urlscan.io logo urlscan.io
SecurityTrails logo

ko.cm-ob.pt Open in urlscan Pro
2606:4700:3033::6815:2f7c  Public Scan

Go To Rescan Add Verdict Report
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Submission: On April 30 via manual from KR — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 60 IPs in 10 countries across 51 domains to perform 290 HTTP transactions. The main IP is 2606:4700:3033::6815:2f7c, located in United States and belongs to CLOUDFLARENET, US. The main domain is ko.cm-ob.pt.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 27th 2021. Valid for: a year.
This is the only time ko.cm-ob.pt was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
38 2606:4700:303... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:223... 16509 (AMAZON-02)
2 2600:9000:206... 16509 (AMAZON-02)
1 188.166.135.13 14061 (DIGITALOC...)
8 45.133.44.24 7018 (ATT-INTER...)
2 2606:2800:234... 15133 (EDGECAST)
1 2 2a03:2880:f22... 32934 (FACEBOOK)
1 151.139.128.11 20446 (STACKPATH...)
9 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
10 172.217.16.130 15169 (GOOGLE)
1 35.190.59.101 15169 (GOOGLE)
2 35.201.67.47 15169 (GOOGLE)
2 35.190.91.160 15169 (GOOGLE)
1 161.35.86.105 14061 (DIGITALOC...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.72 13414 (TWITTER)
1 159.69.161.138 24940 (HETZNER-AS)
1 12 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 144.76.120.254 24940 (HETZNER-AS)
8 37.157.2.234 198622 (ADFORM)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
4 145.40.89.200 54825 (PACKET)
4 185.184.8.90 204995 (RTB-HOUSE...)
1 18 185.33.223.38 29990 (ASN-APPNEX)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
13 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2404:6800:401... 15169 (GOOGLE)
1 142.251.5.155 15169 (GOOGLE)
5 12 142.250.186.130 15169 (GOOGLE)
2 4 23.35.236.247 16625 (AKAMAI-AS)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.98.64.218 15169 (GOOGLE)
2 23.35.237.56 16625 (AKAMAI-AS)
16 2a00:1450:400... 15169 (GOOGLE)
2 2 84.200.5.215 44066 (DE-FIRSTC...)
1 88.99.63.132 24940 (HETZNER-AS)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 1 139.162.84.221 63949 (LINODE-AP...)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
1 1 81.222.128.213 20597 (ELTEL-AS)
1 174.137.133.49 27257 (WEBAIR-IN...)
1 1 3.127.173.196 16509 (AMAZON-02)
2 46.236.13.147 12703 (PULSANT-AS)
7 142.250.185.98 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.66.248.120 16509 (AMAZON-02)
2 54.76.212.160 16509 (AMAZON-02)
1 2 2a02:2638::1c 44788 (ASN-CRITE...)
2 178.250.0.157 44788 (ASN-CRITE...)
4 23.35.236.188 16625 (AKAMAI-AS)
290 60
38    2606:4700:3033::6815:2f7c (United States)

ASN13335 (CLOUDFLARENET, US)
ko.cm-ob.pt
cm-ob.pt
4    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2600:9000:223c:de00:6:b871:4f00:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.optad360.io
2    2600:9000:206f:800:11:a4de:2580:93a1 (United States)

ASN16509 (AMAZON-02, US)
get.optad360.io
1    188.166.135.13 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
mos3.biz
8    45.133.44.24 (Philadelphia, United States)

ASN7018 (ATT-INTERNET4, US)
js.wpadmngr.com
na.nawpush.com
aa48423cd0.6374870abd.com
js.wpushsdk.com
js.wpshsdk.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
2    2a03:2880:f22d:1e6:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    151.139.128.11 (United States)

ASN20446 (STACKPATH-CDN, US)
s.skimresources.com
9    2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.youtube.com
8    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
10    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
securepubads.g.doubleclick.net
1    35.190.59.101 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 101.59.190.35.bc.googleusercontent.com
r.skimresources.com
2    35.201.67.47 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 47.67.201.35.bc.googleusercontent.com
t.skimresources.com
2    35.190.91.160 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 160.91.190.35.bc.googleusercontent.com
p.skimresources.com
1    161.35.86.105 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
fp.metricswpsh.com
1    2606:4700::6810:5714 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jsdelivr.net
1    104.244.42.72 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    159.69.161.138 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.138.161.69.159.clients.your-server.de
notification.tubecup.net
12    2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    2a00:1450:4001:82b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
static.doubleclick.net
4    2a00:1450:4001:809::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
jnn-pa.googleapis.com
6    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:808::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
yt3.ggpht.com
1    2a00:1450:4001:810::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
i.ytimg.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    144.76.120.254 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: ap15.adplayer.pro
serving.stat-rock.com
8    37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
4    145.40.89.200 (Ashburn, United States)

ASN54825 (PACKET, US)
prebid.a-mo.net
4    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
prebid-eu.creativecdn.com
18    185.33.223.38 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
24    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
3    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
18    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
13    2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
as.ad4m.at
assets.ad4m.at
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2404:6800:4015:801::2003 (Australia)

ASN15169 (GOOGLE, US)
csi.gstatic.com
1    142.251.5.155 (United States)

ASN15169 (GOOGLE, US)
PTR: wg-in-f155.1e100.net
bid.g.doubleclick.net
12    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
1    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
gcdn.2mdn.net
1    2a00:1450:400e:a::6 (Ireland)

ASN15169 (GOOGLE, US)
r1---sn-5hnekn7l.c.2mdn.net
2    2a00:1450:400e:a::8 (Ireland)

ASN15169 (GOOGLE, US)
r3---sn-5hnekn7l.c.2mdn.net
2    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    23.35.237.56 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-56.deploy.static.akamaitechnologies.com
sync.teads.tv
16    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    84.200.5.215 (Germany)

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
www.telefonica-partner.de
www.lead-alliance.net
1    88.99.63.132 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: nonstopads3.sunbonet.de
partner.blau.de
2    2a05:d018:24:b001:736:16ab:a44d:3496 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
1    139.162.84.221 (Tokyo, Japan)

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1564-221.members.linode.com
a.c.appier.net
1    2a05:d018:d29:3601:cf48:bf87:67aa:ca6e (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    81.222.128.213 (Russian Federation)

ASN20597 (ELTEL-AS, RU)
PTR: ad13.adriver.ru
ssp.adriver.ru
1    174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)
dsp.adkernel.com
1    3.127.173.196 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-173-196.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    46.236.13.147 (United Kingdom)

