcc65876813452e1b45b60fe13a9d08c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://misr5.com
expires: Tue, 09 Nov 2021 04:57:44 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
content-length: 548
x-sid: AMS-607

Redirect headers

date: Tue, 09 Nov 2021 04:57:44 GMT
server: openresty
access-control-allow-origin: https://misr5.com
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location: /hb/1/2e43c/1/misr5.com/ROS?ct=1&r=pbjs&rnd=0.3794463243727695&e=728x90_0%3A728x90%2C970x90%2C320x50%2C320x100%2B728x90_1%3A728x90%2C970x90%2C320x50%2C320x100&ur=https%3A%2F%2Fmisr5.com%2F&pbv=5.18.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fmisr5.com%2F&e_pubcid=c07521d1-e72f-480a-8e3e-555d5b345df5
access-control-allow-credentials: true
content-type: text/html; charset=iso-8859-1
x-sid: AMS-607

GET
H/1.1 200
OK csyncs Show response
ghb.adtelligent.com/ 572 B
610 B 21ms
21ms XHR
application/json 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/csyncs?aid1=676880&aid2=676881
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454564/wrapper_hb_323303_12551.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: 0466791804bef999cf77f40cd353e28b4dd43e22c87e128265b4d3bfbf4aef53

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 04:57:43 GMT
Content-Encoding: gzip
Server: VertaMedia 1.0
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Length: 326

GET
H/1.1

200
OK

csync Show response
sync.adtelligent.com/ Frame A711
Redirect Chain

https://csync.loopme.me/?redirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D319130%26extuid%3D%7Bdevice_id%7D
https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d223f20-6346-4870-a6f4-5fe004a321ee

0
407 B

641ms
255ms

Document
text/plain

62.149.0.72
COLOCALL Internet...

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d223f20-6346-4870-a6f4-5fe004a321ee
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454564/wrapper_hb_323303_12551.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS: 0-72.cc86365-03-tmp.cc.colocall.com
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

Server: VertaMedia 1.0
Date: Tue, 09 Nov 2021 04:57:44 GMT
Content-Length: 0
Etag: b62316979185d042

Redirect headers

location: https://sync.adtelligent.com/csync?t=a&ep=319130&extuid=4d223f20-6346-4870-a6f4-5fe004a321ee
content-length: 0
date: Tue, 09 Nov 2021 04:57:44 GMT
server: _

GET
H2

200

1px-matching-adtelligent.gif
t.trafmag.com/images/images/
Redirect Chain

https://sync.adtelligent.com/csync?&redir=https%3A%2F%2Ft.trafmag.com%2Fimages%2Fimages%2F1px-matching-adtelligent.gif%3Fid%3D%7Buid%7D
https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b62316979185d042

35 B
232 B

132ms
22ms

Image
image/gif

193.200.65.5
GIVEME-CLOUD

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b62316979185d042
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Server: 193.200.65.5 Amsterdam, Netherlands, ASN6681 (GIVEME-CLOUD, PL),
Reverse DNS: t.trafmag.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:45 GMT
server: nginx
content-type: image/gif
content-length: 35
p3p: CP="NON DSP COR CURa TIA"

Redirect headers

Location: https://t.trafmag.com/images/images/1px-matching-adtelligent.gif?id=b62316979185d042
Date: Tue, 09 Nov 2021 04:57:44 GMT
Server: VertaMedia 1.0
Etag: b62316979185d042
Content-Length: 0

GET
H2 204 match
dm.hybrid.ai/ 0
238 B 247ms
92ms Image
text/plain 37.18.16.22
HYBRID-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dm.hybrid.ai/match?id=186&burl=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D324902%26extuid%3D%24%7BVID%7D

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.16.22 , Russian Federation, ASN205675 (HYBRID-AS, RU),

Reverse DNS

Software

Hybrid Web Server /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:44 GMT
server: Hybrid Web Server
p3p: CP="NOI DSP COR CUR ADMa DEVo TAIo PSAo PSDo IVAo IVDo OUR IND COM NAV INT STA OTC"
access-control-allow-origin: *
cache-control: no-cache, no-store
x-mode: 115
x-xss-protection: 1; mode=block
expires: -1

GET
H3 200 container.html Show response
cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame CC1D 6 KB
3 KB 70ms
40ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 04:57:44 GMT
expires: Wed, 09 Nov 2022 04:57:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css2
fonts.googleapis.com/ Frame CC1D 4 KB
1 KB 101ms
36ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 04:50:02 GMT
server: ESF
date: Tue, 09 Nov 2021 04:57:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H2 200 / Show response
track.adform.net/adfscript/ Frame FF5E 998 B
1 KB 178ms
36ms Script
text/javascript 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfscript/?bn=46989091;rtbwp=AAABfQMPJrmJW-Vk0K8EasObrFbq3-yejoQMfg-Uez2y1J7kiF4UinQU8AX7MiDGPClvTkg0;rtbdata=ezzlQttZ0zNigdBk8h0p9JV1DKWV4vQHMAU7j3dE1eBtiOW_As9x-2C8Y4Le42ECCuhaRzJINWjyEsEqFQ0OBnvYbE8eYFiMLdGBL_kw8aRpLjeXrgQ4k0XvZrx3ucDl2UfqeldRwlLC05G01NxlsV1Xlrw9rrM6KYn8hTqZDzIHamZb3giogc9EZ6O-fj-dBjLfIH1cKEWX0HEcMWAW6w2

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

1e7fd4bbd0300c491490ff0247b20d92b70745a4981244b37e23a6bb92e25f7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 857
expires: -1

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FF5E 3 KB
2 KB 146ms
49ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:41:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FF5E 121 KB
37 KB 300ms
263ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame FF5E 15 KB
7 KB 121ms
24ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:35:24 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FF5E 0
0 98ms
32ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNwgiNLNdHS_k_EYOyeobsnTe8_gGhEUS91Fvy5O2KHBPnxGYKCFFaHJ4YkBVMB_nIG7yoTHMVmpZr2iqzel5Uq4bvVA
Requested by: Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame FF5E 22 KB
7 KB 141ms
45ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71917
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 08:59:07 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame CC1D 19 KB
8 KB 123ms
27ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 03:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5720
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8166
x-xss-protection: 0
server: cafe
etag: 3013067873597081824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 03:22:24 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 29ms
29ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=0&wpc=ca-pub-7642687660908727&warn=12%2C13&w=1600&h=1200&eatf=false&reatf=false&a=6%2C1%2C5%2C7&apv=20211107_093432&sat=1636396685665&afm=0&as_count=1&d_count=0&ng_count=0&am_count=0&atf_count=0&mdns=0.107&alldns=0.107&allp=7&fd=(0%2C3%2C0)%2C(1%2C0%2C0)%2C(2%2C0%2C0)&pgh=2624&su=misr5.com&pvc=1600673754961738&r=0.1&eid=31062945

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bootstrap.js Show response
s1.adform.net/stoat/626/s1.adform.net/ Frame FF5E 33 KB
16 KB 207ms
27ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by: Host: track.adform.net
URL: https://track.adform.net/adfscript/?bn=46989091;rtbwp=AAABfQMPJrmJW-Vk0K8EasObrFbq3-yejoQMfg-Uez2y1J7kiF4UinQU8AX7MiDGPClvTkg0;rtbdata=ezzlQttZ0zNigdBk8h0p9JV1DKWV4vQHMAU7j3dE1eBtiOW_As9x-2C8Y4Le42ECCuhaRzJINWjyEsEqFQ0OBnvYbE8eYFiMLdGBL_kw8aRpLjeXrgQ4k0XvZrx3ucDl2UfqeldRwlLC05G01NxlsV1Xlrw9rrM6KYn8hTqZDzIHamZb3giogc9EZ6O-fj-dBjLfIH1cKEWX0HEcMWAW6w2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 10 Nov 2021 08:20:49 GMT

POST
H/1.1 200
OK prompt Show response
analytics.webpushr.com/impression/ 0
532 B 179ms
179ms Fetch
text/html 138.68.235.115
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/prompt
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.235.115 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 04:57:44 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

POST
H/1.1 200
OK prompt Show response
analytics.webpushr.com/impression/ 0
532 B 341ms
162ms Fetch
text/html 138.68.235.115
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/impression/prompt
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.235.115 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 04:57:45 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
DATA 200
OK truncated
/ 643 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: df28ecf929157156d9e444395da96bba8bec6319d1e88ea7241ee861bb1e76e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 6Ijop6EznE.jpeg
cdn.webpushr.com/campaignassets/ 25 KB
26 KB 27ms
26ms Image
image/jpeg 167.172.183.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.webpushr.com/campaignassets/6Ijop6EznE.jpeg
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.183.24 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 09b22fb982a9aa03189e05b83c552ae0e4ffe186d7b08956977e065fddd0aa78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
last-modified: Sun, 07 Nov 2021 21:11:11 GMT
server: nginx/1.16.1
etag: "618840ef-654a"
content-type: image/jpeg
access-control-allow-origin: *
x-gg-cache-status: HIT
accept-ranges: bytes
content-length: 25930

GET
H2 200 sq.png
cdn.webpushr.com/siteassets/ 4 KB
4 KB 61ms
61ms Image
image/png 167.172.183.24
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.webpushr.com/siteassets/sq.png
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 167.172.183.24 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.16.1 /
Resource Hash: 3a4d1fe746aa3b7652e35f1467b57c1edd015c9ced21df4ac8620a1d084855c1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
last-modified: Thu, 15 Oct 2020 19:51:19 GMT
server: nginx/1.16.1
etag: "5f88a837-10e3"
content-type: image/png
access-control-allow-origin: *
x-gg-cache-status: HIT
accept-ranges: bytes
content-length: 4323

POST
H/1.1 200
OK impression Show response
analytics.webpushr.com/notification_card/ 0
532 B 438ms
160ms Fetch
text/html 138.68.235.115
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webpushr.com/notification_card/impression
Requested by: Host: cdn.webpushr.com
URL: https://cdn.webpushr.com/app.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 138.68.235.115 Santa Clara, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 04:57:45 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H3 200 css
fonts.googleapis.com/ Frame 283E 3 KB
580 B 59ms
31ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7642687660908727&output=html&h=280&adk=1900385519&adf=1946058879&w=1200&fwrn=4&fwrnh=100&lmt=1636433864&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmisr5.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433864011&bpp=4&bdt=285&idt=158&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&correlator=3864215699772&frm=20&pv=2&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062945&oid=2&pvsid=1600673754961738&pem=179&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=i9GY061VZp&p=https%3A//misr5.com&dtd=172

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 04:46:57 GMT
server: ESF
date: Tue, 09 Nov 2021 04:57:44 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 283E 2 KB
912 B 68ms
38ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:35:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1361
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:35:03 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 283E 19 KB
8 KB 49ms
22ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:23:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 283E 3 KB
1 KB 63ms
37ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 954
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:41:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 283E 121 KB
37 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 283E 15 KB
6 KB 44ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1340
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:35:24 GMT

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame 283E 27 KB
12 KB 91ms
25ms Script
text/javascript 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 07 Nov 2021 09:28:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 156574
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 05:34:30 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 05 Feb 2022 09:28:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 283E 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy9SjyP-JYaSoDfGg7_UPn5C7wAnE1LvyZJLhmZj_DM6Focr2ARABIPTW044BYJXikIKgB6AB8PiI0QPIAQmpAvPG3LF_cLM-qAMByAPLBKoEwAFP0Pxh1OwtJxovZsyOPCfGqGdumioNcCn5uA2KvuqrYr4P__3MpAMdYcvGTw6XijqpmMxXDqF_Gi72OaPBhDtq5fmYFoNIutntT3qBzjxrEZMN4ulEB0B8xh6VyMW6UDxDmSZs7syE6r924GX7g1hg-oXIZWKoKecBfsiQ4Mpfr-axrKZlVqMCRo2Lbo60-ilUIMxjbUS_zD4ze7xIFDH7PFjv26GmSYBAI2CKC2jDPsWBdBeVfhT4vaszxW0ZRnzABIXS_Nn7ApIFBAgEGAGSBQQIBRgEoAYugAf4hvcuqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwUQv861AtIICQiA4YAQEAEYX4AKAcgLAbgTiCfYEw2IFA_QFQGYFgGAFwGyFxwKGggAEhRwdWItNzY0MjY4NzY2MDkwODcyNxgA&sigh=HEMfgmlmcTM&uach_m=[UACH]&template_id=5000

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7642687660908727&output=html&h=280&adk=1900385519&adf=1946058879&w=1200&fwrn=4&fwrnh=100&lmt=1636433864&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fmisr5.com%2F&flash=0&fwr=0&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636433864011&bpp=4&bdt=285&idt=158&shv=r20211103&mjsv=m202111040101&ptt=9&saldr=aa&abxe=1&correlator=3864215699772&frm=20&pv=2&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&dmc=8&adx=200&ady=2001&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062945&oid=2&pvsid=1600673754961738&pem=179&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&btvi=1&fsb=1&xpc=i9GY061VZp&p=https%3A//misr5.com&dtd=172
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Tue, 09 Nov 2021 04:57:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4437271475238979191/ Frame 283E 26 KB
26 KB 48ms
28ms Image
image/jpeg 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4437271475238979191/downsize_200k_v1?w=600&h=314

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5e034e5d327dfc98a701ff3f1c4af23605ac8956400f80508ebb0d165eaa8c13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:11:32 GMT
x-content-type-options: nosniff
age: 333972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26589
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 06:51:53 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 05 Nov 2022 08:11:32 GMT

GET
DATA 200
OK truncated
/ Frame 283E 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1fc322e402725e574ed8d6cbe52904a48c6ae55a1676719a63dc762c2b90fc4c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 / Show response
track.adform.net/adfserve/ Frame FF5E 4 KB
2 KB 35ms
34ms Script
text/javascript 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/adfserve/?bn=46989091;rtbwp=AAABfQMPJrmJW-Vk0K8EasObrFbq3-yejoQMfg-Uez2y1J7kiF4UinQU8AX7MiDGPClvTkg0;rtbdata=ezzlQttZ0zNigdBk8h0p9JV1DKWV4vQHMAU7j3dE1eBtiOW_As9x-2C8Y4Le42ECCuhaRzJINWjyEsEqFQ0OBnvYbE8eYFiMLdGBL_kw8aRpLjeXrgQ4k0XvZrx3ucDl2UfqeldRwlLC05G01NxlsV1Xlrw9rrM6KYn8hTqZDzIHamZb3giogc9EZ6O-fj-dBjLfIH1cKEWX0HEcMWAW6w2;js=1;adfxid=1x;569;set=en-US|en-US|1600X1200|0|0|0|24|8|3|7|1|;fd=0|0&CREFURL=https%3A%2F%2Fmisr5.com

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

37aa89dda0e09909ba2a425227fd49d79c00744c81e280fd29f702eca95dfa67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:44 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
strict-transport-security: max-age=31536000; includeSubDomains
content-type: text/javascript; charset=utf-8
content-length: 2124
expires: -1

GET
DATA 200
OK truncated
/ Frame 283E 221 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 813f5ba8a95b2ea3ef9d198065f74ef600730c513f861f79ba6acf392b51af37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

pd Show response
us-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://us-u.openx.net/w/1.0/pd?plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc

1006 B
884 B

23ms
23ms

Document
text/html

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Requested by: Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 418ce9b07a644b94f5471841f861eeca79c635fe13a800eaa89ecf6f31f7e91c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 09 Nov 2021 04:57:45 GMT
content-type: text/html
content-length: 543
content-encoding: gzip
via: 1.1 google
alt-svc: clear

Redirect headers

server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
date: Tue, 09 Nov 2021 04:57:45 GMT
content-length: 0
via: 1.1 google
alt-svc: clear

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 283E 21 KB
21 KB 67ms
24ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:15:39 GMT
x-content-type-options: nosniff
age: 441726
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 02:15:39 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 283E 21 KB
22 KB 53ms
14ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 38179
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 08 Nov 2022 18:21:26 GMT

GET
H3 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4EAD 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32088
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 20:02:57 GMT

GET
H2 200 Standard Show response
s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/ Frame FF5E 85 KB
36 KB 36ms
35ms Script
text/javascript 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.adform.net/stoat/626/s1.adform.net/load/v/0.0.211/e/2gSBggDQ/i/vCAv.IAAAAAoAA/r:AdConstructor:contents/ImageTag:types/Standard
Requested by: Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: 8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:45 GMT
content-encoding: gzip
last-modified: Mon, 25 Oct 2021 09:07:47 GMT
server: nginx
x-cache-status: HIT
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=100000
expires: Wed, 10 Nov 2021 08:22:17 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 36ms
18ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=misr5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 44ms
26ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=misr5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 95 KB
34 KB 204ms
204ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1600673754961738&correlator=3567146407602239&output=ldjh&impl=fifs&eid=31063214%2C31063683%2C44752541%2C44754276%2C21068031&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=21939239661%3A22614029701%2Capl%2Caplmcm%2Csticky&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x90%7C728x90%7C320x50%7C320x100&prev_scp=test%3Drefresh%26hb_rfBid%3D0%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Dae0c3e29d00a0aac-22ba34a83dcb0018%3AT%3D1636433864%3AS%3DALNI_MaDuDTdlIbwt9yzQxB-oBqfB7Fd9g&bc=31&abxe=1&lmt=1636433865&dt=1636433865132&dlt=1636433863726&idt=357&frm=20&biw=1600&bih=1200&oid=2&adxs=315&adys=1150&adks=372564847&ucis=2&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmisr5.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=true&fws=516&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2c631d7f874bd7a170eff7bf1b8f63d581fa3158b1feec535d7c184c1b5c6e1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:45 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34470
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://misr5.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/csimpr/ Frame FF5E 35 B
502 B 63ms
62ms Ping
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/csimpr/?bn=46989091&csi=sao-896D91qqORflN0fxN1mDaypEMoGCeiAsMDG_4nLZKGWOLEEutt6vWmW1dlSa0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

GET
H2 200 45940548.png
s1.adform.net/Banners/45940548/ Frame FF5E 38 KB
38 KB 38ms
37ms Image
image/png 37.157.2.247
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s1.adform.net/Banners/45940548/45940548.png?bv=1

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.2.247 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

6365be1f270bccf27d2db5b29b74505d68bf40511c2c605d62dac598cac707fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:45 GMT
last-modified: Wed, 16 Jun 2021 08:36:42 GMT
server: nginx
etag: "60c9b81a-98bb"
x-cache-status: HIT
strict-transport-security: max-age=0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: *
cache-control: public, max-age=604800
accept-ranges: bytes
content-type: image/png
content-length: 39099

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
200 B 21ms
21ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454564/wrapper_hb_323303_12551.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://misr5.com
Date: Tue, 09 Nov 2021 04:57:44 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GfDnedep1MKjcB5

43 B
106 B

22ms
21ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GfDnedep1MKjcB5
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:44 GMT
Server: PingMatch/v2.0.30-691-gbabbd08#rel-ec2-master i-00eeed23208b59ecc@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=GfDnedep1MKjcB5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=ec043c53-d505-4cf4-8986-4c0f1415fa54
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=ec043c53-d505-4cf4-8986-4c0f1415fa54
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=707ce5b0-508f-4c3f-a370-a6b3070d83fa&ssp=openx
https://us-u.openx.net/w/1.0/sd?id=537072968&val=ec043c53-d505-4cf4-8986-4c0f1415fa54

43 B
106 B

49ms
49ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=ec043c53-d505-4cf4-8986-4c0f1415fa54
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:46 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Location: //us-u.openx.net/w/1.0/sd?id=537072968&val=ec043c53-d505-4cf4-8986-4c0f1415fa54
Date: Tue, 09 Nov 2021 04:57:46 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2324075751115704398

43 B
180 B

32ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2324075751115704398
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:45 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 69b42299-daa0-4043-92d6-b7adf42df077
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072399&val=2324075751115704398
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

redir
rtb-csync.smartadserver.com/ Frame 565A
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEUzkwN0RGQUFBQURlVXUwczZEQQ&bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Cpp%2Csas%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AADS907DFAAAADeUu0s6DA&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Csas%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=adx&bee_sync_hop_count=2
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AADS907DFAAAADeUu0s6DA&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cox%26bee_sync_current_partner%3Dpp%2...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cox&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AADS907DFAAAADeUu0s6DA&pid=558502&do=add
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADS907DFAAAADeUu0s6DA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_part...

43 B
163 B

102ms
19ms

Image
image/gif

185.86.137.131
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADS907DFAAAADeUu0s6DA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: HTTP/1.1
Server: 185.86.137.131 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:46 GMT
transfer-encoding: chunked
content-type: image/gif

Redirect headers

location: https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AADS907DFAAAADeUu0s6DA&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D4%26userid%3DSMART_USER_ID
Date: Tue, 09 Nov 2021 04:57:46 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b04c6189-ffc9-4000-aa92-a8112cccf689

43 B
106 B

17ms
17ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b04c6189-ffc9-4000-aa92-a8112cccf689
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 04:57:45 GMT
Server: MT3 4067 88cc6bf master cdg-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=b04c6189-ffc9-4000-aa92-a8112cccf689
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 04:57:44 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=1
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Vxu8QwdM50NMErQZUk-pSlYdsB9MSOEeAhojui_r

43 B
106 B

31ms
31ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Vxu8QwdM50NMErQZUk-pSlYdsB9MSOEeAhojui_r
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=1&val=Vxu8QwdM50NMErQZUk-pSlYdsB9MSOEeAhojui_r
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8270796314496779218

43 B
106 B

16ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8270796314496779218
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=8270796314496779218
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 565A 70 B
265 B 124ms
32ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=c86be668-c548-3487-4a35-9b21edfaffde&gdpr=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 565A 170 B
243 B 86ms
30ms Image
image/png 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=ZTQwNDM1YTItMGMzZi02YTIzLTVmZDUtYzE5ODI3MTgzMWJl

Requested by

Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 565A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH8Ekw0w5SXwB9PggELwKxs&google_cver=1

43 B
106 B

24ms
24ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH8Ekw0w5SXwB9PggELwKxs&google_cver=1
Requested by: Host: us-u.openx.net
URL: https://us-u.openx.net/w/1.0/pd?cc=1&plm=10&ph=bbb82fae-1d27-4d90-bb10-e24164ecd7bc
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://us-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEH8Ekw0w5SXwB9PggELwKxs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2AA8 6 KB
3 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 04:57:44 GMT
expires: Wed, 09 Nov 2022 04:57:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 m_js_controller_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2AA8 32 KB
13 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/m_js_controller_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9cbfc3e0135220f040908a4787b396a23aca9b8d066d5e536d34817e08b48d4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:48:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 579
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13288
x-xss-protection: 0
server: cafe
etag: 2897995046565320897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:48:06 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2AA8 22 KB
7 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 08:59:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 08 Nov 2022 08:59:07 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 2AA8 19 KB
8 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:23:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:23:18 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2AA8 3 KB
1 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 955
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:41:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2AA8 121 KB
37 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 04:57:45 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 2AA8 15 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1341
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:35:24 GMT

GET
H2 200 6397435828588269698
s0.2mdn.net/simgad/ Frame 2AA8 603 KB
604 KB 214ms
21ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/6397435828588269698

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b0862f44c265decd5554b410e6462d5c69107260306955ac07cf4f338d7cf66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 02:55:59 GMT
x-content-type-options: nosniff
age: 439306
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 617843
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:30:35 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 02:55:59 GMT

GET
H2 200 12580120761367679359
s0.2mdn.net/simgad/ Frame 2AA8 227 KB
227 KB 222ms
29ms Image
image/jpeg 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/12580120761367679359

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7a4d34cd8a6c79ad31dd2fb51ad196d8cd526dd88c04f9d336c1808402ea5f78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 05:32:54 GMT
x-content-type-options: nosniff
age: 602691
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232254
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 14:30:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 05:32:54 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2AA8 42 B
63 B 46ms
44ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmJNyRF34hGU1ASFfcyZIsUhUNLSpQlbQdANDPVsKip2e4u5lYxcCDieHxEyHnK-RHs8UJ9wkvG_DXHBuPVM5ygg7AXJKgrSWoQpj-fHmPc4IwhYKP92rO-ZpwacoZJ5Lil53B9FszW8sZOwpQZWIefuKKLQ&dbm_d=AKAmf-BAl9zTKlRQFwG3_xRfhbTZoEfv6oIMqBKMAzwTxFRZ8YbKx8UtJP0WDqOUhW_VmrgZ8Ueoc_piPbugE5_JIbe9hduRwV218g0y1RxoclKJNI4vdtNxLG0xZ88Yu0oR8uZsC1XB-bXmLC5S9p0Hl1Zo3x6e9jyTlglsPWn6d1TlV4dpekI_2cg9eCOtlFozkNfNA1k5-_TgMT5Y-8jkXjl5JmGezwloehLFxREifgUvCw4Gn1E89aDRfrpbpMM1yF9w1geQOmWJbQzxGLPWNfmzYHBadRFK9ZJST9XUMphJ8jh9PyX-WcwZaAo-1KROMwUZIewMIzk15ANPqhpY3uNS28AIYSg3F8vzFKXbPhtu2dq6BV5e15EpXPhOcPmpLuafkSKOKSSv5g4XBis28Vo_SzkMfpBvwi2fC1JWRgH7uyEugmHDALB0hl_PPUIQ5vZpT8gki-un8KtTcZMybYu6yPOi6KdJpbaA7zFubFDcBu_DE6oA9U4vROrPsRT4wYi9391V_Hzga72DV4SIlGO0WaiT9jrURh5J3LdJ62rYRwAJ07bFWPEoyYXEitoeFLJOMF6wY2iyXOv_utqHy0enqpBXea2znyBZO7syMtlauhlvzBbJPwblyVIqbHEhbPwum3MSRk8h-FfiQG-8qRZdhQURvPpSQHNPgj2-Ws2K9Wa59YldMjdm6-ckloNpzZlnkp4Knas3cPCoo238O4-ReLcHd2F_e9goT-8jQrbsiis8eXmRsM9Lck317FbbAbwi4BUMUCl5vtmfvCDoG8KNgq7xiELBR4Argo016s7mvVm14WFgGRo_rZDw3lbU5zYGMFGRekJjDflymJOeV4rBkZ3NBsbuRiKCfbyvN4fPC9gIizQchon9lDtPLk3FbmKwG51qzsf9ycAwYeRrAemPUwIioora35rthTefV1LEorkja-cbdADCI4zpET2-C9oE7Qgg4-3fLFLFSNQmlKeXhFQtdx_2OaTjMpAZZlb5VRyaipyHbVUJ2R2BBzqSjGqzwWepttaumiFVf5tBV0u4LGkE6tOnspScTRcwAkY-G_NoqTmLAls0VLiXF2kkcQ2EbLnKhjk4FXFWqEc5GkcRNtzG1vJONLzkQFqFgsshMcqY9QrwtOewZ7M0ObPSs-l6AlqX1xlPvHZJHkLcMeTBQmz782P8COxPzArpksWpx0vQmh84G5q_Jc7ef89cHmVbjTkoomKfEaJTnvi-zJ7VqYxiv9p65W3-p2-ohQK_YTkhANU7lpoGn_DHhqs6juStToSczxcq1Gj55wvvvwhKzSBG_ZdLoumtnAHAV2H4GsSbsqn51mR349TdCWJ7sDO_fI55bQrd0jlxsxJ3CQ0jXBRqXQQLSoJDDhXFvYz0ref0VlsXVGDObPKP6ZzaT5A9cTV3leSHwMe53aEtNuMcMPdKRw4ufIE_zPXqZy4nEJ8aKrn26FPty14jV_Xc7P6e2Zs5QDU4rTLaGFWRJ4klMLudfegy6fGcFRJSO354SYDxI_07EoZFZSfluVtcI5_s7ibL9eeu9MT-xqk6TM8aMGQQIo1NkpzgZVugXLIh3oOxWSBd-scCno5L39rlHLh5attHH0jOdkLmjYUsEfaGztvKZiOrBbPvKOeGsu1QYWgy_9yB_YFCdXDM3exv-RD0dLzZraMseAmBTEvJRX8VTO5TkQkQaBMdI1sNDGh39hQqkhyNfSH3O-h6rzRa9r6LCuqeo002qb8Z-XZ0qcPiHU6m__cX8A5zL5nxgVyRv9c6wNLdBVJ9CoB1QxQaOjaGj-6bfN7T9eGDyiE2SajKNhaF64KKsNrbFuqIBVz15PoOro1OMQP2_3O2Zxwl13YL1jdG96Yreq9gcI1joeARHGWGjzr2-JsQJdnpUwmT4r_iXxkm5EAFfW7L0o-c1mhu_MtpwCesTotpIkFl68kjh6QzV3JIToHbZtqYCDZqLrrtjOABxreiUyKs9mkwaTpL-ryCa3G3u0aY6Z3Z9FOe_XFaUuz7Tg_10_9P5Ov6sdfxPDd_3uXa7P-L9KUZWkkG0fNn2kz249j0pgMtunh8fnd8_wxdS3CLTd1BJToQHELAUBgxSlpci4MA3Kkjzjny9UnbxQ7tWiUkOrlYwovUllVDThdIyOETreRDDUeor61by9l5CKZ7q1Lv7V74AlflKzvN37cY1UYvWKw0r2IZgCytv801tt5Xi6kUB9bBsVJNbHSR7hfUeklekkEHR0c46FsiAQpx-hDOi8V9QfkeRZxXYqSQklHIXPnxdCc9tv-ygu9XmziVT6oZJM18Cu1xZcoeO63b0jl3fzp4QHNCwJ22Jdpni3aq835J_LLh7NLArIiMQ7Gth8cftM1STVznw68PMlw3T-PFD9pPHv7K6q41XWRwrzR82GVWWqFqMi072-w37hS4a5kgUm8A4SGh7C_jdjRD_aX5YWUQPHK1g38N60oOliKrPhvrZ_SQdty6zavGvJAwD2bHiUgSco3SANKanlPe3A49oA5J20amUlakYv79J1KQmuD_VXgvI-g6sssfM9x192mfWxCcuQOlV-Pcn9_UcFER2BTT7__YLoFi-fc5680pCTMG7qZmT85xq-tOcqRwX62wzmm7yMjoN-8t9OYabiAnszGSgQyOTRroD_Gx_yq4nqJBP4G1BWyjnF5rXRNLYA6-NfCvj4BzTHL5uO3ODNsxEmAA7BmmItMQZUVHT0FozqnIXzHrlyNjLPrjAn_u8a6gYNhfA5_1iQsPQFTfqDazvPE1J8Bew1mAdRXBhUPm8gEVY_yeAUgGlmXAMIXg-QFTK9EkiQjRAnXvZY55sUuWNt8-8ACQdyoJKvq6GGN0jt3VawsEg14QCrpM8Ij3u6nMNwJpRb8h2beqcymF5KhyRk6MYCj1nQdFgZUE3rshikv3YV3m6LE8wHPqt1biDS978QdiBF-odc8OasQLbbMKUu_y9clITrpPhBKoRpcjBI0vRhxdrAdveaWyml5BlK4D7QlNsa6PpWR8Ii39kemGyrXret3MBMdpcQ&cid=CAASEuRoLz5QEAaWV3fRXNQ3LM6vAg