ASN12703 (PULSANT-AS, GB)
PTR: 46-236-13-147.servers.dedipower.net
track.webgains.com
7    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
ade.googlesyndication.com
googleads4.g.doubleclick.net
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    18.66.248.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-120.dus51.r.cloudfront.net
analytics.webgains.io
2    54.76.212.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
api.webgains.io
2    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
2    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
4    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
acdn.adnxs.com
Apex Domain
Subdomains		 Transfer
50 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
ade.googlesyndication.com — Cisco Umbrella Rank: 259
239 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 165
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
static.doubleclick.net — Cisco Umbrella Rank: 326
bid.g.doubleclick.net — Cisco Umbrella Rank: 469
cm.g.doubleclick.net — Cisco Umbrella Rank: 194
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 275
275 KB
38 cm-ob.pt
ko.cm-ob.pt
cm-ob.pt — Cisco Umbrella Rank: 880217
763 KB
22 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 217
acdn.adnxs.com — Cisco Umbrella Rank: 561
106 KB
20 2mdn.net
gcdn.2mdn.net — Cisco Umbrella Rank: 889
r1---sn-5hnekn7l.c.2mdn.net — Cisco Umbrella Rank: 465922
r3---sn-5hnekn7l.c.2mdn.net — Cisco Umbrella Rank: 460707
s0.2mdn.net — Cisco Umbrella Rank: 248
2 MB
13 ad4m.at
ad4m.at — Cisco Umbrella Rank: 2081
as.ad4m.at — Cisco Umbrella Rank: 2509
assets.ad4m.at — Cisco Umbrella Rank: 35666
236 KB
13 gstatic.com
fonts.gstatic.com
www.gstatic.com
csi.gstatic.com
123 KB
11 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 39
jnn-pa.googleapis.com — Cisco Umbrella Rank: 270
imasdk.googleapis.com — Cisco Umbrella Rank: 384
273 KB
9 youtube.com
www.youtube.com — Cisco Umbrella Rank: 86
731 KB
8 adform.net
adx.adform.net — Cisco Umbrella Rank: 4098
2 KB
8 google.com
www.google.com — Cisco Umbrella Rank: 5
adservice.google.com — Cisco Umbrella Rank: 63
15 KB
6 skimresources.com
s.skimresources.com — Cisco Umbrella Rank: 2923
r.skimresources.com — Cisco Umbrella Rank: 2788
t.skimresources.com — Cisco Umbrella Rank: 2953
p.skimresources.com — Cisco Umbrella Rank: 3834
20 KB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 371
112 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 368
mug.criteo.com — Cisco Umbrella Rank: 3014
1 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 507
4 KB
4 creativecdn.com
prebid-eu.creativecdn.com — Cisco Umbrella Rank: 5912
692 B
4 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1090
984 B
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 20273
api.webgains.io — Cisco Umbrella Rank: 53722
51 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 625
syndication.twitter.com — Cisco Umbrella Rank: 900
133 KB
3 wpadmngr.com
js.wpadmngr.com — Cisco Umbrella Rank: 29898
31 KB
3 optad360.io
cmp.optad360.io — Cisco Umbrella Rank: 46376
get.optad360.io — Cisco Umbrella Rank: 27192
552 KB
2 webgains.com
track.webgains.com — Cisco Umbrella Rank: 41475
87 KB
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1030
831 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 910
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 359
366 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 158
74 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8752
914 B
2 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1705
24 KB
2 stat-rock.com
serving.stat-rock.com — Cisco Umbrella Rank: 14406
98 KB
2 wpshsdk.com
js.wpshsdk.com — Cisco Umbrella Rank: 13778
22 KB
2 instagram.com
www.instagram.com — Cisco Umbrella Rank: 1150
5 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 209
23 KB
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 590
357 B
1 adkernel.com
dsp.adkernel.com — Cisco Umbrella Rank: 4028
233 B
1 adriver.ru
ssp.adriver.ru — Cisco Umbrella Rank: 11945
340 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 393
1 KB
1 appier.net
a.c.appier.net — Cisco Umbrella Rank: 18042
557 B
1 blau.de
partner.blau.de — Cisco Umbrella Rank: 71791
1 KB
1 lead-alliance.net
www.lead-alliance.net — Cisco Umbrella Rank: 58533
307 B
1 telefonica-partner.de
www.telefonica-partner.de — Cisco Umbrella Rank: 58991
278 B
1 ytimg.com
i.ytimg.com — Cisco Umbrella Rank: 106
15 KB
1 ggpht.com
yt3.ggpht.com — Cisco Umbrella Rank: 212
3 KB
1 tubecup.net
notification.tubecup.net — Cisco Umbrella Rank: 9152
193 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 430
2 KB
1 wpushsdk.com
js.wpushsdk.com — Cisco Umbrella Rank: 43667
9 KB
1 6374870abd.com
aa48423cd0.6374870abd.com
199 B
1 metricswpsh.com
fp.metricswpsh.com — Cisco Umbrella Rank: 31865
1 nawpush.com
na.nawpush.com — Cisco Umbrella Rank: 47237
477 B
1 mos3.biz
mos3.biz — Cisco Umbrella Rank: 258672
15 KB
0 stackadapt.com Failed
sync.srv.stackadapt.com Failed
0 congstar.de Failed
banner.congstar.de Failed
290 51
Domain Requested by
37 cm-ob.pt ko.cm-ob.pt
cm-ob.pt
24 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
s0.2mdn.net
www.googletagservices.com
18 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
ko.cm-ob.pt
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
googleads.g.doubleclick.net
imasdk.googleapis.com
s0.2mdn.net
18 ib.adnxs.com 1 redirects get.optad360.io
googleads.g.doubleclick.net
acdn.adnxs.com
16 s0.2mdn.net ko.cm-ob.pt
s0.2mdn.net
12 cm.g.doubleclick.net 5 redirects googleads.g.doubleclick.net
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
11 googleads.g.doubleclick.net 1 redirects www.youtube.com
ko.cm-ob.pt
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
10 securepubads.g.doubleclick.net get.optad360.io
securepubads.g.doubleclick.net
ko.cm-ob.pt
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
9 www.youtube.com ko.cm-ob.pt
www.youtube.com
8 adx.adform.net get.optad360.io
8 fonts.gstatic.com fonts.googleapis.com
www.youtube.com
6 assets.ad4m.at as.ad4m.at
6 www.google.com 1 redirects www.youtube.com
tpc.googlesyndication.com
ko.cm-ob.pt
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
5 ad4m.at 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
ad4m.at
5 cdn.ampproject.org securepubads.g.doubleclick.net
4 acdn.adnxs.com get.optad360.io
4 ade.googlesyndication.com
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 prebid-eu.creativecdn.com get.optad360.io
4 prebid.a-mo.net get.optad360.io
4 jnn-pa.googleapis.com www.youtube.com
4 fonts.googleapis.com ko.cm-ob.pt
securepubads.g.doubleclick.net
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
3 googleads4.g.doubleclick.net ko.cm-ob.pt
3 csi.gstatic.com imasdk.googleapis.com
3 imasdk.googleapis.com serving.stat-rock.com
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
3 js.wpadmngr.com ko.cm-ob.pt
js.wpadmngr.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 api.webgains.io analytics.webgains.io
2 track.webgains.com as.ad4m.at
2 sync.tidaltv.com 2 redirects
2 as.ad4m.at ad4m.at
as.ad4m.at
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 r3---sn-5hnekn7l.c.2mdn.net
2 www.googletagservices.com 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 script.4dex.io get.optad360.io
script.4dex.io
2 serving.stat-rock.com get.optad360.io
2 www.gstatic.com www.youtube.com
www.gstatic.com
2 js.wpshsdk.com js.wpadmngr.com
js.wpshsdk.com
2 p.skimresources.com ko.cm-ob.pt
2 t.skimresources.com ko.cm-ob.pt
s.skimresources.com
2 www.instagram.com 1 redirects ko.cm-ob.pt
2 platform.twitter.com ko.cm-ob.pt
platform.twitter.com
2 get.optad360.io ko.cm-ob.pt
get.optad360.io
1 analytics.webgains.io track.webgains.com
1 cdnjs.cloudflare.com s0.2mdn.net
1 match.sharethrough.com 1 redirects
1 dsp.adkernel.com 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
1 ssp.adriver.ru 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 a.c.appier.net 1 redirects
1 partner.blau.de as.ad4m.at
1 www.lead-alliance.net 1 redirects
1 www.telefonica-partner.de 1 redirects
1 r1---sn-5hnekn7l.c.2mdn.net 1 redirects
1 gcdn.2mdn.net 1 redirects
1 bid.g.doubleclick.net imasdk.googleapis.com
1 i.ytimg.com www.youtube.com
1 yt3.ggpht.com www.youtube.com
1 static.doubleclick.net www.youtube.com
1 notification.tubecup.net ko.cm-ob.pt
1 syndication.twitter.com platform.twitter.com
1 cdn.jsdelivr.net get.optad360.io
1 js.wpushsdk.com js.wpadmngr.com
1 aa48423cd0.6374870abd.com js.wpadmngr.com
1 fp.metricswpsh.com js.wpadmngr.com
1 r.skimresources.com s.skimresources.com
1 na.nawpush.com js.wpadmngr.com
1 s.skimresources.com ko.cm-ob.pt
1 mos3.biz ko.cm-ob.pt
1 cmp.optad360.io ko.cm-ob.pt
1 ko.cm-ob.pt
0 sync.srv.stackadapt.com Failed 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
0 banner.congstar.de Failed as.ad4m.at
290 78

This site contains links to these domains. Also see Links.