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2AA8 0
0 46ms
43ms Fetch
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CMVkAyf-JYcWjCo2L9u8PnsG_oAiavf_AZbzi2svFDs6Focr2ARABIKiyhXxgldqigrAHoAGO8aDtAsgBBqkC88bcsX9wsz6oAwGqBJECT9BE4IYFz2gI1-VZjOJIFX5tAdD28TfPIhURHq8E5kbyau9efQoTshxOC78AHFf31fP-n7HINeK9tnxvRDs3kmO-u-X9pEbNpokjvh8AELDssreOY7hwZV7qC8KgcIjtKsJgM4GuwWylvlbBB9e4kRvLe7R9yFIzgiZ4Z-NhySERKP052W-VnfYCiEjXY6dnygYTkofJfKKzg8mnRKKVAs8jrdf_QXq7YXWZbJOD-nTRxAyNkvqdVjaJ8EHvxx3yPSTi-pGysZBJqRLroCiTCMN3Gnssfwc2xyuX2eQjRAPehRc2k1wu3gBp0RR6vhkr3X71aZEzUmdfMqxZELeeUFrcTloTOf7r6xGF1Zbct4vfwASy8LD9yQPgBAOIBaKamZg3kgUECAMYApIFBggbEAEYAZIFBAgEGAGSBQQIBRgEkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfajt-SAagH8NkbqAfy2RuoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHChDbyD0Y4LG7tgHSCAkIgOGAEBABGB2ACgPICwGwE-WXkA3IE8W7mAnYEw2IFAHYFAHQFQGAFwGyFx4KHAgAEhRwdWItMjkzMDgwNTEwNDQxODIwNBimk3Y&sigh=9PrdVdXz24Y&uach_m=[UACH]&cid=CAQSPACNIrLMsBnZ3EbHb1O5Jgttjw0yuELfwO2f9kwX-jGOo-I5Y_nVitZzXKGIkaQ70D89C_9C9hqUkQPiUg&template_id=509&vt=10
Requested by: Host: misr5.com
URL: https://misr5.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s07-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D918 143 B
163 B 28ms
28ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 09 Nov 2021 04:43:12 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 873
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BBC1 1 KB
749 B 28ms
28ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 37864
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 2AA8 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 160a40d7d761ceb6b04db65a2ae9706a325214b165d16876d35e7bbdd38e46cd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame D918
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

63ms
61ms

Document
text/html

2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 09 Nov 2021 04:57:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 09 Nov 2021 04:57:45 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Tue, 09 Nov 2021 04:57:45 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame BBC1
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESECw5pdy3Tu99hKmGGjOOGvs&google_cver=1&google_push=AYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECw5pdy3Tu99hKmGGjOOGvs&google_cver=1&google_push=AYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAc...

43 B
443 B

822ms
779ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECw5pdy3Tu99hKmGGjOOGvs&google_cver=1&google_push=AYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:46 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ab4764ee97d374b-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 52
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ab4764d48a7374b-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESECw5pdy3Tu99hKmGGjOOGvs&google_cver=1&google_push=AYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJsrTcs1Ip33EMM8OpbgJKh44k3t5khq1AR1gsfzToahVk_0N0o1ex78300pZhfAajfEWL2M9Di5jEFfQYcpXIWZuIKuAcd%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBC1
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEMQSRtRgNODS5gRSVcAPTwU&google_cver=1&google_push=AYg5qPL6xMoCMCvyQgwwd2lI5NRt8aw4QkSaLJHdfjZqQtY0YrfikZIHDzxDehEi1g2ZOdkRCqjXYlFEc27mlK4o...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=V2uWAQYST9-cTjccCr0Xjg2&google_push=AYg5qPL6xMoCMCvyQgwwd2lI5NRt8aw4QkSaLJHdfjZqQtY0YrfikZIHDzxDehEi1g2ZOdkRCqjXYlFEc27mlK4oo3zwQ16GB4jiSg

170 B
188 B

51ms
50ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=V2uWAQYST9-cTjccCr0Xjg2&google_push=AYg5qPL6xMoCMCvyQgwwd2lI5NRt8aw4QkSaLJHdfjZqQtY0YrfikZIHDzxDehEi1g2ZOdkRCqjXYlFEc27mlK4oo3zwQ16GB4jiSg

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 09 Nov 2021 04:57:45 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=V2uWAQYST9-cTjccCr0Xjg2&google_push=AYg5qPL6xMoCMCvyQgwwd2lI5NRt8aw4QkSaLJHdfjZqQtY0YrfikZIHDzxDehEi1g2ZOdkRCqjXYlFEc27mlK4oo3zwQ16GB4jiSg
x-host: tde-deliveryengine-production-55f754bb97-c676r
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBC1
Redirect Chain

https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF2Pg6pwtxnjV2WPgMokSPI&google_cver=1&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-s...
https://tracking.m6r.eu/sync/adxRedirect?gdprFallback=true&google_gid=&google_gid=CAESEF2Pg6pwtxnjV2WPgMokSPI&google_cver=1&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-s...
https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lOoJQ2v1j6Pkv6l6Sv3Erw&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-spVcbtJfhvT0zSlx9sloA...

170 B
188 B

50ms
49ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lOoJQ2v1j6Pkv6l6Sv3Erw&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-spVcbtJfhvT0zSlx9sloADPxj9PQ0M-NC3mM71rD

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 04:57:45 GMT
Server: nginx
Vary: Accept
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=m6r&google_ula=158217889&google_hm=lOoJQ2v1j6Pkv6l6Sv3Erw&google_push=AYg5qPIgckm09FZ3RrDAXy1xhXCu8Fcn0zS898TsO_g_OOYL2o_XTwKgGOs-spVcbtJfhvT0zSlx9sloADPxj9PQ0M-NC3mM71rD
Connection: close
Content-Type: text/plain; charset=utf-8
Content-Length: 238

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBC1
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEELkrywHKU4NgjWeOjbt4Wo&google_cver=1&google_push=AYg5qPKNpjzZljvAzHf1mIQfP4wtXYWpgImBbaSLbr9B3DjEngJctGC69ue82ooxKwvL5VfVft_fM1BXncv-p_Z8ZGWKeZkMtBRX
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNpjzZljvAzHf1mIQfP4wtXYWpgImBbaSLbr9B3DjEngJctGC69ue82ooxKwvL5VfVft_fM1BXncv-p_Z8ZGWKeZkMtBRX&google_hm=Fz1sVGzOjamsQdeWPuPFZA==

170 B
188 B

51ms
51ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNpjzZljvAzHf1mIQfP4wtXYWpgImBbaSLbr9B3DjEngJctGC69ue82ooxKwvL5VfVft_fM1BXncv-p_Z8ZGWKeZkMtBRX&google_hm=Fz1sVGzOjamsQdeWPuPFZA==

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:44 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPKNpjzZljvAzHf1mIQfP4wtXYWpgImBbaSLbr9B3DjEngJctGC69ue82ooxKwvL5VfVft_fM1BXncv-p_Z8ZGWKeZkMtBRX&google_hm=Fz1sVGzOjamsQdeWPuPFZA==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: 12q8s5hq9j1qvpelq4ssj6734mu5nrjk

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBC1
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

46ms
46ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKnT2eddRitcwBQiObB2xh7gtkPfGxsSuPCmquH8XpgpQaPPWlkwOGGq-x6N__84mZuCVNPfcD2LimkvuOLrdfPKlz_5EiBcg

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:45 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPKnT2eddRitcwBQiObB2xh7gtkPfGxsSuPCmquH8XpgpQaPPWlkwOGGq-x6N__84mZuCVNPfcD2LimkvuOLrdfPKlz_5EiBcg
date: Tue, 09 Nov 2021 04:57:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame BBC1 0
75 B 244ms
49ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKDuhRbMzsJH1iRrqG10V9o&google_cver=1&google_push=AYg5qPKgeVJL4tehVdAcSbE4F1KmHrQESq21u6211-iLaRdrJq14LQRXl5A1_CLm_njPkUrIGFoxAokSmkVAZASbyc_bLRjfqJoZ
Requested by: Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:45 GMT
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BBC1
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_W...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_W...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESENfHAsfF1UG3t9rlAnXHGbI&google_cver=1&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDM3MWJkNS00MTE5LTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90E...

170 B
188 B

43ms
43ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDM3MWJkNS00MTE5LTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90EjiQs5Y1yXxoh-I_yAZM-TGZG_Bvp9OZg_oohM

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVA5NDM3MWJkNS00MTE5LTExZWMtOWM4Yy0wNmYyOGY1MjQ1OGE%3D&google_push=AYg5qPJwcd1k0FppWXwvkNP_hDIJy4RZYazZKmFxCD3tKsS0rZxwdR_Wg2gmBrT90EjiQs5Y1yXxoh-I_yAZM-TGZG_Bvp9OZg_oohM
date: Tue, 09 Nov 2021 04:57:46 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BBC1 0
12 B 20ms
20ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQfppJqalbYIOQ0yutfgZjr3ofTPkIRk5zH0JVQv2niyMzeV3q9VoLrA-03Sqnl_witceV5w

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:45 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 publishertag.prebid.113.js Show response
static.criteo.net/js/ld/ 85 KB
27 KB 156ms
35ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:46 GMT
content-encoding: gzip
last-modified: Wed, 08 Sep 2021 12:50:31 GMT
server: nginx
etag: W/"6138b197-1532d"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Nov 2021 04:57:46 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 83 KB
26 KB 59ms
20ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:46 GMT
content-encoding: gzip
last-modified: Wed, 27 Oct 2021 03:25:58 GMT
server: nginx
etag: W/"6178c6c6-14b2b"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 10 Nov 2021 04:57:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 39ms
22ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021110401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77d3a1375cb8f06c5a4a3c5bed715eef6e4f36dd3a44b2c1d187c5fe63c56498

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9257
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 41D9 11 KB
5 KB 68ms
19ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=misr5.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 2137
date: Tue, 09 Nov 2021 04:57:46 GMT
content-length: 4685

GET
H3 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame FF5E 57 KB
22 KB 8ms
7ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

a0cbd478fc3eca139064c2518b1ee06f25dd6daedd2d36b0a225236d998e3096

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:02:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3296
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22256
x-xss-protection: 0
server: cafe
etag: 14707455014312113702
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Nov 2021 05:02:50 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FF5E 0
327 B 802ms
262ms Ping
image/gif 2404:6800:4008:c01::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~kvrmh0pm&e=21060099&ctx=2&qqid=CJXjsZm_ivQCFReH_QcdyokK7w&met.4=fb.9~lb.dl~ol.1o9~idt.-b~dt.-a8&met.3=492.b~734.h1~734.jt~734.mm~734.pe~734.sb~734.v3~734.xv~734.10o~734.13g~734.1hc~749.1o8_1~740.1og~113.1ov_4~112.1ou_5&met.1=1.kvrmgz0s~14.6~15.1~16.6~17.6~18.6~19.7~20.7~21.7&met.7=CBsQCiAMOLIB~CB4QChgBIAwoDDCfATiTAWhucJ8BeOoNgAG-C4gBhBawAQG4AQM~CBwQChgBIAwoDDCJATh8QA1IMVAxWGxgS2hucIYBeIc2gAHbM4gBtHiwAQG4AQM~CCoQChgBIAwoDDDLAji_Ag~CBsQBhgBIA0oDTBwOGQ~CBEQChgBIA0oDTCfATiSAWhucJoBeJo5gAHuNogB47MBsAEBuAED~CBsQCiDAATjjAQ~CBsQCiCsAzgk~CBsQCiCOBDg0~CBsQBSChBDgY~CBsQASDuBDhA~CBsQBiDuBDgs~CCgQChgBIIARKIARMIoROApogBFwiBF4nLABgAHwrQGIAanJA7ABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2404:6800:4008:c01::78 Taipei, Taiwan, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:47 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 04:57:46 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 6B02 12 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Mon, 08 Nov 2021 19:53:47 GMT
expires: Tue, 08 Nov 2022 19:53:47 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 32639
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7355 783 B
537 B 17ms
17ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d2493b7c981df0747dbc8fe006324a0241245c5631b8d98191608b81d7591ea3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-VxTG1Lz0GNQ7S537PDnImg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Tue, 09 Nov 2021 04:57:46 GMT
date: Tue, 09 Nov 2021 04:57:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-VxTG1Lz0GNQ7S537PDnImg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

sid Show response
mug.criteo.com/ Frame 41D9
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=misr5.com&sn=ChromeSyncframe&so=0&topUrl=misr5.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=cpWWR3wza2ZiRkJwREN6ZjczYytuZnVlRDV4emhTTzdXdTR1d3JmOERXaURobnZEejJJWVJwblBXb2tCQW1rRGlzeFpMYUJlTHFFVmtoY1o5WTZDTENCaTFNTThtVlljZjNYeXJTWmgxZzFMc1lqOU41eUZJUjJEZ2oxdm...