Domain
sk.cm-ob.pt
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-27 -
2022-07-26		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.optad360.io
Amazon		 2021-11-17 -
2022-12-15		 a year crt.sh
mos5.biz
R3		 2022-04-17 -
2022-07-16		 3 months crt.sh
js.wpadmngr.com
R3		 2022-03-21 -
2022-06-19		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
*.skimresources.com
DigiCert SHA2 Secure Server CA		 2021-09-27 -
2022-10-28		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
na.nawpush.com
R3		 2022-04-09 -
2022-07-08		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
notification.tubecup.net
R3		 2022-04-21 -
2022-07-20		 3 months crt.sh
aa48423cd0.6374870abd.com
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
js.wpushsdk.com
R3		 2022-03-21 -
2022-06-19		 3 months crt.sh
js.wpshsdk.com
R3		 2022-03-28 -
2022-06-26		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.googleusercontent.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
edgestatic.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
serving.stat-rock.com
R3		 2022-02-27 -
2022-05-28		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.a-mo.net
R3		 2022-04-19 -
2022-07-18		 3 months crt.sh
*.creativecdn.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2022-03-17 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
teads.tv
R3		 2022-03-23 -
2022-06-21		 3 months crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.c.docs.google.com
GTS CA 1C3		 2022-04-19 -
2022-06-28		 2 months crt.sh
*.webgains.com
Sectigo RSA Domain Validation Secure Server CA		 2021-05-20 -
2022-06-20		 a year crt.sh
*.webgains.io
Amazon		 2022-02-10 -
2023-03-11		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-07		 3 months crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh

This page contains 25 frames:

Primary Page: https://ko.cm-ob.pt/will-there-be-sicario-3
Frame ID: 94F4C794F9B705A68FB6E1288AB584CC
Requests: 110 HTTP requests in this frame

Frame: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Frame ID: 1181AF3DB584C69EB6F42E1A65986482
Requests: 20 HTTP requests in this frame

Frame: https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3068874889535298
Frame ID: D065695FE3377A93C4FB9CBA0F4613D7
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fko.cm-ob.pt
Frame ID: F8DDCD4C70C17946D2F70400D9EAAF55
Requests: 2 HTTP requests in this frame

Frame: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5099C97EFD2D9D20C29F8C567250BB17
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D820B04B065547F6BDF6DEDA8F6D0417
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D19D9164A945843312E970BD077F912
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Frame ID: 69ED87462C8D42FC14DE4B059FA12D76
Requests: 14 HTTP requests in this frame

Frame: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5F035451B298513E6E96BF8E8831D9DC
Requests: 32 HTTP requests in this frame

Frame: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 283D07C7A5B1506504BF9EA42CBBAFFF
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYi7fKgQEwAQ&v=APEucNX-WfrnYnP2S64-xlRG8nTW7qDwlKXynkPryoTco6TSp3yR9uAAqDZfwCsOMpH9hUNjZ80Tla930O81XU4xsOul771BjHG72YpfhIyS7CS13fvy1IuQBnEE9fL8YiIkb5kuah1hZk9TJnEieVaxcu49JtYF4G_j7ugjPblyXPYkerPxtN0VNVnMej_AieNW-E7PTlP-Qp2ov-4bKuwzYZcCYUV7pA
Frame ID: 69C5002C235D805245D0F46F8C7D93BE
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 873786D391AB8ADE25A67A5C53232F33
Requests: 3 HTTP requests in this frame

Frame: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91AD2D40C2401AE54D867BAC3495C45B
Requests: 17 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 71609F90320B8C0A83D0957F44C3D419
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 763B3EA7F8BD3DF65A8EFD9B79E10E2B
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiX79XIATAB&v=APEucNU1YrYEGGOWw8whTGDyza_VgJf437r8OfUUfDfNiFh49og92ViBGsLiczbyN-ikGdP6TRnlCEnUqdg7TSThwVVvTz_gXncLRgX1VYeZTOnD8lQvQT-92UfdsYetn7qApf9xp3K91Bvf-vW2YvT0RzaTwD11hJLOq6IW8JrChV5IG6wlhJA7kqoqKjtOjYbaiHWCsLU2Gxy2-u8U5MyLQDeiV4_UqQ
Frame ID: 644AE0374C4912D8C2F91DE46B2BC973
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Frame ID: 7CA156FD69BF45F6455B27D27B5F7C36
Requests: 14 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: D681B345342F64BAE2CA712E34C74D2B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0394FC50ED7F1215959964DC50856079
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Frame ID: 02DB5F06EFD44C936C70081C1C1D076C
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Frame ID: 019CF661367FA823E73012D94F871445
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 4E7A5446433EB75F3660E7C971410AA5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 21B2A57D2094714B422E3F37B47231D5
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3129DB406601CA67FBDB644DA43D9656
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 48AB1F2F00BA5E6CCE1F6C5E5BEF3455
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

시나리오 3 : 출시일, 출연진, 줄거리, 예고편, 뉴스 - 영화 미리보기

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+ionicons(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

290
Requests

92 %
HTTPS

52 %
IPv6

51
Domains

78
Subdomains

60
IPs

10
Countries

5825 kB
Transfer

11765 kB
Size

30
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.instagram.com/embed.js HTTP 302
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Request Chain 80
  • https://googleads.g.doubleclick.net/pagead/id HTTP 302
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Request Chain 152
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 176
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
Request Chain 177
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmzOJ-RHwBmGHqiSmhktTwAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
Request Chain 178
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP-5KMsule_DHgzpAsZG2fA&google_cver=1
Request Chain 179
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIyMjczNDY5NjY1ODYxMQ%3D%3D
Request Chain 187
  • https://gcdn.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/8E5E10970C1B71AC8109FED178536DE939A313F3.75F815E7FDD26AE9FA2CB5917629D581EF72DB81/key/ck2/file/file.mp4 HTTP 302
  • https://r1---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/78D67F755518EDDFAC9B555530C922ED1BF367ED.DBF77110583D031382D1B4A61EB54A5A0A14ED/key/cms1/cms_redirect/yes/mh/v_/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1651297526/mv/u/mvi/1/pl/48/file/file.mp4 HTTP 302
  • https://r3---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/78D67F755518EDDFAC9B555530C922ED1BF367ED.DBF77110583D031382D1B4A61EB54A5A0A14ED/key/cms1/cms_redirect/yes/mh/v_/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1651297526/mv/u/mvi/1/pl/48/ir/1/rr/12/file/file.mp4
Request Chain 204
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF996c44CiT0hTiVmnew0ac&google_cver=1
Request Chain 206
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEH_JoeTg_U3NfqLwrjx7hkk&google_cver=1
Request Chain 220
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022043007503267879621645X113752V1225131106MSoneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC
Request Chain 225
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7oneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLH41OWLu_cCFdL3dwodND4HWA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7oneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7oneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1651297832_72b4c4a0-c849-11ec-8f9a-2230a0859272
Request Chain 227
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEASR1vRI4_y13lkdbgLd4lg&google_cver=1&google_push=AYg5qPLaFnAIEJUjX86iaHjUJ_U1gm2aDwOrk9JHFsT4YVJZGyBB8TwcQwO91McAMZkGpeYDnjbM9206qwJIq7VgsgLDqHP9RMzf HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEASR1vRI4_y13lkdbgLd4lg&google_cver=1&google_push=AYg5qPLaFnAIEJUjX86iaHjUJ_U1gm2aDwOrk9JHFsT4YVJZGyBB8TwcQwO91McAMZkGpeYDnjbM9206qwJIq7VgsgLDqHP9RMzf&s_h=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=EJVHZDG9Rga051jxiA5hRQ&gdpr=1&gdpr_consent=
Request Chain 228
  • https://a.c.appier.net/gcm?google_gid=CAESEKqx4q4tvwHQdSvQmDAAZj0&google_cver=1&google_push=AYg5qPKlhauwQweXHX-rECjgaeZZ5d1Vjzz_Zbyggoa0VZY4__oJec9GMvXYl97OOD9Z-IsPEV2Uv_xNsL9VOYIp9x4UbWrln1Uq HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dGVEdjA0YVREcDZQY1oyOEtNNXNZZw%3D%3D&google_push=AYg5qPKlhauwQweXHX-rECjgaeZZ5d1Vjzz_Zbyggoa0VZY4__oJec9GMvXYl97OOD9Z-IsPEV2Uv_xNsL9VOYIp9x4UbWrln1Uq
Request Chain 229
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGTmgVLh5NLDvLkNQ7Irvvo&google_cver=1&google_push=AYg5qPKBWycmfRE3v5x3PHuzVCuxDZrxzzPEqpRAqCQVXfVL-cDiv52QH4I-omVLQ6bDfx_rQNs4CKqPhAUJUkUcnqBkvPK_Znf_ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKBWycmfRE3v5x3PHuzVCuxDZrxzzPEqpRAqCQVXfVL-cDiv52QH4I-omVLQ6bDfx_rQNs4CKqPhAUJUkUcnqBkvPK_Znf_&google_hm=NjU4NzgwNTI2NzgxNDg1MTE0Ng%3D%3D
Request Chain 230
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEEUPtJZacqyDlRgW9GgHtew&google_cver=1&google_push=AYg5qPIB0C-CxtxiTTBMaXTsPxNtJd24R68blD8wT6Vsx2sSquOlcrVspJMGt6R_ICbbrnPOywzxfu12MUPmXJ-p1T5GUudFwfBa HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIB0C-CxtxiTTBMaXTsPxNtJd24R68blD8wT6Vsx2sSquOlcrVspJMGt6R_ICbbrnPOywzxfu12MUPmXJ-p1T5GUudFwfBa&google_hm=QVNoQjduM1gxYlhXamU2YWRSd1JPWmc=
Request Chain 233
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDcC3756ILReI2wCsjWMTZg&google_cver=1&google_push=AYg5qPJ-ISwMFtEqPpl5rwEcfKVtIIwow5eDMD7wNBkjEMMARqp350E5g4KDW436rCsrqgPSdRMGTKCr0rxlb6dbM_XQePZUeFqLlw HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTI0YWJlOGItNDU2YS00NzhjLTgwOGMtOTE5MzZjMmVlZWZh&google_push=AYg5qPJ-ISwMFtEqPpl5rwEcfKVtIIwow5eDMD7wNBkjEMMARqp350E5g4KDW436rCsrqgPSdRMGTKCr0rxlb6dbM_XQePZUeFqLlw
Request Chain 275
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fko.cm-ob.pt%2F&domain=ko.cm-ob.pt&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=bWUwxHxkVEIxNnlQOWFBU3lhOWFmcDl0K2puTWJ5RmMvcWVCeC93dk5iUWE0ZHdQWVhyVXFUMEkrbnYzcGY5UEpkVVVNV3FpSnlRckdyY2VLME1aK2tjaHJ3a3MyR21tWnYyODlDaFdYb0VnSXl0OFpZSnZZNi8veWt1WktmUUVSYU9tcGJSL1BqRnUzbGlnbW1UUUxzNk9uc21OeHRyVWRKUUpGSERIc1dXNFBxdVA5MEJxY011OVR0SUkwUGJMWExBbnZEeWFBVWtQaVU0bVpaRmFVaUdkekhGOXBPY1ErZlJNMGdkTUtNUWtVYnVrPXw&cppv=2

290 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request will-there-be-sicario-3
ko.cm-ob.pt/ 		24 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
654e2be4aec552ec151183d2b672f207c4a6cff3f39d12112f84f931ffb6f9b0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
703e0004bd3192a2-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 30 Apr 2022 05:50:28 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1WMNIa0wgsRRNK5BdLh1cmNXOar%2F79eWVPsgmGDnhAQlmoOGNBShxc9cKVu7O%2F%2FAnj3wl6ajbRRCNEoalxQJZZpVt74TgZZv4u1miBlsXePUasVz3djBs20RahHmusJmoSvGvmadPLjCAw%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
css
fonts.googleapis.com/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Montserrat:200,300,400,500,600,700&display=swap
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
377c0cb3b48ac432df1bb1e16b7de569b4fc031b0d2de657b09a88901fb0a209
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 05:44:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 30 Apr 2022 05:50:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Apr 2022 05:50:28 GMT
css
fonts.googleapis.com/ 		9 KB
729 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 05:43:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 30 Apr 2022 05:50:28 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Apr 2022 05:50:28 GMT
open-iconic-bootstrap.min.css
cm-ob.pt/template/css/ 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/open-iconic-bootstrap.min.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7236018adee6435646b8affbcd4392237716caf04db52641859e35435331905

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-24fb"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ij6J8XoTl8pcmeJpsHzhrVwE%2F7%2B0oitZW2aDYx%2Bg%2F3R4WRkpyqk1SVPcFc4ZjZf78InWwHAmVH%2FpCoiyqcAEf48GMfVUtPpwXTk0PiqGK84lyJ6PCGnBRVA%2BhkTRNsHUjwcO2E%2B2QQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eb092a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
animate.css
cm-ob.pt/template/css/ 		72 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/animate.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d5c5e731b8c995ac40ce247ab42366d7df4cea7522f743480afb9be0a93ad2a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-11fa9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2F19zX1529ogR3d3FNcGI3zFaCR2PXtOTnzDOgDWtJfkjJOBdqBCUZzCo%2BX1b58WwqJmX%2FIhFwBI4xK7fDsHZJqeryfXHFL%2Bt0Z9ClzOCk1sOy7VBrWBMaTOlRHnSEqf0bYeRjM7jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eb192a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
owl.carousel.min.css
cm-ob.pt/template/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/owl.carousel.min.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fd498cc0ae566423ac60276950b945aec0f2dbd65e99e9fe5ebc0e1d525885a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UaMTOECJQHm%2BtmCs69z4plY67A7nbQsJMS84FGO%2FX%2Bpmu13qgpjXrJKzfcBsLVm0y6K1TglXjmCgi7vx3jwQa%2BJrOvRfMtoVA1UCM%2FPVBv73giPqJX%2FjIfzvJs1Hj9yYqPEt3QzRJA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eb392a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
owl.theme.default.min.css
cm-ob.pt/template/css/ 		965 B
756 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/owl.theme.default.min.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ce311a88c449a4103d3d88e1d4e6a55a5a8418fb2b9b5fa6b0895e7ac6e967