419 B
613 B

68ms
15ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=cpWWR3wza2ZiRkJwREN6ZjczYytuZnVlRDV4emhTTzdXdTR1d3JmOERXaURobnZEejJJWVJwblBXb2tCQW1rRGlzeFpMYUJlTHFFVmtoY1o5WTZDTENCaTFNTThtVlljZjNYeXJTWmgxZzFMc1lqOU41eUZJUjJEZ2oxdmYwWk0zTjZWQTVOb2RqeUNwWXpsczhCM2l3NUwwbEFrTi9uSkhYV0UxZ2R3djYyaklHcnM3V3ZtclF4a0RnVjl3RUJBQnlvaFZic2Z3ekdVWktTejh3akQ1aDNXNjF4cmxHMER6cmJ3K2FXRWVWZlRyQXlVdnVaL2g0cVlKMndzZTB3R2xaWUJ5QXI1Nk0zQ051N1BNUm1qM3dkOUFkUT09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

711adc17e671ec5283d6d7a6d347fe750916346915e7f036ecd2c6f1bda2e261

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 09 Nov 2021 04:57:46 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2136
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 09 Nov 2021 04:57:45 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=cpWWR3wza2ZiRkJwREN6ZjczYytuZnVlRDV4emhTTzdXdTR1d3JmOERXaURobnZEejJJWVJwblBXb2tCQW1rRGlzeFpMYUJlTHFFVmtoY1o5WTZDTENCaTFNTThtVlljZjNYeXJTWmgxZzFMc1lqOU41eUZJUjJEZ2oxdmYwWk0zTjZWQTVOb2RqeUNwWXpsczhCM2l3NUwwbEFrTi9uSkhYV0UxZ2R3djYyaklHcnM3V3ZtclF4a0RnVjl3RUJBQnlvaFZic2Z3ekdVWktTejh3akQ1aDNXNjF4cmxHMER6cmJ3K2FXRWVWZlRyQXlVdnVaL2g0cVlKMndzZTB3R2xaWUJ5QXI1Nk0zQ051N1BNUm1qM3dkOUFkUT09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1800
content-length: 541
expires: 0

GET
H3 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 6B02 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32089
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 20:02:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7355 0
0 24ms
24ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021110401&jk=1600673754961738&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 18ms
18ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021110401&jk=1600673754961738&bg=!dXaldjLNAAYH3anuB907ACkAdvg8Wmekbg2rZ-7s12wsgh7SEzw4Dp6tkUkNpH56YaYoWN_2Bi9lUgIAAABWUgAAAAtoAQcKAMQ3df1XTIq5JMijBoXumtr14fNuRXeFPy7Asu8-DEs-e1GIzYQP-5vJ4DU9NKhlLwiLYUec8ppTuAAl5cYOzpc6hwODMdlTEGdY-12g7HQqWNE9nFLO0H4JnMCu5UWHFZxpyYtbU-jStiP79nQc-Pxb18IwAmmmcV52w15E9nlvh79khY1Q9fkf0W_Rp6T9XKXSFJU2kGyvP8SwfPJoAiWGZARUpYwt4cv5hLb0XXsXvLz6Aj46o_CVOhjlzCYazdaZh8knmQLKG35OpRpOHQ3wPdeTZcfLscfsDwz5vVHixHxtUctX-5-mZV99z3frN6iFCPjjQstuw3vjfUNkVW4t3ul03WnMFRm6N7dqLuHv014snEU5H9DhSWcggsag93DL7MMOVa9VW1pwlh-rgh88TaQTyoKqVK6TlRln88TbnCr7aDAy8I_qbWZBnJEXvZVbhyn6awFhWV1F_SmByQZZuBaaWB7dAy__-pstwuky0t22fU7npKASWt5qnPXweM4yQybtbeeIe-BiZFIcoG2X2ZLTUUBiolaen0pVhMg_TbFFHUUI1_xrHUqxpPvVp2pITbtqvHQJN8al2w41t8i-NP7qPFygETgG8AxUkVjEJYno4rnMhzFKQTYNxna-Y_VODQlnl-O4NDjoUbv1Jb-3HRZ7cgAFH_JXGZ_YgywOUHgMFTcCVOnjAS-cuprvT6KP6a4HcdEYr_m4gBcTEP-WxrOw1aGT8bAsuPQ9a6fOSmGAjf-QB3l5g6gXawYEpXfUv1S2tRmOubxRB12C9_ejS-ecZtcWhQKUTICdNXCEdumIV44jYg7bvyC6v-rUveT8SmhN9pwoQg0uLTXL8RGCAF8AdMTqi0R3iRXYZ8m-odGZTKrYWiF02tZUvYR_UXG4aElfxiMpNc2IjCJuajAbVQbL8t3z90ZkjECgx_PZYdclor_Fm0-z5dR3fPtQQDczg4RvA2nJz1i31-CKRogwXT35KPuPZHDf0-2fbOgqUWoLylvZrikbUnlVwdRRAS6JrJkSAOoW-aOTcfL4bvTXMkrQ5gzibjhackpHHX2qDaD_DcM413huGVkoo9wDW2Gz7w4GdKdIpo03ERorR_LgODtBXkNWs82pRVXRd8W1GnkzIjsxogo-yHX9BWg8nMi3GPJuQUAsG5jctJKXQid2TlD22AR1mPKp2NxFDTvuxa2rwkiQqQsqLlo7b5-TaMzy

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2AA8 42 B
64 B 29ms
28ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvgEcJAuvVUswNDQIXFvLyXWxy1Z1HO_1-ufyTDPdM2IRFZiqR2JOHX4FOMv4IheHbY357G4tKGrVp5b-70W7Zoh3HSUehlgI7M6Rv5Z9lcJRcEVPCaPQ&sai=AMfl-YTcAMBTWrLx099z3o-443ACyZ2scpXwB3IOfAUbW2gFmtKMVej5rGA6z8pNrg4a8uckBkioEsPnBCHyXfEfXUVhzj_9UH-zKC7i_7pvwPVTR_EeeTkNMF6QyDAD&sig=Cg0ArKJSzMcEym8RYx6MEAE&cid=CAASEuRoLz5QEAaWV3fRXNQ3LM6vAg&id=lidar2&mcvt=1000&p=1101,641,1139,961&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=9&adk=372564847&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636433865483&rpt=553&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 23 B
513 B 15ms
15ms XHR
application/json 216.52.2.30
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0-pre
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: /
Resource Hash: 34db35a99c212fb6c59d8a5f180508a3583674a46148afd70eafa8876889c573

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 09 Nov 2021 04:57:48 GMT
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://misr5.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 23

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 145 B
1 KB 110ms
110ms XHR
application/json 37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

29040281e36e000b2bbc8ae74536f43fa1bf812a3e576a7c79c3e2e920e10362

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:48 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: ca8d8fc0-d2b7-444c-8d87-4efccde69c46
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://misr5.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 145
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 9ms
9ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://misr5.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 bids Show response
prebid-eu.creativecdn.com/bidder/prebid/ 0
171 B 15ms
15ms XHR
text/plain 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://misr5.com
date: Tue, 09 Nov 2021 04:57:48 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST

POST
H2 204 c Show response
prebid.a-mo.net/a/ 0
141 B 199ms
198ms XHR
text/plain 147.75.61.140
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.61.140 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://misr5.com
date: Tue, 09 Nov 2021 04:57:47 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 104
vary: origin, Accept-Encoding

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 65 B
157 B 100ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb?guid=bX9srg4dmr64KsaKjGFx_2
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: b756b522048c8f37819b3b20566aa2dcfbc7efeca40639c038098c6f164d2f72

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://misr5.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 cdb Show response
bidder.criteo.com/ 1 KB
1 KB 28ms
27ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=113&profileId=185&av=34&wv=5.18.0-pre&cb=79339911034
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: 4b42cac7698a04b0af729ef9c8aaf62484b6b7e9a1e11b58326a6e379fa2d2f6

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 04:57:47 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://misr5.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 888

GET
H2 200 ROS Show response
pbjs.e-planning.net/pbjs/1/2e43c/1/misr5.com/ 9 KB
5 KB 214ms
213ms XHR
application/json 5.178.65.245
SERVERIUS-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pbjs.e-planning.net/pbjs/1/2e43c/1/misr5.com/ROS?rnd=0.3794463243727695&e=160x600_0%3A160x600%2B160x600_1%3A160x600&ur=https%3A%2F%2Fmisr5.com%2F&pbv=5.18.0-pre&ncb=1&vs=FF&crs=UTF-8&fr=https%3A%2F%2Fmisr5.com%2F&e_pubcid=c07521d1-e72f-480a-8e3e-555d5b345df5
Requested by: Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 5.178.65.245 Woerden, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS: ads.us.e-planning.net
Software: openresty /
Resource Hash: 5a926e184f9486e2e4fb632d3f3a7a1a07411c1b393c268bc868150dc0fca075

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
server: openresty
p3p: policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin: https://misr5.com
expires: Tue, 09 Nov 2021 04:57:48 GMT
cache-control: max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
x-sid: AMS-607

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
365 B 9ms
9ms XHR
application/json 51.89.9.252
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip252.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://misr5.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 events
bidder.criteo.com/csm/ 0
182 B 15ms
15ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.113.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://misr5.com
date: Tue, 09 Nov 2021 04:57:47 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 53ms
18ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmisr5.com%2F&domain=misr5.com&cw=1&pbt=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://misr5.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://misr5.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1720
date: Tue, 09 Nov 2021 04:57:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fmisr5.com%2F&domain=misr5.com&cw=1&pbt=1&lsw=1
https://mug.criteo.com/sid?cpp=LZYhjnxlRkpNNDI5TWhFcmQxdFdaaU9sQXhBT0ZHUkwzN2k0TlllN1NMRVM2MW41bFNoVTJETWo0L0N0dmlaWUFJSVEzZ1dGUVM5Nm5tclFVNFdadm1FL1hFQWp6Q0pwREtreGZPcWlvQTdNYmpyV2h1dUt1Wi9meXRRRD...

414 B
651 B

18ms
18ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=LZYhjnxlRkpNNDI5TWhFcmQxdFdaaU9sQXhBT0ZHUkwzN2k0TlllN1NMRVM2MW41bFNoVTJETWo0L0N0dmlaWUFJSVEzZ1dGUVM5Nm5tclFVNFdadm1FL1hFQWp6Q0pwREtreGZPcWlvQTdNYmpyV2h1dUt1Wi9meXRRRDRLcjVqUnVrYlloQWRoNDFNQ1dVTVp4UnVjR3RMNGFOSldwYW5UWCtyZFBic0p4aFVIQUlxL3ViV0JROFFNcm9VUjZzTmdreU5JdWQrclgxdVd0WFdScWJVYTI5eUdsQkVUSkJrWnd6OEV1eDNVWWkyYldORWNEd3M2N3hGNGtpL0NweW9IVy8rTTg1SXluVVZYNVFyTnVueXBWVGh6Zz09fA&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

975efe5a2f7b2e57d26bb8ab82936be19aefd1d78f014214790eef5f0b90c6bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 09 Nov 2021 04:57:47 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3906
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 09 Nov 2021 04:57:48 GMT
location: https://mug.criteo.com/sid?cpp=LZYhjnxlRkpNNDI5TWhFcmQxdFdaaU9sQXhBT0ZHUkwzN2k0TlllN1NMRVM2MW41bFNoVTJETWo0L0N0dmlaWUFJSVEzZ1dGUVM5Nm5tclFVNFdadm1FL1hFQWp6Q0pwREtreGZPcWlvQTdNYmpyV2h1dUt1Wi9meXRRRDRLcjVqUnVrYlloQWRoNDFNQ1dVTVp4UnVjR3RMNGFOSldwYW5UWCtyZFBic0p4aFVIQUlxL3ViV0JROFFNcm9VUjZzTmdreU5JdWQrclgxdVd0WFdScWJVYTI5eUdsQkVUSkJrWnd6OEV1eDNVWWkyYldORWNEd3M2N3hGNGtpL0NweW9IVy8rTTg1SXluVVZYNVFyTnVueXBWVGh6Zz09fA&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://misr5.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2023
content-length: 541
expires: 0

POST
H/1.1 200 692.json Show response
id5-sync.com/g/v2/ 213 B
527 B 44ms
9ms XHR
application/json 141.95.3.9
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/692.json

Requested by

Host: player.adtcdn.com
URL: https://player.adtcdn.com/prebidlink/454564/hb_323303_12551.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

141.95.3.9 , France, ASN16276 (OVH, FR),

Reverse DNS

p32.id5-sync.com

Software

Resource Hash

acf7b5229a3293047eefc0296c2acf33cb3e8cb765ff6171550311eec75b1643

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://misr5.com
Date: Tue, 09 Nov 2021 04:57:47 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 41ms
14ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1175
date: Tue, 09 Nov 2021 04:57:47 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=misr5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=misr5.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 15 KB
9 KB 243ms
243ms XHR
text/plain 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1600673754961738&correlator=952919367927243&output=ldjh&impl=fifs&eid=31063214%2C31063683%2C44752541%2C44754276%2C21068031&vrg=2021110401&ptt=17&sc=1&sfv=1-0-38&ecs=20211109&iu_parts=21939239661%3A22614029701%2Capl%2Caplmcm%2Cdynamic&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=160x600&prev_scp=refresh%3Dtrue%26test%3Devent%26hb_rfBid%3D0%26hb_div_id%3Ddiv-gpt-ad-1636433867962-0%26is_vmhbmp%3Dtrue%26hb_override_id%3D3510551%26hb_buyer_id%3D17543%26hb_r_id%3D51eafa747e92c8f%26hb_site_id%3D12551%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.18%26hb_adid%3D7ca24040-1471-4907-879b-94d9f7ef82da%26hb_bidder%3Dcriteo%26excl_cat%3DPREPOST&eri=1&cookie=ID%3Dae0c3e29d00a0aac%3AT%3D1636433864%3AS%3DALNI_MZ2rh1cJfdXSBexZ00zybeQgPfaqQ&bc=31&abxe=1&lmt=1636433868&dt=1636433868239&dlt=1636433863726&idt=357&frm=20&biw=1600&bih=1200&oid=2&adxs=-160&adys=311&adks=2199751173&ucis=3&ifi=5&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fmisr5.com%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=160x-1&msz=160x-1&ga_vid=1103340534.1636433864&ga_sid=1636433864&ga_hid=1709241&ga_fc=true&fws=516&ohw=160&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&a3p=EhYKBmNyaXRlbxIAGPrgvJjQL0UAAAAA&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

5519b4fcca802f3826dd28dc0f1db1d33eb311765245a297782f8ba244b54d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9015
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://misr5.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D77F 6 KB
3 KB 15ms
15ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js?31063683

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://misr5.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Tue, 09 Nov 2021 04:57:44 GMT
expires: Wed, 09 Nov 2022 04:57:44 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 483A 624 B
297 B 27ms
27ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj8tLyZATAB&v=APEucNUGNCYNmQG-VLBE_Iieht6jBkGEru6SjWqjYNQ7QiSEekS2dItogjrQrCikhdxi-OwlxP9Z_0OPpu2Wu44aY-JgfMKOLWGQlQssUi9zl6lCL8OfSTu8v0BwQ_LfSRKyAOIWtlcwDSJ6iLGppoNB6Ggh70Zcz-I4b2vou1VuJtJsW9EGVm0