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-3c5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NADyjLJamX1L60kZQxtsoRRYvGaUvUlqLV21gOdY0uZvhmzfPPV7KoPniAUrL4GL8r%2BJnmkGq7Z%2Fw16iQPPNE6%2F0c6IoBS0%2BaGvuq0NDeNH2lhkpdfArfGH3Ux5gKliYOUaQo%2BoP4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063ead92a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
magnific-popup.css
cm-ob.pt/template/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/magnific-popup.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-1b26"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pfaO%2BUkXq6UdChEQ67Ou%2BlC5WuX9xmvbChmL%2FxmB9UXcnflRb2FReXVx5XjHip2rddwpsdpPmGlQ1lw5EKYAMdDpGPpZTEMdmDyU3g5%2FuUMVCrMc1lKQ2u7Ea1%2BUQibfc2vz5QSOaw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eaf92a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
aos.css
cm-ob.pt/template/css/ 		25 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/aos.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1b6f88717e97441718b9fbd436b0aa65d4753c36c9901535eb81b7ce4b760bc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-657f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tKDEfcUzFi7J1ww1yZlBW7HvrHovu3JEHSYnUGKFnqhL8nkNhbGdw57nefeY3lytv44DA6jHRUxJ7DTnRQGDQ002k4FL9wB9nG%2BkWkFCwmCAxQaLahYZbRp%2FgJM3eYOvZg8tLVeDgg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eb492a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
ionicons.min.css
cm-ob.pt/template/css/ 		46 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/ionicons.min.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a34b5fcade85366776a2c6bddf24a58ceaff7d2eb8ba4bf4496df1adb31d2ce1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-b6e0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kFCyvgQc7pCC09eHpIkSQPnOMheLq8ar%2Bw9HqqvV%2BWOA2710Thl0oGWZ12tky2uetongzY4AcRIYEk3UVJvTsXnBDXyR4uO5FN6WiXOyHBj6xcedNG5cTI7lyq2DjQuBvUKhciusEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eb692a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
bootstrap-datepicker.css
cm-ob.pt/template/css/ 		18 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/bootstrap-datepicker.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
35652aad571df0e1e44b47da8a656ef45fd0050fd5c95047d69adab4bb60753f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-4619"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GNPGgIoaDt4yaN2B3feNrSnUgugzaSVAYZyL7A3Zb9FKf02h4xP%2BN1%2BjYIBsX%2B%2Fn8HKpXeqYsSJVUQmdpTaUR8vBlaoRSBbxMDRXUYzTbScoJlIMbiKJ7XXHITkhr%2FtcTLdx9moF7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eb892a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
jquery.timepicker.css
cm-ob.pt/template/css/ 		2 KB
813 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/jquery.timepicker.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d385da55b86dff0c7514007841a085f9623f644ad2aae6b6149caaf5f2898cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-634"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BD%2BLRcCC73%2FYzER%2FV48tokKcPy%2FjXGaWoqMTC1noUPRH%2FGg16JYZ%2FrWrkiAved3V40maYR7jias1vHZ%2FpUsK%2FbQ12rL%2B69UqW4L9gexHAU%2B4bVizpaU3TcpURcB%2FVKgYqA6JUtshEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eb792a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
flaticon.css
cm-ob.pt/template/css/ 		1 KB
750 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/flaticon.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d860e352529bca1f3289abf6b57ad8fff69032e2c4d98cf09e4ad3d6650f3b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-4c3"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y6cJ1cdmdjjAhuTIkri6hd6x9xi15TL0dqJL46XNxje0LxOnSdc2qyg4khe6AUmkF5ZJV2QpGQ6prH5p8XcYbyy8x5vQ2%2FE3D11rUMuIbyRaoMceEfbLCueswVhhaiCJfdEGZwttJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00064ecf92a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
icomoon.css
cm-ob.pt/template/css/ 		78 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/icomoon.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f3f0bcae6e5d7f81ad1868d5a61d1538dc460c9efc955931eec63ed7b02febc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-13803"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=esI6TyIMQt1xgNn2Mqi72UynND2TF5%2B8wTNC35i72Bx%2BP3OkRJ8O7qvngvvShyFlMucOV92Es8bNBnR%2FhMin6znsxGGTdlhsl3Lzo0fp7ZixfsCtOo1xQ%2BrUA7E5hTocYTtj2iRRmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00064ece92a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
style.css
cm-ob.pt/template/css/ 		223 KB
31 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/css/style.css
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc0ddf69f98e325bbefb9ba9daa8c8d69b8541c0defc28f2059bafccc6915bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
408898
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-37d34"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GZPJleHzQExDjp%2FDNkStXPhoIa%2BWrgXDKr74q1mHR0q1bHvu%2F%2Balb23yuARheugqwmhYqi8gDvtYmNI3EVc4m%2FPnFUqSBEZLAHMQkro1Zyg5q1n82kZHsOMzp4CDNnjY%2Bozx%2FZABAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2592000
cf-ray
703e00063eba92a2-FRA
expires
Wed, 25 May 2022 12:15:30 GMT
5c4eb373-c4cd-467f-814e-3b38151658d7.min.js
cmp.optad360.io/items/ 		497 B
833 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.optad360.io/items/5c4eb373-c4cd-467f-814e-3b38151658d7.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:de00:6:b871:4f00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 20:26:55 GMT
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Mon, 12 Apr 2021 08:54:56 GMT
server
AmazonS3
age
33814
etag
"7acdc116a0830ba0aef5e087010246ba"
x-cache
Error from cloudfront
content-type
application/javascript
x-amz-cf-pop
FRA56-P2
accept-ranges
bytes
content-length
497
x-amz-cf-id
qD6BAiuxfxJ5TiHxKAjW6qJl2ZqTjpInT5dqLRi0n8cQWupUko9pRg==
plugin.min.js
get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/ 		381 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
615053da1726a3683c563a417429720fb3abd0b01a80592d84e0684066b94083

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:23:44 GMT
content-encoding
gzip
last-modified
Wed, 27 Apr 2022 04:03:32 GMT
server
AmazonS3
age
1605
etag
W/"15c20a2952585c18f72fad880e6b825b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
cache-control
public, max-age=3600
x-amz-cf-pop
FRA56-C1
x-amz-cf-id
PWDqSxDsyEZZuJ11hv7AYDMeAhifbCy659DPD-vpxNjB6qMKl2x3Zg==
/
mos3.biz/ 		14 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mos3.biz/?te=he4tgmrwmm5ha3ddf42tamzz
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
188.166.135.13 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx /
Resource Hash
5fb632c62adcad83f185acd132e9fb170152147fda0f3d0f8eac8a4f0652c9db
Security Headers
Name Value
Content-Security-Policy img-src https: data:; upgrade-insecure-requests
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 30 Apr 2022 05:50:28 GMT
server
nginx
content-security-policy
img-src https: data:; upgrade-insecure-requests
strict-transport-security
max-age=31536000
content-type
application/javascript; charset=UTF-8
adManager.js
js.wpadmngr.com/static/ 		451 B
597 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
gzip
last-modified
Wed, 13 Oct 2021 09:03:43 GMT
server
nginx/1.18.0
etag
W/"6166a0ef-1c3"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Apr 2022 05:55:28 GMT
cache-control
max-age=300
x-proxy-cache
HIT
will-there-be-sicario-3.jpg
cm-ob.pt/img/movie-preview/81/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/movie-preview/81/will-there-be-sicario-3.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88f8bcaca18dc7b224a9976749d0c3f8b95e9fd5a46bd41fb8480aee94a3a240

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
636852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
26997
last-modified
Mon, 26 Jul 2021 11:18:04 GMT
server
cloudflare
etag
"60fe99ec-6975"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CknzC3W5%2BLEAnoVFpT1vqI1yWfAXmaCKJc%2F9JbPXvGGA1IFUUKEuJXwAUs4UYByJV8IPlH7Q3tgXPrjdQMfeii%2BNySC8nFPkTjBb2L3%2FUVi0gRedaAMV54R8kt5h0RH0JHc%2BF5a8XQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0006b8929193-FRA
expires
Sun, 22 May 2022 20:56:16 GMT
will-there-be-sicario-3-2.jpg
cm-ob.pt/img/movie-preview/81/ 		72 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/movie-preview/81/will-there-be-sicario-3-2.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1568d5636cf03f95cecd4e55b424fe76fd611b4a6524ef19beaccdb958a334ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
636852
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
73318
last-modified
Mon, 26 Jul 2021 11:18:04 GMT
server
cloudflare
etag
"60fe99ec-11e66"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pPKrKfnwZ0VruukBhHDwgjSFLNTJ9zBdzZ0BSoP1RITsxsm%2Fse2rKL7roR%2FTUh7DYsmmt6UsKjKv10kn3NPVUL5LEzGh9nSdJh14vUUnHzsSyLqsKMlTgthJ6Isoa%2FxiugIf1lHAKg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0006b8939193-FRA
expires
Sun, 22 May 2022 20:56:16 GMT
will-there-be-sicario-3-3.jpg
cm-ob.pt/img/movie-preview/81/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/movie-preview/81/will-there-be-sicario-3-3.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4813ba420f7b7768cb3823c7ca434801cea7db0be70611d01de16ce2a155c3e9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
28692
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
25974
last-modified
Mon, 26 Jul 2021 11:18:04 GMT
server
cloudflare
etag
"60fe99ec-6576"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KSl7aJ5fYcDAQw1pnwVLaZU%2Bd3yEwvMf7EcPL6U%2BTMsw%2FGlfjLKbNRa4AdZF2WsXsWa%2Bn%2FE5ocFECnuQvK8kAt6kYZlSB96HuBG9wN%2B6S9PDghuNDHrjYwFI%2BOYL8usSNHG4hhxlEg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0006b87b9193-FRA
expires
Sun, 29 May 2022 21:52:16 GMT
jquery.min.js
cm-ob.pt/template/js/ 		262 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
229e46dacf0660ed1687a853b0b9568e1410c92164579337336c83fc591bd4d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-41706"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BL0fQ%2BAJCHHyxKWdybTeeIRQ8PZxet%2FIsp3civworvYzAgff2xb4IuAC1HgatXLUdbLu5Wc2uSzkME7yM1tZc7CDkvTlwBx%2FvPqJroW4%2Fj9nyVV0sBhsJNu44tv6BsIMg%2FaJgHWitA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b88c9193-FRA
expires
Sun, 29 May 2022 16:17:40 GMT
jquery-migrate-3.0.1.min.js
cm-ob.pt/template/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery-migrate-3.0.1.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40229
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-2c9d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5A%2F3C8RDbJ4nmO5uWsIwJBTnvKqxN7JB5CpmxFfq7i1jlfMFl0Tc%2F9n8i2diKKw0YtJFrZhPjREwpW4xOB4l2iif%2F7Wri%2Fk2O9uDvpMhPpSmg5kZH6hDwhen5tZ%2BpWCNyLV01bCSfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b88b9193-FRA
expires
Sun, 29 May 2022 18:39:59 GMT
popper.min.js
cm-ob.pt/template/js/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/popper.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
072214cac2642148ff8266b18c82fdc64428932369da84dec0562cf01ca58d32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1213763
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-4a58"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TWNmZIM%2BjiTqF0BjPTA48l6nGDRCQOwHcHHZ41a2dcTo0OuUiqWy0gtj1xWp6qRAn%2FzY2CoOYWa1L6rVP6My3xHDBX%2Bd%2BRYt3s5Y8exoV7hvT2yhMwKH%2F2kTgoSqB1%2FIAmnG01o7hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b8879193-FRA
expires
Mon, 16 May 2022 04:41:05 GMT
bootstrap.min.js
cm-ob.pt/template/js/ 		49 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/bootstrap.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-c5f4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FEaquoGMJfyhpN82wgAETeJuPts5M0YfQryPiRYL91QmrVKWzEP6HUZtpXZGUZ2x%2BZlGtkedpNG2Z%2FJt0PALF2Y6AZhXEfIg9EKheuwRBKVODL553OVYFB5UaulKRlYoBhucvqfTHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b8859193-FRA
expires
Wed, 25 May 2022 07:10:06 GMT
jquery.easing.1.3.js
cm-ob.pt/template/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.easing.1.3.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11c19392554c9b78c15771afa8f9fbfc78e0e46ca9527831f90ae41f95da73b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-1faf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BphM66u2dNMPP2P7i7MnOwXwWBQqaEtKKhellK2uKpFmI%2BSnXJXT%2BRGpk9L7jDHrzJyal6v0SL5aQASvnU%2BCCb26DvuCk%2FWUvnZiLfhzvLhfS44SGi0OyVoj20pzUy%2Bb2ixVxJ%2B24Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b8889193-FRA
expires
Wed, 25 May 2022 07:10:05 GMT
jquery.waypoints.min.js
cm-ob.pt/template/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.waypoints.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
114484b6bcaa6c2e7ac8301929d6bcda18a7f71924a835c2e6c01fdbd6421f5b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-2283"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r9w8dqTRIHbN1MBjSFlG5KweTm7dOLxFeKUHZZNs9wJdQ3uy2gBDZMAiE5kBDeMhBqguT0V7m7Kp89cpfP2vcmpygS4CvIDSToXsQYgZow0X2OMw5a9J%2BZJw%2FrppvI1zDoo8O7UKDA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b8869193-FRA
expires
Wed, 25 May 2022 07:10:06 GMT
jquery.stellar.min.js
cm-ob.pt/template/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.stellar.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54296
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-3135"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tK%2FOVmBsJZ9tBtlOIuBdcpYWT64DfcIASi6MADATUuwLmsDfelu%2BDPG24mpSoCQFq3%2FNSt0OJ0CZpmJXoM%2BG4snBambUuahdU1%2FXm0%2FsCnn08ZrA%2F26zNNQiW12Jm8pwS3tfyQtd1A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b87e9193-FRA
expires
Sun, 29 May 2022 14:45:32 GMT
owl.carousel.min.js
cm-ob.pt/template/js/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/owl.carousel.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7ddc424649b256e50ebbde6522b13a627359b25c299b3ffa32a2896866e277c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-a8e5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5XNIh0kRsgKAcSZW%2BUrp%2BIqnIOKp2lfjsooBf8%2B97%2BikNz21wqnhDXnwjAcbD86zM2QlKxjOcNUyvqwY%2FaeK%2BTNYtVuvAT%2FMkaks3vhm33fnGAOx%2Fheyjaky4s0EaQy04Tl%2FSA0T2w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b87d9193-FRA
expires
Wed, 25 May 2022 07:10:06 GMT
jquery.magnific-popup.min.js
cm-ob.pt/template/js/ 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.magnific-popup.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-4ef8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZvPsM6xHxCnkf05kKQBocOge7A8q8d9xoQucNcgtrzyjJPTDvzN0su1lB%2Bn14hSPX%2F%2BA1z8STcwNlme0UrTcFkldfW3VvGCA3PEmMQOVQo5exVEfqHcxMY5hUFUbdK0IgB6cJ1uHA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b8819193-FRA
expires
Wed, 25 May 2022 07:10:05 GMT
aos.js
cm-ob.pt/template/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/aos.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
54296
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-37a4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MkLT03Nuu%2F2xEnN6OpvSNNhXpq2xRwstQ02HcMzbVLhR6cynyHZDtWJfg3ajMZqRlzwDWPDLGR%2FlF54Y%2F32yq2r5WVxo9GwGkb2L%2BFuR3DL4vcVis2ahS46CdiRKzb8Wp6r4dCaprg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b88a9193-FRA
expires
Sun, 29 May 2022 14:45:32 GMT
jquery.animateNumber.min.js
cm-ob.pt/template/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.animateNumber.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-56f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6cF7epHRpR29YO9G1G%2B0XhPK5lVJlTT5RXQStBADL%2BaVealCJGsN78nhVllXlKpANCgBNuf5VK4vWmjB2NFrYwj0H5VugV3dwHuPc4v4L6NXw2iqnUQkvFxS3HuO2TEUfKMe3SIpeQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b87f9193-FRA
expires
Wed, 25 May 2022 07:10:05 GMT
jquery.mb.YTPlayer.min.js
cm-ob.pt/template/js/ 		52 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/jquery.mb.YTPlayer.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce7fbd5167d309fe01011c8e9d705efbaf23f8737d71b2ef405d11e5cda09989

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
427222
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-d12f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jJAauQ%2F5A%2F%2BBmqv4m%2FbpfNDCBKj4hQEOreLQHhsPKe6sLwRFBO0YMivxDdKeLbERb0aOmZ8o2fZYBvJfgg9M9TVU793a90U7TgYrECB5VBYbHAuCqmfXC2gfzMBwagVszAu%2FDW5uGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b8849193-FRA
expires
Wed, 25 May 2022 07:10:06 GMT
scrollax.min.js
cm-ob.pt/template/js/ 		7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/scrollax.min.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
500bfc62d016cf183c412c5936594c609064cbc5865c1065353af9ad09aa46a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
48768
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-1d17"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cwrpDxRfcEWMqVv2%2BPk%2Fi4Fj9szDb5sEJGTEBUuGK%2BLFzJNal5%2BlTytoEn%2FGDc2E1cEn2pC3GjfmM5OGOSRGgcHnbQkmn0aYsib1aGVS3pBScX2DLJoNTYSWCujk8%2Bv6cgiSuQ2Pig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b88e9193-FRA
expires
Sun, 29 May 2022 16:17:40 GMT
main.js
cm-ob.pt/template/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cm-ob.pt/template/js/main.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
866e136465f8d394fb467dd65bbcd0b78d050ab6ee4ae8eba39ab5f681820064