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Tue, 09 Nov 2021 04:57:48 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame D77F 76 KB
30 KB 62ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJetwMGTzz1hip3V2Hvr-0TQ0SVz91UruP-sX3MYanrpvP5viw4iAQK1cKfPREwuB6qkNOEhFWxqaQ6QagDEMx3HAeUtmo4RiF059Hmidv_VGqGrTVFnjOG49wQiWhoDdGjLKZDSHM8tQY7vapLbx8lkgd-Q&dbm_d=AKAmf-B0Tr4Gly7FvQpePDqp3S366fMt-e40CX3H-86vbExr0zS_aPbdyBbhjMr6-Rtpaq_salBSr1nNJfI0S7aMiciOZlM4qq7hIVmzhdN7sJStjL02j5XB8W5k_6QxIHEvLKtgVFh8sdGaQaMEd_4FS-clotM88g9gZoFxMtEq7MscCdBP5WnCSJDuyuFVuwSRk8Bn0eliR1DgWp_dH04yw9A8_dBG43mv0hKPfvBofiKsZ3nnnGZ5d2YFMunwyGLyBe0uCXVscaD1QFFtm-rjQ6MnLCfLQtifr34QBZUXiIYnx-sLkj1OSxVDS_dKBMa5OsiXbBr2ns-YEWM1huxOCLhpZw26I2LswVhbMXBJkqKllGBpvjEzCItWnB5N51w8LauLW_9KQ4BHkejmJ474YaTFIDVvBuPc3K_xhl8HxhxoA_C-BQPBvw5OwEBNEOqfcRdPFXdM6BMDuo_FtgLhRhE7kVFm5KRyYVzLFLkGM6IwQrOirY2B2KRKCzf9Hf5_BGuEPxYUZbiqsMLR6DSH0Zv2nQY2C5qyYABR-Un2TqfX_wIGREHOBGmxQouWLstwURq-xXRs-IgN7HU3YZ_Il0m7sLMGiKaQUd-oOdGrUWzeFbuvrT0xi9gEmUS2O1Yw8YBz8nfTwyW-1eXBZ4uWimhoLo4HKc6sS0lwn-lgJ9r4-ss-obMnX_JSi5-YyGIVt-a6zvoYNMsnYuycydlB61hJRO-fX_fv4wVVMrkX0KzzNU8s3c54J36GKScNhYVBDz6cHUxkzIGMZ-cB-XHE5cacu1e_pkCfVNl9CnimJ4zausHzKQE9f0N5M1YzhhAyD21QF7r-u1z8CPz_v9kIayJ88FDP_NLI4QwkkTd5K3YczvkY561RAIuN2EKxKr3intyw74P1LerNpozpQ34K6HVHEZLBLrS6Pyx0uJK04wyfUpxaWPRdpAxifBsS4L7YN8U4-xtz30Qu5g5GxLsdCuHexweAbbnLwSRuBKvFasce_KarhPabzD1U_7IqjpXgvrv7tA-zHq5Mc4GXHdlAHJlW1dnZsLfEo_y4w1eYNokFZrtnmWP_0zAZrlXFsG25GG4IaMgG4CcYARc_2uNMkzu0mcaHjk0zDq0SbuZXOIloNQG-QSdN9mNofSejwqrVSA3ZoOZIlR-hTppP91Egwkiq9mHMyuLbjOUtx8SbE8FXAH8BUdK69-4iT8_45V85TvsyL9h0YO7-F1GXuCqXuvP5uDyhrPI_6VzGLxrM4Z3HPvjDRR7w1h_MYbQz42_CsJRgb2SbtdUK2oLW2Uer6jHYS8S0FuZUrUhcEJ2gvFDer56MYJpxwMKzBXUq86BPydJIoTs53naRarkYuexJ4MnrFaaxpT28UsoUgnEELjcUh5PkiDs90hVlvB7QyOSqsbyitklcB3fg-f3ydrRGlCsSX0rNimq81vy8WCbBXqUygpQis4ZRbx5iZRmPO_2UPH6kFMbmV9V7cDK3aV2qOXWmsm9rVORQlxcWsBzh24E9zWxvrdPSnkO6krriPi8evT1cuXUkQqT43SZWBfbxz_vS-AAY2xi9jkZDcO2Dpa0sIWmwf8zBhgrMkF0XfLUUvxJnRsT_NyBfP_apVLTZj4hel56QYbDPItoubBUgreKucfnRKVGZBSbofsADaulhGcxxDS4iMJJ1IqtpZxLJWMjNgQTHguk5ODhuhO1t0bUk1U7NLKyAG7Ru9yMXS7q9AOOhmBGBbDwt4h7SOWvw2hIopEZQpSw5C64uOeOhC1-ZQijjbwozWrCgGog6QI9WB_jp8i-2XgAGMjaMs5gGvM88NH19nT49Tzww2F0qifPro-Xn1dUsbv5lTEt8y9b2PuUJ2cDIrUP28ujnZxtflYXQHEGZkSnHNTZqICxxoH_Dv8myS6NAjJ8otdhl9oZ1NgYMqvDo-tKEKStUmgUibgZf6L22KPgWpX3I9ZmyEXch7fzOqUfzf3YKOtDWQxKiAGvymXoy7AfE5JJuk6Koy6M76JHBAWQauPF8Vl0WyAjM94I2ZIrDBnUYth5IR1NHp1gjQ9e7_t3KKonjPKGfFr-g1obgVaxIoLRk66xebcU2C6ZCgpzr49xu6St9dAa1T0FRir9UXjmTcVyCJ6u1CHYVxVszL_HIuDt3pc9B_XjBEVooocLlG_knH7t1wfvuJLSQGX9zS-mvdmGW8U995aEXvPoNV0YriSI1Hqy7XLDAoBbl1j_XSPkZ8xoAM7RctbBiYqbDYGgWJweZZx4gi2tNQs22mH0Z9doRElCr-prXzUR_j6WGquZu3QnSXhCinAJCahxaAAKYkEhqku44tYyt7-H7qfgPRFDvADPIkmV8XrYMuJ7fcC6WSiQqBIys8NNKsoubk9IMdLGEtx0kb73i-3cku0e5cQOd0Ow196eyrlRFzzpRIRq2-JzWLKmO4D2xH1oQHQud2WK99Vm0IFtkZ7PWVNZ25LSuKNoDZQUsGmHcV-3I6hzq1ruHAC8BIMAkXDUQOmKYBQz_D4Re5RWDOmtOcs2KACyB2aqRpPMVHSFhxII988T52alSX38EqKI9NXOAozI3LBciOGTTxXB7WozotSyRLHcs14n6B1Aj1yUwigkldjFvVcFDzbvAtDAJFJHKpfjyoV-_bldxd-CMf9pvC1YybOw7QyDEk9VHZw-iWUaWwIFtDnlRRnpXnswIjhLauqZs8YG2rZ5QRaPpHFP7_i0jHMe0fRRMK5byvmRtNZAzSsa1cmJbbUHeGJi5m1pTXua0f9Vy7HaqWy22Vu8s0YMMrDWVJB177bxrEAYhIO9eT5qjGyqekHd1seDC20a4F9Mq-6uN7cUatdIz7wE-QpRH-V47ij9nOSfyYnBRgF-pG7V5qFufj0I9MZcwcv4-TL1sG7vULwg0NPEJP3Bfogyfht_pvrQUWm5LGW6ThzY&cid=CAASEuRocUXAmKSD8JGj-JN6m6JqgQ&rfl=1%2Chttps%253A%252F%252Fmisr5.com%252F%240

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4eae61414774c32c575197c4c552feccf4b60253edbfe3e0f785590ea6d82836

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30607
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame D77F 42 B
63 B 26ms
25ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BvqBuRYlF0nzWD_nwd_qkPBkly4OAT2As1wOGQxD0gGLTX84p5vD81A-8BrL2yGZWPnoxwNrc26ZRpGeNX94whT94HJKB46EoJ06Z_UDD7nHUrWwk

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D77F 3 KB
1 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:41:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 958
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:41:50 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D77F 121 KB
37 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37743
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1636374859716629"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 09 Nov 2021 04:57:48 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D77F 15 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:35:24 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 483A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1&C=1

43 B
1014 B

34ms
33ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj8tLyZATAB&v=APEucNUGNCYNmQG-VLBE_Iieht6jBkGEru6SjWqjYNQ7QiSEekS2dItogjrQrCikhdxi-OwlxP9Z_0OPpu2Wu44aY-JgfMKOLWGQlQssUi9zl6lCL8OfSTu8v0BwQ_LfSRKyAOIWtlcwDSJ6iLGppoNB6Ggh70Zcz-I4b2vou1VuJtJsW9EGVm0
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 09 Nov 2021 04:57:48 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Tue, 09 Nov 2021 04:57:48 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 483A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYn-zGBZJdF09HiZczj-ewAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1

43 B
894 B

35ms
35ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj8tLyZATAB&v=APEucNUGNCYNmQG-VLBE_Iieht6jBkGEru6SjWqjYNQ7QiSEekS2dItogjrQrCikhdxi-OwlxP9Z_0OPpu2Wu44aY-JgfMKOLWGQlQssUi9zl6lCL8OfSTu8v0BwQ_LfSRKyAOIWtlcwDSJ6iLGppoNB6Ggh70Zcz-I4b2vou1VuJtJsW9EGVm0
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:48 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 09 Nov 2021 04:57:48 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAG-K3m_XURbJ2Wd5G9tGLs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 483A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEA0LvtCfm3-Eht6UNUK_R8U&google_cver=1

43 B
1002 B

19ms
19ms

Image
image/gif

37.252.173.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEA0LvtCfm3-Eht6UNUK_R8U&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQ_aOOARj8tLyZATAB&v=APEucNUGNCYNmQG-VLBE_Iieht6jBkGEru6SjWqjYNQ7QiSEekS2dItogjrQrCikhdxi-OwlxP9Z_0OPpu2Wu44aY-JgfMKOLWGQlQssUi9zl6lCL8OfSTu8v0BwQ_LfSRKyAOIWtlcwDSJ6iLGppoNB6Ggh70Zcz-I4b2vou1VuJtJsW9EGVm0

Protocol

HTTP/1.1

Server

37.252.173.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

537.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:48 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 4a8b632c-599c-4e4a-aa36-157f709bac1f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEA0LvtCfm3-Eht6UNUK_R8U&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 483A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNDA3NTc1MTExNTcwNDM5OA%3D%3D

170 B
188 B

31ms
31ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNDA3NTc1MTExNTcwNDM5OA%3D%3D

Requested by

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 04:57:48 GMT
X-Proxy-Origin: 193.27.14.24; 193.27.14.24; 537.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 375c1f8d-161a-45e4-8a62-9111cde4060e
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjMyNDA3NTc1MTExNTcwNDM5OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame D77F 169 KB
59 KB 46ms
19ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
Origin: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:32:01 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame D77F 8 KB
3 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BJetwMGTzz1hip3V2Hvr-0TQ0SVz91UruP-sX3MYanrpvP5viw4iAQK1cKfPREwuB6qkNOEhFWxqaQ6QagDEMx3HAeUtmo4RiF059Hmidv_VGqGrTVFnjOG49wQiWhoDdGjLKZDSHM8tQY7vapLbx8lkgd-Q&dbm_d=AKAmf-B0Tr4Gly7FvQpePDqp3S366fMt-e40CX3H-86vbExr0zS_aPbdyBbhjMr6-Rtpaq_salBSr1nNJfI0S7aMiciOZlM4qq7hIVmzhdN7sJStjL02j5XB8W5k_6QxIHEvLKtgVFh8sdGaQaMEd_4FS-clotM88g9gZoFxMtEq7MscCdBP5WnCSJDuyuFVuwSRk8Bn0eliR1DgWp_dH04yw9A8_dBG43mv0hKPfvBofiKsZ3nnnGZ5d2YFMunwyGLyBe0uCXVscaD1QFFtm-rjQ6MnLCfLQtifr34QBZUXiIYnx-sLkj1OSxVDS_dKBMa5OsiXbBr2ns-YEWM1huxOCLhpZw26I2LswVhbMXBJkqKllGBpvjEzCItWnB5N51w8LauLW_9KQ4BHkejmJ474YaTFIDVvBuPc3K_xhl8HxhxoA_C-BQPBvw5OwEBNEOqfcRdPFXdM6BMDuo_FtgLhRhE7kVFm5KRyYVzLFLkGM6IwQrOirY2B2KRKCzf9Hf5_BGuEPxYUZbiqsMLR6DSH0Zv2nQY2C5qyYABR-Un2TqfX_wIGREHOBGmxQouWLstwURq-xXRs-IgN7HU3YZ_Il0m7sLMGiKaQUd-oOdGrUWzeFbuvrT0xi9gEmUS2O1Yw8YBz8nfTwyW-1eXBZ4uWimhoLo4HKc6sS0lwn-lgJ9r4-ss-obMnX_JSi5-YyGIVt-a6zvoYNMsnYuycydlB61hJRO-fX_fv4wVVMrkX0KzzNU8s3c54J36GKScNhYVBDz6cHUxkzIGMZ-cB-XHE5cacu1e_pkCfVNl9CnimJ4zausHzKQE9f0N5M1YzhhAyD21QF7r-u1z8CPz_v9kIayJ88FDP_NLI4QwkkTd5K3YczvkY561RAIuN2EKxKr3intyw74P1LerNpozpQ34K6HVHEZLBLrS6Pyx0uJK04wyfUpxaWPRdpAxifBsS4L7YN8U4-xtz30Qu5g5GxLsdCuHexweAbbnLwSRuBKvFasce_KarhPabzD1U_7IqjpXgvrv7tA-zHq5Mc4GXHdlAHJlW1dnZsLfEo_y4w1eYNokFZrtnmWP_0zAZrlXFsG25GG4IaMgG4CcYARc_2uNMkzu0mcaHjk0zDq0SbuZXOIloNQG-QSdN9mNofSejwqrVSA3ZoOZIlR-hTppP91Egwkiq9mHMyuLbjOUtx8SbE8FXAH8BUdK69-4iT8_45V85TvsyL9h0YO7-F1GXuCqXuvP5uDyhrPI_6VzGLxrM4Z3HPvjDRR7w1h_MYbQz42_CsJRgb2SbtdUK2oLW2Uer6jHYS8S0FuZUrUhcEJ2gvFDer56MYJpxwMKzBXUq86BPydJIoTs53naRarkYuexJ4MnrFaaxpT28UsoUgnEELjcUh5PkiDs90hVlvB7QyOSqsbyitklcB3fg-f3ydrRGlCsSX0rNimq81vy8WCbBXqUygpQis4ZRbx5iZRmPO_2UPH6kFMbmV9V7cDK3aV2qOXWmsm9rVORQlxcWsBzh24E9zWxvrdPSnkO6krriPi8evT1cuXUkQqT43SZWBfbxz_vS-AAY2xi9jkZDcO2Dpa0sIWmwf8zBhgrMkF0XfLUUvxJnRsT_NyBfP_apVLTZj4hel56QYbDPItoubBUgreKucfnRKVGZBSbofsADaulhGcxxDS4iMJJ1IqtpZxLJWMjNgQTHguk5ODhuhO1t0bUk1U7NLKyAG7Ru9yMXS7q9AOOhmBGBbDwt4h7SOWvw2hIopEZQpSw5C64uOeOhC1-ZQijjbwozWrCgGog6QI9WB_jp8i-2XgAGMjaMs5gGvM88NH19nT49Tzww2F0qifPro-Xn1dUsbv5lTEt8y9b2PuUJ2cDIrUP28ujnZxtflYXQHEGZkSnHNTZqICxxoH_Dv8myS6NAjJ8otdhl9oZ1NgYMqvDo-tKEKStUmgUibgZf6L22KPgWpX3I9ZmyEXch7fzOqUfzf3YKOtDWQxKiAGvymXoy7AfE5JJuk6Koy6M76JHBAWQauPF8Vl0WyAjM94I2ZIrDBnUYth5IR1NHp1gjQ9e7_t3KKonjPKGfFr-g1obgVaxIoLRk66xebcU2C6ZCgpzr49xu6St9dAa1T0FRir9UXjmTcVyCJ6u1CHYVxVszL_HIuDt3pc9B_XjBEVooocLlG_knH7t1wfvuJLSQGX9zS-mvdmGW8U995aEXvPoNV0YriSI1Hqy7XLDAoBbl1j_XSPkZ8xoAM7RctbBiYqbDYGgWJweZZx4gi2tNQs22mH0Z9doRElCr-prXzUR_j6WGquZu3QnSXhCinAJCahxaAAKYkEhqku44tYyt7-H7qfgPRFDvADPIkmV8XrYMuJ7fcC6WSiQqBIys8NNKsoubk9IMdLGEtx0kb73i-3cku0e5cQOd0Ow196eyrlRFzzpRIRq2-JzWLKmO4D2xH1oQHQud2WK99Vm0IFtkZ7PWVNZ25LSuKNoDZQUsGmHcV-3I6hzq1ruHAC8BIMAkXDUQOmKYBQz_D4Re5RWDOmtOcs2KACyB2aqRpPMVHSFhxII988T52alSX38EqKI9NXOAozI3LBciOGTTxXB7WozotSyRLHcs14n6B1Aj1yUwigkldjFvVcFDzbvAtDAJFJHKpfjyoV-_bldxd-CMf9pvC1YybOw7QyDEk9VHZw-iWUaWwIFtDnlRRnpXnswIjhLauqZs8YG2rZ5QRaPpHFP7_i0jHMe0fRRMK5byvmRtNZAzSsa1cmJbbUHeGJi5m1pTXua0f9Vy7HaqWy22Vu8s0YMMrDWVJB177bxrEAYhIO9eT5qjGyqekHd1seDC20a4F9Mq-6uN7cUatdIz7wE-QpRH-V47ij9nOSfyYnBRgF-pG7V5qFufj0I9MZcwcv4-TL1sG7vULwg0NPEJP3Bfogyfht_pvrQUWm5LGW6ThzY&cid=CAASEuRocUXAmKSD8JGj-JN6m6JqgQ&rfl=1%2Chttps%253A%252F%252Fmisr5.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 967
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:41:41 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame D77F 24 KB
9 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:51:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 398
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 23 Nov 2021 04:51:10 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D77F 41 KB
15 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 11:10:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64027
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 08 Nov 2022 11:10:41 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F37E 1 KB
749 B 18ms
18ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Mon, 08 Nov 2021 18:26:41 GMT
expires: Tue, 09 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 37867
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame D77F 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4cf7c6414dda105de5b74a6a3ce2a8e090dd57f3bed70c3ce5b394c1ebed3bce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 5E6D 22 KB
8 KB 8ms
7ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Mon, 08 Nov 2021 11:10:41 GMT
expires: Tue, 08 Nov 2022 11:10:41 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 64027
cache-control: public, max-age=31536000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 160x600.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/ Frame B9BA 42 KB
10 KB 30ms
15ms Document
text/html 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8724a726e2514a2ee15f3be822d578d9cab56219e269b5a12e2ca50743de1ec8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 10006
date: Tue, 09 Nov 2021 04:57:48 GMT
expires: Wed, 10 Nov 2021 04:57:48 GMT
cache-control: public, max-age=86400
last-modified: Mon, 07 Jun 2021 11:46:35 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D77F 0
571 B 75ms
39ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6bb9GBrf6_z2SXzP0lRwJ_js6KLbsesqx9sQ8myV7F4uUNde-m7tU0xzGI6JlFQR5jR499TcdVnMMFQAAJvCYQvRl5gVwyAg6hpKiqEwiS_FAfFf1vXIqJQ5Mx_dq1ns2BmCrEamU-wWVaJlpL_GhuqX_X3VK-lGAScuiSuppn_S4iRJ9BJtLebLtcuh87PEcv7U5rnQ7eMMIl07cKscDhlqHxzqEYesggK4_8wqIhnyVxsGE1S6Ued7Kt4LN46KLgJCB5_uWgzW-UBuZSdk-QYMtQ1St1-QZ8V2biR3tWlFrxTjgxRVeWhhEwf4di4OgR43n9DyQ7oogYY36-qgjyhXh9Y6pYrx-8GEBwarhY7wN9XFTl5d3apQPxzlveaz5SAfRDgEDtLzyvmh9hGTD8htBBKlPs99MTut0GbvUdD7Ky2FYjzHiGujBjUVMfgqGgCWhqfy84wuB0xhK9jhoRQf6MZFbZoCKwUDxwqGUVptP6w25Vr6lNQZijq-25P86US1K5IUpDcPVol0HakFUbuO0PCJAEmM3hVlm5_xrd0T6s4pAn18LBjj_gmZJmGFhSdLNesTEBFyAkTT-ltu4lwG7l02MLKdaNrzNGnLFF02wpdSXn7jOdwmUTnwPPK8NazQHJlfNFXJruzoM84bKzwoIKhOOyITdvzJwzhzK0C2yiN2Y_JmTVe0Y7I2GH2Y9oQeODrPKgDJchYRffVcojfBo4YLlO7hpDIMIYKndp5dxDDt7Rpg_3wcYpGKozXQRQqhpvPHAuHAwbrR9qXbrOvroV4FQWDJReyAcbK5guQq1LXj5W94B4nB9IpIOJuozP4QofTltmHt52lnJYGgu3pEdaqdury-9n_demJVpc6grcMl0UUJcxvYVmIJhuifEBTBYaGFlokOqcE9LLhosCl4lnGUKozZ3LNP46MnFU9nsjWQ7IcLAkSQhKwh_Q2Ap_JIjjjAoWoASNTI7HU_B7U-T35CFagpOpjmuBAOuiv2CAXMNddZ-vssUoA86jO72vmcJM0HSofAs7lRwIAjwip6wuvA0DPmbKCiITcUo8GoCUVrpYWtuBUdKnQOCeOWohUCDbfJGrvFJPB4o7PLtRblnm-nmIfUifLLzkU7n_Hx6l4LbSXbltJA3-RvEaeULVdF_k5M0IF6djKMPn1W26eLmQAE7TwIVK_C18j_32Sj-pbzqzq2TN7AtFRACWkXSGk-o4wnWGihAfgU&sai=AMfl-YRHV4f6XG57fAriPPe5_C3y4Aqe6R1ZNxhIDi2M1zBJLJ0XMhmk3c5zh0DuNUT0pSxVoPJJvvtf1K601a9SgsPYLz3c7U1KKYeLIY0r9Gsh3VP-U9JfcXedthdbaj363sCObcTSkIlb2dH1MwvHVMWx1TcESA&sig=Cg0ArKJSzETi0Tl6Fp8DEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=85&cbvp=1&cstd=79&cisv=r20211103.61389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Tue, 09 Nov 2021 04:57:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 i.match
a.tribalfusion.com/ Frame F37E 43 B
717 B 205ms
185ms Image
image/gif 2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.tribalfusion.com/i.match?p=b6&u=CAESECw5pdy3Tu99hKmGGjOOGvs&google_cver=1&google_push=AYg5qPLNPQ2OXQMmo0dKzFPQWzJlbMb1zc4yU39tU86ZGEDhdLMyJjpKw5_knHX6sDX7y8iexXdOFTwdTlIvD6-QMM0Uqgudlyw2&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPLNPQ2OXQMmo0dKzFPQWzJlbMb1zc4yU39tU86ZGEDhdLMyJjpKw5_knHX6sDX7y8iexXdOFTwdTlIvD6-QMM0Uqgudlyw2%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6ab4765f98543746-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame F37E 0
191 B 96ms
29ms Image
text/plain 66.155.71.25
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELrbGqoTDRNkIzhLuBiJDRQ&google_cver=1&google_push=AYg5qPJ3c9xnaOJKorWnKwmzTxn94kmqU5m30hd7hTHbxn--OZDg_LcY0Zva_rX5P_x9Tu5ZWYf8IbHB_wNe3Kt4aHrgmk9FHE8
Requested by: Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.25 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET gg_pixel
sync.adaptv.advertising.com/ Frame F37E 0
0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37E
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

17ms
16ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ7le-eQ37HWHpWnq2AXYvR3RemrvLpV3M_5mTRY5DkNZdHtqxHy27cgOv8OV93KsJzgRflM8gwF44Nti5UnHzhiza1R8i4

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Mfi57HoGQ8Okv0MGVqiZ0g%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPJ7le-eQ37HWHpWnq2AXYvR3RemrvLpV3M_5mTRY5DkNZdHtqxHy27cgOv8OV93KsJzgRflM8gwF44Nti5UnHzhiza1R8i4
date: Tue, 09 Nov 2021 04:57:48 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37E
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEM...
https://sync.targeting.unrulymedia.com/csync/RX-083b000c-2ebd-4065-9b76-3e251ec49537-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIW0xWun6HS6YUtfwp9n...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIW0xWun6HS6YUtfwp9nsIXN1qIsWYS-uCqu5-L9NxuG8iVnwo0vZCmihKqO8o8KBxCLsosWlCSjSgigXlXKX2XFrh-2J6H&google_hm=Awg7AAwuvUBlm3Y-JR7ElTc

170 B
188 B

22ms
21ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIW0xWun6HS6YUtfwp9nsIXN1qIsWYS-uCqu5-L9NxuG8iVnwo0vZCmihKqO8o8KBxCLsosWlCSjSgigXlXKX2XFrh-2J6H&google_hm=Awg7AAwuvUBlm3Y-JR7ElTc

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIW0xWun6HS6YUtfwp9nsIXN1qIsWYS-uCqu5-L9NxuG8iVnwo0vZCmihKqO8o8KBxCLsosWlCSjSgigXlXKX2XFrh-2J6H&google_hm=Awg7AAwuvUBlm3Y-JR7ElTc
date: Tue, 09 Nov 2021 04:57:48 GMT
server: Tengine
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag: RX083b000c2ebd40659b763e251ec49537003
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F37E
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEBZXtUTX0-4dwH-_rzqt32A&google_cver=1&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ruOtCA9VygHXWvOefoOiettpdpgWmDwMnAukqPHS8L
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ruOtCA9VygHXWvOefoOiettpdpgWmDwMnAukqPHS8L&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU1NTI4MDQ4ODYzOTg2MTkxMg%3D%3D&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ru...

170 B
188 B

20ms
20ms

Image
image/png

172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU1NTI4MDQ4ODYzOTg2MTkxMg%3D%3D&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ruOtCA9VygHXWvOefoOiettpdpgWmDwMnAukqPHS8L

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NTU1NTI4MDQ4ODYzOTg2MTkxMg%3D%3D&google_push=AYg5qPL__68uxFB1G_V17YaipNI_msl20X9p-mKHRihkLEhrIiCEdEvF67ruOtCA9VygHXWvOefoOiettpdpgWmDwMnAukqPHS8L
date: Tue, 09 Nov 2021 04:57:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame F37E 0
75 B 17ms
17ms Image
text/plain 185.86.139.94
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKDuhRbMzsJH1iRrqG10V9o&google_cver=1&google_push=AYg5qPLuDskUuEz0OHD5mQXclb0bffvEnrb4-oh_IKUVtlE_hqHSMggw0zAHKxf3Fkml1lt1sxTdCClnLLRPzbD6NLqy9MPETaUd
Requested by: Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.94 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:47 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F37E 0
12 B 14ms
14ms Image
text/html 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LvJ_2NOViiBGU91zMUgc9sa3h7yG8fcFo_Vbp9zPoq9eZWckfhTUfu0DPL7PAFmZ0nw1eQ

Requested by

Host: cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
URL: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:48 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E6D 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 20:02:57 GMT

GET
H3 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame B9BA 110 KB
38 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84347
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:32:01 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame B9BA 60 KB
24 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 04:57:48 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D77F 0
60 B 35ms
34ms Ping
image/gif 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss6bb9GBrf6_z2SXzP0lRwJ_js6KLbsesqx9sQ8myV7F4uUNde-m7tU0xzGI6JlFQR5jR499TcdVnMMFQAAJvCYQvRl5gVwyAg6hpKiqEwiS_FAfFf1vXIqJQ5Mx_dq1ns2BmCrEamU-wWVaJlpL_GhuqX_X3VK-lGAScuiSuppn_S4iRJ9BJtLebLtcuh87PEcv7U5rnQ7eMMIl07cKscDhlqHxzqEYesggK4_8wqIhnyVxsGE1S6Ued7Kt4LN46KLgJCB5_uWgzW-UBuZSdk-QYMtQ1St1-QZ8V2biR3tWlFrxTjgxRVeWhhEwf4di4OgR43n9DyQ7oogYY36-qgjyhXh9Y6pYrx-8GEBwarhY7wN9XFTl5d3apQPxzlveaz5SAfRDgEDtLzyvmh9hGTD8htBBKlPs99MTut0GbvUdD7Ky2FYjzHiGujBjUVMfgqGgCWhqfy84wuB0xhK9jhoRQf6MZFbZoCKwUDxwqGUVptP6w25Vr6lNQZijq-25P86US1K5IUpDcPVol0HakFUbuO0PCJAEmM3hVlm5_xrd0T6s4pAn18LBjj_gmZJmGFhSdLNesTEBFyAkTT-ltu4lwG7l02MLKdaNrzNGnLFF02wpdSXn7jOdwmUTnwPPK8NazQHJlfNFXJruzoM84bKzwoIKhOOyITdvzJwzhzK0C2yiN2Y_JmTVe0Y7I2GH2Y9oQeODrPKgDJchYRffVcojfBo4YLlO7hpDIMIYKndp5dxDDt7Rpg_3wcYpGKozXQRQqhpvPHAuHAwbrR9qXbrOvroV4FQWDJReyAcbK5guQq1LXj5W94B4nB9IpIOJuozP4QofTltmHt52lnJYGgu3pEdaqdury-9n_demJVpc6grcMl0UUJcxvYVmIJhuifEBTBYaGFlokOqcE9LLhosCl4lnGUKozZ3LNP46MnFU9nsjWQ7IcLAkSQhKwh_Q2Ap_JIjjjAoWoASNTI7HU_B7U-T35CFagpOpjmuBAOuiv2CAXMNddZ-vssUoA86jO72vmcJM0HSofAs7lRwIAjwip6wuvA0DPmbKCiITcUo8GoCUVrpYWtuBUdKnQOCeOWohUCDbfJGrvFJPB4o7PLtRblnm-nmIfUifLLzkU7n_Hx6l4LbSXbltJA3-RvEaeULVdF_k5M0IF6djKMPn1W26eLmQAE7TwIVK_C18j_32Sj-pbzqzq2TN7AtFRACWkXSGk-o4wnWGihAfgU&sai=AMfl-YRHV4f6XG57fAriPPe5_C3y4Aqe6R1ZNxhIDi2M1zBJLJ0XMhmk3c5zh0DuNUT0pSxVoPJJvvtf1K601a9SgsPYLz3c7U1KKYeLIY0r9Gsh3VP-U9JfcXedthdbaj363sCObcTSkIlb2dH1MwvHVMWx1TcESA&sig=Cg0ArKJSzETi0Tl6Fp8DEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=158&vt=11&dtpt=73&dett=3&cstd=79&cisv=r20211103.61389&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: misr5.com
URL: https://misr5.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B9BA 7 KB
5 KB 18ms
18ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

589a6956f060e4494f7f195ebc28a545e0d03c78a5733550d328e73c429c6c38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5153
x-xss-protection: 0

GET
H3 200 OnAir-Bold.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame B9BA 47 KB
47 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Bold.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:46:42 GMT
x-content-type-options: nosniff
age: 666
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47676
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:39 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:01:42 GMT

GET
H3 200 OnAir-Regular.woff2
s0.2mdn.net/creatives/assets/4140742/ Frame B9BA 47 KB
47 KB 12ms
12ms Font
font/woff2 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4140742/OnAir-Regular.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:45:52 GMT
x-content-type-options: nosniff
age: 716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47848
x-xss-protection: 0
last-modified: Thu, 06 May 2021 11:38:29 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:00:52 GMT

GET
H3 200 60005582_20210907010537044_160x600_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B9BA 15 KB
15 KB 11ms
11ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210907010537044_160x600_LOOK-01.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

511db8280b810ba5ac4dfca03f699bb9ead43f3cf6679dcaa1fe6de9d7246de0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:32:19 GMT
x-content-type-options: nosniff
age: 84329
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15706
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 08:05:37 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:32:19 GMT