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
40229
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 26 Jul 2021 11:18:05 GMT
server
cloudflare
etag
W/"60fe99ed-1394"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z%2Fhp06NCGlg7Qzg2oN1bYE201VQ3%2FTzdRP47pX0IHeRKXtfXPBAOWRicA%2F0kQaICuFmlgb2BgjiXTFerjHEwvd6n4UqbrNapGhFryYpuc0d0BLixk6YTZiR3fFyEJvWLDqZhEJojjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2592000
cf-ray
703e0006b88f9193-FRA
expires
Sun, 29 May 2022 18:39:59 GMT
widgets.js
platform.twitter.com/ 		97 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67AA) /
Resource Hash
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 30 Apr 2022 05:50:28 GMT
Content-Encoding
gzip
Age
1250
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29461
x-tw-cdn
VZ
Last-Modified
Wed, 13 Apr 2022 12:38:34 GMT
Server
ECS (frb/67AA)
Etag
"f1369725ba22125b0df0251e74090aa0+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
ab12745d93c5.js
www.instagram.com/static/bundles/es6/EmbedSDK.js/
Redirect Chain
  • https://www.instagram.com/embed.js
  • https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Server
2a03:2880:f22d:1e6:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 20:12:59 GMT
x-fb-trip-id
1679558926
etag
"ab12745d93c5"
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
edge-control
max-age=1209600, no-transform
cache-control
public,max-age=31536000,immutable
cross-origin-resource-policy
cross-origin
content-encoding
br
content-length
4843

Redirect headers

date
Sat, 30 Apr 2022 05:50:28 GMT
x-fb-trip-id
1679558926
x-ig-origin-region
cln
content-type
text/html; charset=utf-8
location
https://www.instagram.com/static/bundles/es6/EmbedSDK.js/ab12745d93c5.js
cache-control
max-age=21600
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
0
192355X1677345.skimlinks.js
s.skimresources.com/js/ 		49 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.skimresources.com/js/192355X1677345.skimlinks.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.139.128.11 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6463f5ce6c129584d88f0aa721bf8d30577b87bcff6e03d8d77c8912438da749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
gzip
last-modified
Tue, 15 Mar 2022 10:46:21 GMT
server
AmazonS3
x-amz-request-id
KAAV9MEZWE5ST2GZ
etag
"6bdc9f30995c835cad0536c344b9760f"
x-hw
1651297828.cds145.am5.hn,1651297828.cds131.am5.c
content-type
application/octet-stream
cache-control
max-age=3600
accept-ranges
bytes
content-length
18852
x-amz-id-2
pEJ5WeoEp3Mviw4kbjaIDQcNxSJ72hmwseddRS1/a4eRIqLCNxeHn5+i6BljTKe242U16EEsXMg=
hTJ60p5FAT4
www.youtube.com/embed/ Frame 1181 		61 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cefc41c47c649d1a3c2bb3ae103ddaa7863903ff7e449c1f168d05a66ba40ab3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
br
content-type
text/html; charset=utf-8
critical-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only
same-origin; report-to="youtube_main"
date
Sat, 30 Apr 2022 05:50:28 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server
ESF
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-xss-protection
0
adManager.m.js
js.wpadmngr.com/static/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/static/adManager.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
d3b13b7b63697035f84b586a90c637d0636daf8c5eab9856a52b1b2c69172e2e

Request headers

Referer
https://ko.cm-ob.pt/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
content-encoding
gzip
last-modified
Fri, 29 Apr 2022 08:12:30 GMT
server
nginx/1.18.0
etag
W/"626b9dee-1495b"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Apr 2022 05:55:28 GMT
cache-control
max-age=300
x-proxy-cache
HIT
5166
na.nawpush.com/tags/ 		516 B
477 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://na.nawpush.com/tags/5166
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
74fc4449cbf97e82ee242d553e2fad5c51c48eaf2e0a5fed9c815ccd680f19c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
*
date
Sat, 30 Apr 2022 05:50:28 GMT
cache-control
max-age=300, public
content-type
application/json
server
nginx/1.18.0
content-encoding
gzip
x-proxy-cache
HIT
wp-banners.js
js.wpadmngr.com/npc/sdk/ 		0
237 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpadmngr.com/npc/sdk/wp-banners.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:28 GMT
last-modified
Fri, 20 Aug 2021 15:14:31 GMT
server
nginx/1.18.0
etag
"611fc6d7-0"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Apr 2022 05:55:28 GMT
cache-control
max-age=300
accept-ranges
bytes
content-length
0
x-proxy-cache
HIT
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:24:52 GMT
x-content-type-options
nosniff
age
210337
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:24:52 GMT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:25:00 GMT
x-content-type-options
nosniff
age
210329
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 17:03:52 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:25:00 GMT
pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:25:01 GMT
x-content-type-options
nosniff
age
210328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7748
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:21:30 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:25:01 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
2509fe7526a049b1f538f3e12f57aeba33b64acd4ed219adb5b5f61ef3f1d83d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28555
x-xss-protection
0
server
sffe
etag
"1200 / 886 of 1000 / last-modified: 1651270180"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 30 Apr 2022 05:50:29 GMT
prebid5.14.0.js
get.optad360.io/sf/ 		460 KB
461 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.optad360.io/sf/prebid5.14.0.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:800:11:a4de:2580:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 29 Mar 2022 00:35:49 GMT
via
1.1 e39402e2cf62b31f7774452c905f38f2.cloudfront.net (CloudFront)
last-modified
Thu, 23 Sep 2021 07:59:54 GMT
server
AmazonS3
age
2783681
etag
"6dd0a13bde35d2daa452bba998871016"
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=360000000
x-amz-cf-pop
FRA56-C1
accept-ranges
bytes
content-length
471445
x-amz-cf-id
6_RrLx_cRpDqBJyR6bhVp4CSb7oxjRYrCNu03WUaUZq6cmU_-rt-QA==
www-player.css
www.youtube.com/s/player/9cdfefcf/ Frame 1181 		335 KB
46 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/www-player.css
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:52:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
122290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47149
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:52:19 GMT
www-embed-player.js
www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/ Frame 1181 		277 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/www-embed-player.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f47d2e856e15811898277d3a1f455ab9b15d50920b1f351ada165287518bce68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:52:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
122290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
87526
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:52:19 GMT
base.js
www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/ Frame 1181 		2 MB
525 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/base.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8f03c1a2805c2d799bb9633282859ff375d9a277921447284f6e614520348d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:52:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
122290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
537691
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:52:19 GMT
fetch-polyfill.js
www.youtube.com/s/player/9cdfefcf/fetch-polyfill.vflset/ Frame 1181 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/fetch-polyfill.vflset/fetch-polyfill.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:52:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
122290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2786
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:52:19 GMT
911-season-5-what-expect.jpg
cm-ob.pt/img/news/88/ 		131 KB
131 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/news/88/911-season-5-what-expect.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69c03c6486a9c6cc180ecd78f66fb696c2cc648e53186f981fdacad1f3acfdde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
19126
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
134009
last-modified
Wed, 29 Sep 2021 13:32:56 GMT
server
cloudflare
etag
"61546b08-20b79"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aoZh21RjVgZBKkXfLHr6A5poPVI28I1ls2XLjZ8KeMMNPCvNeSSLdPRsr%2BX7rfmZJ8qJ0ZFNUA0q51iVeFLq%2B5rvb3yHsOFips8XoagyF1nOrR6TwKKkCzshW8CUkG2aLr5gbuFwdA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca549193-FRA
expires
Mon, 30 May 2022 00:31:43 GMT
emmanuel-acho-host-bachelor-television-special.jpg
cm-ob.pt/img/television/36/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/36/emmanuel-acho-host-bachelor-television-special.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78ead048534a43b075e7c5d48dfa9308fe736b38c42c8c1cc6374558f85c0e13