GET
H3 200 60005582_20210907011245328_STOERER_Wechselbonus.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B9BA 4 KB
4 KB 12ms
11ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210907011245328_STOERER_Wechselbonus.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7929d563a506ef64369932c67c5ee4e011fdbb044a40304127757ebecbffed55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 05:35:05 GMT
x-content-type-options: nosniff
age: 84163
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3656
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 08:12:45 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 05:35:05 GMT

GET
H3 200 60005582_20210803245841639_S21-Plus-5G_schwarz.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame B9BA 47 KB
47 KB 12ms
11ms Image
image/png 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210803245841639_S21-Plus-5G_schwarz.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7df0cf0caaa8d47cffffffc61be3219ad48a3683a3d240f2af97ee904c438735

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/60601834/20210607044635246/160x600.html?e=69&leftOffset=0&topOffset=0&c=INmbFucdO9&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 02:47:39 GMT
x-content-type-options: nosniff
age: 7809
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48568
x-xss-protection: 0
last-modified: Tue, 03 Aug 2021 07:58:41 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 10 Nov 2021 02:47:39 GMT

GET
H/1.1 200
OK postview.gif
portal.o2online.de/nws/img/ Frame B9BA 43 B
607 B 38ms
10ms Image
image/gif 82.113.101.132
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.o2online.de/nws/img/postview.gif?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_291119014_99349854_-0&ref=25124645_4307561_291119014_99349854_-0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.132 Wetzlar, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.o2online.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 04:57:48 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B9BA 17 KB
6 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:57:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Tue, 09 Nov 2021 04:57:48 GMT

GET
H3 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 48E8 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 20:02:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 32091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 08 Nov 2022 20:02:57 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E6D 0
20 B 19ms
19ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BZGhYzP-JYfTKIKmm3gPWooWQDgAAAAA4AeAEAg&bg=!vb6lvvrNAAYH3anuB907ACkAdvg8Wifol6xSM9fTeD88eWKN2CbXZX3SBZxxaQpOSPZLCAF_0s7TWQIAAACOUgAAABJoAQcKAHpfnci9Oaflh63lG88HSMdFKhQ_77Dh2hksnTUvFzZXQsmridrDoyDVGkBiwVATXcd4RXVfiJJzPJ4kK0DKlG6YpQpYruVuEWVZvIHgrT_hlt3mWOrShgc-EmrMUMWiGn8usWjwHen43bpbipWmpwkzjO4INi9CChW135kDAonrUTV3SKqGQqOoiR1ZqEbr7IfCOV_i8hIo3fdeNzXze_kACpLPKzFpm7pOzk7fYTv41vwnrf79iSpiW1VBRYw-GVYa01kV2jJL45oAasRkudMiFaVSjIxs87ZVjq0ZFB1ghCJ0mTK5fnZ5pMXaygCTf5KqQdyAh0Dve381vIAP7WCVHytxsnFbeKpKisaTfanFK-Ti25hiSJE8EfoWaU37Dn6RJEai4nSMIW6a7IxUXzS_k12bJHdBthh-Klf9kiy2amg4nSH0gWDmUpDPzkGlKe1aKQoYOJHW_wFFSO_XysiGbzllgzrGPv2-sc37T0YdNaThq4yQ78bHW8jHgHzP2XTPbVYJxAF1tltv7tpkymuncmYPOwRW9D0UoQk97M_g5fDZqNrxfNj86P-GVeRwQWbTD-uztBn_mFYFBJLfXVbp4makJdgukmr6DE0HNVqVaSYevU72piI--22LEyJ8tsBDrBxf_FtD_mIWBeLKxX_VmR3tSR_jOlatxYo5ze23K97YjLnembkgHPDV01LnxaXCuGyoRyXwZDW8n9O_LdAvo6fIroMN77a94b_-jMQrtADLPLDxHNH_gXhfi-6MFBfaLsSTYQz_W8JCYzHFr1gMT5d1UChXPOCbRKLBP1XtNr0FgA_bgJWnvz2uBKgn4eKQH2aXvbqmH5rBaWS1SV7zRUSBktHo1X3Yv7oPZ49u1IzLG4unESlb-ZZfhPRam2uTDFxtwUVVywW_XNFVXD7RHEd9hj7KApxMzHBVz8fXD6NC4Dzj_eJ0wt9BZcbw2y4QuwEvWZaQMozDV3-c_zQV0vkb1HrpjGJyeUB_Fwo4HZGJnpudRdxScwdi-gGgR28C8d_Aa5a6Nn4PdLGgwjvR2ZntPOdFTWNU_dyt51ucWuituro3jextuoXyNQNp3ZX7I3sFqP19ur3YiHKaHNm9TSs9wkPAX4gvL5oZ2hlujVQV0GWQTWLUpJypPFUseasUIguozGraanoqsRVkoF2aig27o048cbOHmhswF18E

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content multitracking Show response
ghb.adtelligent.com/adunit/ 0
200 B 22ms
21ms XHR
text/plain 2a0c:5c81:5142::2
24SHELLS

General

Check archive.org

Show headers Download Go to

Full URL: https://ghb.adtelligent.com/adunit/multitracking
Requested by: Host: player.adtelligent.com
URL: https://player.adtelligent.com/prebidlink/454564/wrapper_hb_323303_12551.es6.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2a0c:5c81:5142::2 London, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software: VertaMedia 1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://misr5.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://misr5.com
Date: Tue, 09 Nov 2021 04:57:48 GMT
Access-Control-Allow-Credentials: true
Server: VertaMedia 1.0
Connection: Keep-Alive

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D77F 42 B
64 B 21ms
20ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGL2vY3bd5503AVY8wM7Imnq9qI_8LaJZJx8B8uTuIjqPTycq6X6ewFVmsNuCmmY2oSErxW2WNFiVAoFOJ4OsavGcgYbjpUDngbQpjJvT-8yjWIhGekg&sai=AMfl-YS1wry5Ga1nsnikRFviRXCdK-5bytgFpxrfEsH9Tx7HxBDSvlfe4R_PANaoHnyh6UHNTsRoTQsn6e8mXllfqwGyYm-KwjA1-oDF0hnlGk4XW0-oesqWwM_EbEYC&sig=Cg0ArKJSzBXx3lXkmGLsEAE&cid=CAASEuRocUXAmKSD8JGj-JN6m6JqgQ&id=lidar2&mcvt=1000&p=311,-41,351,0&mtos=933,966,1000,1033,1097&tos=933,33,34,33,64&v=20211108&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=2199751173&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636433868488&rpt=152&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:50 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
track.adform.net/serving/unload/ Frame FF5E 35 B
502 B 20ms
19ms Ping
image/gif 37.157.3.28
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://track.adform.net/serving/unload/?version=15&unload=0@@46989091,7791849035273837552,0|0|0|0|0|0|0|0|0||0|1|346|60681a18-77db-4463-8424-727afaa93fa5_1|||1|0|0|p5tmRF85ya3i5nP9TebYOumn3tQYot-A0|||11||0

Requested by

Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.28 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 04:57:50 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET, POST
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
access-control-allow-headers: Content-Type, Cache-Control, Accept-Encoding, X-Requested-With
expires: -1

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: sync.adaptv.advertising.com
URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEO8nuWzR5bFbJ4k-unYXKyQ&google_cver=1&google_push=AYg5qPLgR0TWgeSy8-ODir2D2G_86HN4i17CaVHCS2sx0peayblv9-8I2FBVf_xD7Vqa29Xbzr8vrk1U9VfJxMmmVJ3mKB46C_s

Verdicts & Comments Add Verdict or Comment

150 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

64 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.misr5.com/	1970-01-20 16:05:05	Name: _ga Value: GA1.2.1103340534.1636433864
.misr5.com/	1970-01-19 22:35:20	Name: _gid Value: GA1.2.493838119.1636433864
.misr5.com/	1970-01-19 22:33:53	Name: _gat Value: 1
.adtelligent.com/	1970-01-20 00:03:10	Name: vmuid Value: b62316979185d042
misr5.com/	1970-01-19 23:17:05	Name: _pbjs_userid_consent_data Value: 3524755945110770
misr5.com/	1970-01-20 07:19:29	Name: _pubcid Value: c07521d1-e72f-480a-8e3e-555d5b345df5
.lijit.com/	1970-01-20 07:19:29	Name: ljtrtb Value: eJyrrgUAAXUA%2BQ%3D%3D
pbjs.e-planning.net/	1969-12-31 23:59:59	Name: CT Value: 1
.e-planning.net/	1970-01-22 11:53:05	Name: E Value: AMHDP4KHVxD6jCp7
.a-mo.net/	1970-01-20 07:19:29	Name: amuid2 Value: 8bf1eae8-2c2d-49cb-9ec8-979dba7c34f1
.doubleclick.net/	1970-01-20 07:55:29	Name: IDE Value: AHWqTUm1R9tRmKQF6Un1ctVM9Ct_HCD419_EaoBhfqqFuaStRkK227A0pJ8SZp_NrMo
.openx.net/	1970-01-20 07:19:29	Name: i Value: 1bc7d931-6ccf-0b70-10e3-53c989ddcc23\|1636433865
.adtelligent.com/	1970-01-20 00:03:10	Name: a319130 Value: 4d223f20-6346-4870-a6f4-5fe004a321ee
.adnxs.com/	1970-01-20 00:43:29	Name: uuid2 Value: 2324075751115704398
.openx.net/	1970-01-19 22:55:29	Name: pd Value: v2\|1636433865\|mOgeginskin0vNomiygu
.misr5.com/	1970-01-20 07:55:29	Name: __gads Value: ID=ae0c3e29d00a0aac:T=1636433864:S=ALNI_MZ2rh1cJfdXSBexZ00zybeQgPfaqQ
.quantserve.com/	1970-01-20 00:43:29	Name: d Value: EPkBDAHXJIqsMA
.quantserve.com/	1970-01-20 08:04:08	Name: mc Value: 6189ffc9-80c3e-0774e-bedc0
.w55c.net/	1970-01-20 08:02:41	Name: wfivefivec Value: GfDnedep1MKjcB5
.bidswitch.net/	1970-01-20 07:19:29	Name: tuuid Value: ec043c53-d505-4cf4-8986-4c0f1415fa54
.bidswitch.net/	1970-01-20 07:19:29	Name: c Value: 1636433865
.bidswitch.net/	1970-01-20 07:19:29	Name: tuuid_lu Value: 1636433865
.w55c.net/	1970-01-19 23:17:05	Name: matchopenx Value: 5
.mathtag.com/	1970-01-20 07:59:49	Name: uuid Value: b04c6189-ffc9-4000-aa92-a8112cccf689
.adform.net/	1970-01-19 23:17:05	Name: C Value: 1
.adform.net/	1970-01-20 00:00:17	Name: uid Value: 8270796314496779218
.bidr.io/	1970-01-20 08:02:23	Name: bito Value: AADS907DFAAAADeUu0s6DA
.bidr.io/	1970-01-20 08:02:23	Name: bitoIsSecure Value: ok
.travelaudience.com/	1970-01-20 08:02:41	Name: _tracker Value: %7B%22UUID%22%3A%22576B9601-0612-4FDF-9C4E-371C0ABD178E%22%7D
.advertising.com/	1970-01-20 07:20:56	Name: APID Value: UP94371bd5-4119-11ec-9c8c-06f28f52458a
.doubleclick.net/	1970-01-19 22:33:57	Name: DSID Value: NO_DATA
.m6r.eu/	1970-01-19 22:33:57	Name: test Value: true
.pubmatic.com/	1970-01-19 22:35:20	Name: KTPCACOOKIE Value: YES
.pubmatic.com/	1970-01-20 00:43:29	Name: KADUSERCOOKIE Value: 31F8B9EC-7A06-43C3-A4BF-430656A899D2
.volvelle.tech/	1970-01-20 07:19:29	Name: ouuid Value: 707ce5b0-508f-4c3f-a370-a6b3070d83fa
.volvelle.tech/	1970-01-20 07:19:29	Name: c Value: 1636433865
.volvelle.tech/	1970-01-20 07:19:29	Name: ouuid_lu Value: 1636433865
.m6r.eu/	1970-01-20 00:43:29	Name: cct Value: 1636433865982
.m6r.eu/	1970-01-20 00:43:29	Name: id Value: 94ea09436bf58fa3e4bfa97a4afdc4af
.pubmatic.com/	1970-01-19 23:17:05	Name: KRTBCOOKIE_699 Value: 22727-AADS907DFAAAADeUu0s6DA
.pubmatic.com/	1970-01-19 23:17:05	Name: PugT Value: 1636433865
.pubmatic.com/	1970-01-20 00:43:29	Name: PUBMDCID Value: 3
.yahoo.com/	1970-01-20 07:19:51	Name: A3 Value: d=AQABBMr_iWECEL_OnQCnCfWDs-RG2HMZ3fkFEgEBAQFRi2GTYQAAAAAA_eMAAA&S=AQAAAvIWZ-2F9IkpmB0SCAie3-I
.analytics.yahoo.com/	1970-01-20 07:20:56	Name: IDSYNC Value: 18wq~21fg
.yahoo.com/	1970-01-19 23:49:55	Name: APID Value: UP94371bd5-4119-11ec-9c8c-06f28f52458a
.yahoo.com/	1970-01-19 22:35:20	Name: APIDTS Value: 1636433866
bh.contextweb.com/	1969-12-31 23:59:59	Name: INGRESSCOOKIE Value: e55349acab318b8d
.criteo.com/	1970-01-20 07:55:29	Name: uid Value: 0eda4c36-28c3-40c0-bc8b-6e3899058121
.misr5.com/	1970-01-20 07:55:29	Name: cto_bundle Value: 7pI7NV9nTHlhRVkwRVZlMmI1U2U1bFJnc1JEYWFXVHMzclJJaGxtVzF2SXpRTmJnbHIxeHZTbm5BWWJkWGJBSDhjV29aYnNuY2p0TVJlR2xUV0pybHR5SWhDazdicVcxUlpNeTlBcWIwUEJVUzVSUE1ock9oNzlvV3FHTlElMkZHTm1RSUwyM0RPY2FrYmlEMTc5NUl4JTJCWjJLUkVRJTNEJTNE
.adnxs.com/	1970-01-20 00:43:29	Name: icu Value: ChgInKN6EAoYAiACKAIwzP-njAY4AkACSAIQzP-njAYYAQ..
prebid.a-mo.net/	1970-01-20 07:19:29	Name: __amc Value: 2_1636433864_1636433868
misr5.com/	1970-01-20 07:55:29	Name: cto_bundle Value: VlbarV9tZmduNlpaNUtDZGtwJTJGQ1ZuSGJ0MiUyRmk5STFlcFNxRmM3Sno5Vk9seGxpeDIycUtQSVZnU3UlMkZWR3RiWnU1OGNCQ0NpWjVzdE90NWRJR2U4RU9GTTlBdnNLN281QVJmNzhjRm9VaDRmbXU1S3NSZEdxa0VLcnZmenlIQmR6cTM1NXpFT1BsMGY2NTFyS0d5dkhHRUg4cEElM0QlM0Q
misr5.com/	1970-01-20 07:55:29	Name: cto_bidid Value: S-3bBV9aJTJCJTJGdHBhRHJxMWxxOEtkMTlOSWpWTyUyRmNRY3E4SnVLSkRaUDQxeDhoV2pOMFN1b1B0OHRwcHRJbHh3Y3p1aTNxcmZOa3VWT0htVUJYN3R2OU1lZXB3TmFXM2lsV1ZCYnN3aHkzaVQlMkJJTiUyQmclM0Q
.adnxs.com/	1970-01-20 00:43:29	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C%ux:rRu!]tbPl1M>e)ZlrFUfJ+tGXxp:NTXJ-J)BeS^'uPeAkBb.KG8OD[8.n%gFvpjbpRzqF1`b_a$*G9H
.casalemedia.com/	1970-01-20 00:43:29	Name: CMPS Value: 3228
.casalemedia.com/	1970-01-19 22:35:20	Name: CMST Value: YYn-zGGJ-8wA
.casalemedia.com/	1970-01-20 07:19:29	Name: CMID Value: YYn-zGBZJdF09HiZczj-fAAA
.casalemedia.com/	1970-01-20 00:43:29	Name: CMPRO Value: 1201
.casalemedia.com/	1970-01-20 07:19:29	Name: CMRUM3 Value: 2d6189ffcc2760CAESEAG-K3m_XURbJ2Wd5G9tGLs
.3lift.com/	1970-01-20 00:43:29	Name: tluid Value: 5555280488639861912
.1rx.io/	1970-01-20 07:19:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-083b000c-2ebd-4065-9b76-3e251ec49537-003%22%7D
.targeting.unrulymedia.com/	1970-01-20 07:19:29	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-083b000c-2ebd-4065-9b76-3e251ec49537-003%22%7D
.o2online.de/	1970-01-19 22:43:58	Name: webShopPV Value: ?partnerId=O2_DSP_TRA_HAV_14114_PV&mediacode=25124645_4307561_291119014_99349854_-0&ref=25124645_4307561_291119014_99349854_-0
.tribalfusion.com/	1970-01-20 00:43:29	Name: ANON_ID Value: arntuJNZaiMiAmemFmHgw4iR8jXEiPjhQNV3EfF9SZccywQu32HHmT7PGrTlonnVDFnWYc4YIVaI0WUSZadE2tfX8eD

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://cdn.ergadx.com/js/1636/ads.js Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEO8nuWzR5bFbJ4k-unYXKyQ&google_cver=1&google_push=AYg5qPLgR0TWgeSy8-ODir2D2G_86HN4i17CaVHCS2sx0peayblv9-8I2FBVf_xD7Vqa29Xbzr8vrk1U9VfJxMmmVJ3mKB46C_s Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
a.volvelle.tech
adipolo.com
ads.travelaudience.com
adservice.google.com
adservice.google.de
analytics.webpushr.com
ap.lijit.com
bh.contextweb.com
bidder.criteo.com
bot.webpushr.com
c1.adform.net
cd40236be90704d202405d9c3fa83ae7.safeframe.googlesyndication.com
cdn.ergadx.com
cdn.webpushr.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
csi.gstatic.com
csync.loopme.me
dm.hybrid.ai
dsum-sec.casalemedia.com
eb2.3lift.com
eu-u.openx.net
fonts.googleapis.com
fonts.gstatic.com
ghb.adtelligent.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
image2.pubmatic.com
image6.pubmatic.com
jscdn.greeter.me
match.adsrvr.org
match.prod.bidr.io
misr5.api.oneall.com
misr5.com
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbjs.e-planning.net
pixel-sync.sitescout.com
pixel.advertising.com
pixel.quantserve.com
player.adtcdn.com
player.adtelligent.com
pm.w55c.net
portal.o2online.de
prebid-eu.creativecdn.com
prebid.a-mo.net
rtb-csync.smartadserver.com
rtb.openx.net
s.tribalfusion.com
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc.33across.com
static.criteo.net
sync.1rx.io
sync.adaptv.advertising.com
sync.adtelligent.com
sync.mathtag.com
sync.targeting.unrulymedia.com
t.trafmag.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
ups.analytics.yahoo.com
us-u.openx.net
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
sync.adaptv.advertising.com
136.243.63.184
138.68.235.115
141.95.3.9
142.250.184.226
142.250.186.130
147.75.61.140
162.55.6.211
167.172.183.24
172.217.16.130
178.250.0.165
178.250.2.146
18.156.0.31
18.197.47.23
185.184.8.65
185.29.134.244
185.64.189.110
185.64.190.78
185.86.137.131
185.86.139.94
193.200.65.5
198.148.27.139
2.18.234.21
205.185.216.42
213.174.135.2
213.19.147.44
216.52.2.30
2404:6800:4008:c01::78
2606:4700:3032::ac43:c67b
2606:4700:3033::6815:2de
2606:4700:3036::6815:2cb
2606:4700:3036::ac43:9b24
2606:4700::6810:125e
2606:4700::6812:d05
2620:116:800d:21:8c6e:cf2c:8d6:9fb5
2a00:1450:4001:801::2006
2a00:1450:4001:803::2002
2a00:1450:4001:808::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:811::200a
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2003
2a02:2638:1::3
2a02:2638::1c
2a0c:5c81:5142::2
3.120.169.248
3.127.92.82
34.149.20.76
34.98.64.218
35.186.253.211
35.190.0.66
35.210.178.101
37.157.2.247
37.157.3.28
37.157.6.241
37.18.16.22
37.252.173.38
5.178.65.245
51.89.9.252
52.223.40.198
52.30.222.33
62.149.0.72
64.225.42.52
66.155.71.25
72.251.244.142
76.223.111.18
82.113.101.132
023d2dda72814a8b932eaa0e1d2c7c1c4bd5f493d9c018e3345d8bc3f9bc6d69
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
043136bfa4e20d65a72219479759be169b64d7384bb089cf0479442156adcddc
0466791804bef999cf77f40cd353e28b4dd43e22c87e128265b4d3bfbf4aef53
06b51d8791791cf5b11c9ff7508aa37284bfa125d365f8f39fb641a8b7255a94
06e92c0485bd62b546482942cdd9bb9c8956c63251f3c7d9e5a5a1b5905a929c
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
09b22fb982a9aa03189e05b83c552ae0e4ffe186d7b08956977e065fddd0aa78
0b0862f44c265decd5554b410e6462d5c69107260306955ac07cf4f338d7cf66
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a40d7d761ceb6b04db65a2ae9706a325214b165d16876d35e7bbdd38e46cd
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1aa60c13e5f19ae4b56339a48cbb2119ad913ddc17499098322d8bdf47f7e850
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1e7fd4bbd0300c491490ff0247b20d92b70745a4981244b37e23a6bb92e25f7b
1fc322e402725e574ed8d6cbe52904a48c6ae55a1676719a63dc762c2b90fc4c
21d54eefe9a7097b394ee6c4675a5686f64394858f1ff836c6a8edd00f3da2fb
26fb38ae1284c19e62a01f2f59e2290bb19b71499ac74abf10193d43a20e8349
29040281e36e000b2bbc8ae74536f43fa1bf812a3e576a7c79c3e2e920e10362
2b071563c8b59cdc2b12b2703f3b5d147f555b1c41d83e5c5ef4a02395aed89c
2c631d7f874bd7a170eff7bf1b8f63d581fa3158b1feec535d7c184c1b5c6e1e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e050b7f1da783cce5a7be35e632698dc49ca9013802a48414f080cc861b4574
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
342d2740192ed3d4a2772391d7e14496028a133a605b7ecb1671c5ff5d9e8d2e
34db35a99c212fb6c59d8a5f180508a3583674a46148afd70eafa8876889c573
35907ea305da941b3960383690b95e8afcede1725f3b495706e2a0e19210ee4c
36e2e4bd6d6d36110eaade00f0edebe8d6fb10b2b40d8dc97a3ac38e94acc58f
37aa89dda0e09909ba2a425227fd49d79c00744c81e280fd29f702eca95dfa67
38ba5ba970f4625317281ba957bf879895625485957d4b83228dad11ef89a742
3a4d1fe746aa3b7652e35f1467b57c1edd015c9ced21df4ac8620a1d084855c1
400d415e25e3c2b6d990376f5b1b73e91a4ada0f82098f11b71b644773528907
418ce9b07a644b94f5471841f861eeca79c635fe13a800eaa89ecf6f31f7e91c
44fdd1eb3c024fe9fb4faeb815b2367ace182437a87eb25a75d7802d0f3c88c0
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
474e0b2bf388d7757402e5a2a75460f0fcc65876813452e1b45b60fe13a9d08c
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b42cac7698a04b0af729ef9c8aaf62484b6b7e9a1e11b58326a6e379fa2d2f6
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4cf7c6414dda105de5b74a6a3ce2a8e090dd57f3bed70c3ce5b394c1ebed3bce
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eae61414774c32c575197c4c552feccf4b60253edbfe3e0f785590ea6d82836
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
511db8280b810ba5ac4dfca03f699bb9ead43f3cf6679dcaa1fe6de9d7246de0
520b48b4e403f11c27270cb88d6b8b3d4a80fffaeec4228e556a14c6ea12a252
5519b4fcca802f3826dd28dc0f1db1d33eb311765245a297782f8ba244b54d45
55edf7a5665a184b34bc8ed7150de98892a2d5d0d560e3df434c1464047f8fc7
589a6956f060e4494f7f195ebc28a545e0d03c78a5733550d328e73c429c6c38
5a926e184f9486e2e4fb632d3f3a7a1a07411c1b393c268bc868150dc0fca075
5b023b1d27287f33aa24ac8f77d5d5f2ca9688eba142a9656927bbd778894614
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5e034e5d327dfc98a701ff3f1c4af23605ac8956400f80508ebb0d165eaa8c13
6365be1f270bccf27d2db5b29b74505d68bf40511c2c605d62dac598cac707fd
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
6682db417cae265b83ed6d54db0aad6b17fbd9e3ec5c2d6383a0c674c1431a5b
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6a83e5458e6894da79a1cab8b6c2eb06ffe10ab509f3c27918a47da2f7baf023
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6df2ce1dd3eb2bb0e0e5418aa6cdf26ff6cd382363f5d72b56d1befbec4131e5
6ef8f450e55451de3da1e6ec1d6a883e42112841adcdedbb2d6da5d926b67c8b
711adc17e671ec5283d6d7a6d347fe750916346915e7f036ecd2c6f1bda2e261
77d3a1375cb8f06c5a4a3c5bed715eef6e4f36dd3a44b2c1d187c5fe63c56498
7929d563a506ef64369932c67c5ee4e011fdbb044a40304127757ebecbffed55
7a4d34cd8a6c79ad31dd2fb51ad196d8cd526dd88c04f9d336c1808402ea5f78
7c9e9d369b235905c32e3ae399f4499cc30e60a1180be631d548ca2f98099ac1
7d6253e189e86a0bea5788ee2fe5c8885bc1a4f7010181a226d7884f81730b69
7df0cf0caaa8d47cffffffc61be3219ad48a3683a3d240f2af97ee904c438735
7efdd2612920d064605be3b32776d981e98177b5b141882fac89bacbafd36fc0
813f5ba8a95b2ea3ef9d198065f74ef600730c513f861f79ba6acf392b51af37
82d1783fd2ad15979a24c65dcc50b98b6dcadb2cf99024a606630f388c65b17c
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8724a726e2514a2ee15f3be822d578d9cab56219e269b5a12e2ca50743de1ec8
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8aadfd043de5da473809b9bde68049c3baf335eaa7f983d957cacec9610ffaf0
8d0db10cc75124ba4c699714a218728f272dc2d1881439fe1903fafbcf8fe2d5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f19d8e2c2eec8941e3fb606ef52ad505d1de3b9681dd9c2ddc3d73abf4ef1b5
975efe5a2f7b2e57d26bb8ab82936be19aefd1d78f014214790eef5f0b90c6bb
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9cbfc3e0135220f040908a4787b396a23aca9b8d066d5e536d34817e08b48d4e
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0cbd478fc3eca139064c2518b1ee06f25dd6daedd2d36b0a225236d998e3096
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a303f84255feeb46d38ce2a8a9ce7fcfd2ac83f46448cc518f07e3bf87126b7f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
ac4bb6d11eb6bc2f873df517370ccaa3e31a0dacbf5b217e28ab97f1eed53a57
acf7b5229a3293047eefc0296c2acf33cb3e8cb765ff6171550311eec75b1643
ae0f69022f40c6227e385419ae99f034547eb67fb060db749d3838a3b0e4f13b
af1e6edc875a382b338bb25bd7c5c3f474a7f1b36212002a5896dd06f2186325
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b26fbad2faebe2be13c01a9c115a6a81ed2f021b9d59959e9badb182a496bcaf
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
b756b522048c8f37819b3b20566aa2dcfbc7efeca40639c038098c6f164d2f72
beaf29de8df6f6581d164c1626caa1380010d05d7740668a57ee0c5b8d676a84
c110419995948214e5b16d9d0df8f7d91536cc42783edd90c7fc1810308309ac
c284299aeec8595fd3a10dcd2c27022edfda37c815571843a90c45cad18ace95
c39f6c877fceda06f7c689417db8901debc08e9688c75eeeda560134fb3268f6
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c8a662a43465f14fa063bca359386b459f1408791e30f1b82f279f9166355983
cae3500732f44a638f023a7c62c3934f13c4941fba577f49bccc4279126a2b2d
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
cfe350c0f72aeed783d9eeff37ca9b36391334324ef62397b6e1bebaf324e530
d039b53b744b87eeb0b2bf2cfb9b0400914c1c8c7329196299b7e480a7a84a7e
d06e8c6ca886c58b3bd5072d6cd86a5151849c4fc7cee63aa560aa19a2a88ee9
d2493b7c981df0747dbc8fe006324a0241245c5631b8d98191608b81d7591ea3
d6a18190ae5c42b4b92209a0e806dd33bbe716c3b8cb10d5cb1458e8a7435053
d9d9e3566e9ef77ca43a9e814c0f0182cdf11351d34f1d84c65357a4e05e6ce8
de18f83fe5e106b0ff08097632c801d3b2a5744cb2040302314b3ed08d5c0c8e
def5de6254be138b8b35d680d1fdd8b07827d03b8626daebfeeb4157ec330ea7
df28ecf929157156d9e444395da96bba8bec6319d1e88ea7241ee861bb1e76e0
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e66306564a262c0c1c57f576c6578eca19da2ef3a1da9e63680fcf62b1593bf7
e6969b69570c743952ab51b9fba22410be503db91b0566753d6da10894e76dad
e7e82d9e917c569248435f4fc04d5d05b755a84ab795adcf89efe9783091b5f7
e92db9b06fde4ce82c7c09c03a09a9a6040efd03520a8074bd67e6b1c6ad6a25
eae50574ea0a56447a194b3b9b6f1c5b351bc2839e59a8faed20d1c93ca6e651
ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
fd26232315c5199c77306e32e6d400ff94626317cf370d19595d9153cbbf0b5e

misr5.com Open in urlscan Pro 2606:4700:3036::ac43:9b24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Page Statistics

211 Requests

88 %HTTPS

33 %IPv6

55 Domains

77 Subdomains

55 IPs

11 Countries

3116 kBTransfer

5874 kBSize

64 Cookies

7 Outgoing links

Page URL History

Redirected requests

211 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

misr5.com Open in urlscan Pro
2606:4700:3036::ac43:9b24 Public Scan

Screenshot
Live screenshot

Full Image

211
Requests

88 %
HTTPS

33 %
IPv6

55
Domains

77
Subdomains

55
IPs

11
Countries

3116 kB
Transfer

5874 kB
Size

64
Cookies

211 HTTP transactions
5 data transactions