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22975
last-modified
Mon, 13 Dec 2021 16:05:22 GMT
server
cloudflare
etag
"61b76f42-59bf"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qS4pYhU9O12cbJSTTfXj5BrOoME81ia7U8MqO51vzEzHYPr5EftoPYoeC2f%2B5dCxFdmkmoa6w73XhT0GahVOpMiUN3bqDpCKbLvDTualD3QCmtbKL6X2U6IIDX0fDxhyI%2F0cRE553w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca559193-FRA
expires
Mon, 30 May 2022 05:50:29 GMT
meet-woman-who-is-best-thing-that-ever-happened-game-thrones.jpg
cm-ob.pt/img/television/85/ 		53 KB
53 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/85/meet-woman-who-is-best-thing-that-ever-happened-game-thrones.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
271b921a0fb65bc7f2499ea31c12b14c255e415b726579d36a9e8d88cac32412

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
168309
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
54042
last-modified
Tue, 14 Dec 2021 09:28:00 GMT
server
cloudflare
etag
"61b863a0-d31a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZZC8ei4CSLTIm1E5dDJlotHppspRGAPu3pOUEB%2Bh0cZ8i%2BNMUqneeN%2BqQvS9PYDpJBG75iNh%2BgHkNr41%2FAngl0dIeSKqv29%2FojMA7aMoqrua3ghqyO64qPCAb20ZnSfVnjylvj8Dtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca579193-FRA
expires
Sat, 28 May 2022 07:05:20 GMT
sissy-spacek-would-rather-you-didn-t-get-that-carrie-tattoo.jpg
cm-ob.pt/img/television/94/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/94/sissy-spacek-would-rather-you-didn-t-get-that-carrie-tattoo.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8343d0ecd56d9582e636490e0d910cf6700079e5ce839960e44f6e8535d085d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45524
last-modified
Mon, 13 Dec 2021 16:05:00 GMT
server
cloudflare
etag
"61b76f2c-b1d4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0t6MzP%2BFl2n67zFRyeMZdsSSswgjJyt3wX%2FJyc%2BpV8s9MKZmMoF0UzcnImIWNy3FApPDivWA1YzlIPZ5legBOLnAL1IcgY6psegNF2eljZY7fH%2BdFCUJwivaVfvYWemO1qAqRoh3nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca589193-FRA
expires
Mon, 30 May 2022 05:50:29 GMT
transparent-season-3-premiere.jpg
cm-ob.pt/img/television/45/ 		50 KB
51 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/45/transparent-season-3-premiere.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cec4bfedfcd69924155e358164108dac7f9dd1483429ce2dc7f03d8170da489e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
51457
last-modified
Mon, 13 Dec 2021 16:04:50 GMT
server
cloudflare
etag
"61b76f22-c901"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tC%2FEwowcW%2B9bqr6bParfnQEvmi5iYydDQwH7huO5%2BQ3Z%2F0W8%2B3VKjkioO%2BAXrtCl2CAhH0R8%2BK%2BdUDgAdLSD1tXkGqyHEd8QIuC38jmWWDrJTH9bCO7sV23DPCOO%2B%2FE231B%2BIHC50g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca599193-FRA
expires
Mon, 30 May 2022 05:50:29 GMT
where-was-american-siege-filmed.jpg
cm-ob.pt/img/home/61/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/home/61/where-was-american-siege-filmed.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38907d193d2087aa60642f147785834c9637a38b5ec8c3dada871723f8654b54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
21654
last-modified
Wed, 09 Feb 2022 11:33:02 GMT
server
cloudflare
etag
"6203a66e-5496"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5U5TQVnpiqJyV%2FwWcRVccWjhAHrwIV47p970rL8QtwbkP0JIGkuOXix8kRJGivZWDKOPpAfd0yTBEudiFR9kry5vezek9%2Br9UlNV%2Fwad7HM%2FQBDd3v7ULvmFWMPcG2grWdjiRekTeg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca5a9193-FRA
expires
Mon, 30 May 2022 05:50:29 GMT
richard-madden-knows-about-spoilers.jpg
cm-ob.pt/img/television/91/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/91/richard-madden-knows-about-spoilers.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1aecddb211dfa6f1d6e3d55316e51779b6a8819e630b35d8e1003f2ffe9597c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36900
last-modified
Tue, 14 Dec 2021 09:28:36 GMT
server
cloudflare
etag
"61b863c4-9024"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vN2bk9QyLbTUIVJXDcyL7Leq2nLltYiatzpawXvjyMH9vw9jqlsR%2FaenMuN2%2B5ezs8VkC2ivhmGL9W5whpIhcM38R4oIBiK7eHI4V0tVl4TNsqxktwKZ%2FSNkfRS7Vr0isW4y%2FvOTsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca5b9193-FRA
expires
Mon, 30 May 2022 05:50:29 GMT
comrades-chaos-invading-iraq.jpg
cm-ob.pt/img/television/83/ 		35 KB
36 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm-ob.pt/img/television/83/comrades-chaos-invading-iraq.jpg
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3033::6815:2f7c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0021329e45246893648b3713a3d50b924242b1d6b1aa45a4cff5b183ff75fba

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36069
last-modified
Mon, 13 Dec 2021 16:05:16 GMT
server
cloudflare
etag
"61b76f3c-8ce5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BQrn2x92Dzoyqqqxh9Mcx4YFyQzm9Gq7bc6h02Ho%2FcMh0eCKjgcHRmpBDOk9jbNkqkGWPe8g4pEYhRSc8r63ulRqDzeACUviqKJ5%2F5R3xL8pUDGls962Tg%2FDM9CGPTzZozsIwPJ4Qg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
703e0007ca5c9193-FRA
expires
Mon, 30 May 2022 05:50:29 GMT
icomoon.ttf
cm-ob.pt/template/fonts/icomoon/ 		0
0
pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Wed, 27 Apr 2022 19:25:01 GMT
x-content-type-options
nosniff
age
210328
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8000
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:59:07 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 27 Apr 2023 19:25:01 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1181 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.youtube.com/
Origin
https://www.youtube.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 11:18:05 GMT
x-content-type-options
nosniff
age
325944
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 11:18:05 GMT
/
r.skimresources.com/api/ 		150 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://r.skimresources.com/api/
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677345.skimlinks.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.59.101 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
101.59.190.35.bc.googleusercontent.com
Software
openresty/1.11.2.5 /
Resource Hash
0ecc736da7b03b41727b6dc4cacaefdd11c377a4cc52e43dabe676221c614f8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
openresty/1.11.2.5
strict-transport-security
max-age=31536000
content-type
application/json
access-control-allow-origin
https://ko.cm-ob.pt
vary
Accept-Encoding
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
robots.txt
t.skimresources.com/api/v2/ Frame D065 		0
134 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.skimresources.com/api/v2/robots.txt?__skimjs_preflight__please_ignore__=true&rnd=0.3068874889535298
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
via
1.1 google
server
Python/3.7 aiohttp/3.5.4
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain charset=UTF-8
px.gif
p.skimresources.com/ 		43 B
276 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=1&rn=4.2152865537236295
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
px.gif
p.skimresources.com/ 		43 B
102 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p.skimresources.com/px.gif?ch=2&rn=4.2152865537236295
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.91.160 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
160.91.190.35.bc.googleusercontent.com
Software
Skimlinks Pixel 1.0 /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
via
1.1 google
server
Skimlinks Pixel 1.0
p3p
policyref="http://skimlinks.com/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
content-type
image/gif
widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html
platform.twitter.com/widgets/ Frame F8DD 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fko.cm-ob.pt
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67D4) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
804331
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105433
Content-Type
text/html; charset=utf-8
Date
Sat, 30 Apr 2022 05:50:29 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Wed, 13 Apr 2022 12:15:11 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67D4)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
fp
fp.metricswpsh.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fp.metricswpsh.com/fp?tag_id=5166
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
161.35.86.105 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ko.cm-ob.pt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://ko.cm-ob.pt *
date
Sat, 30 Apr 2022 05:50:29 GMT
server
nginx/1.18.0
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
fp
fp.metricswpsh.com/ 		0
0
track
aa48423cd0.6374870abd.com/in/ 		0
199 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aa48423cd0.6374870abd.com/in/track?data=eyJ3bCI6MCwic3ViaWQiOjAsInVzZXJfaWQiOiIxNDkwODAwNjU3MDYxMTM0NzAwMCIsInRpbWV6b25lIjowLCJ2ZXIiOiIyLjI1LjAiLCJ0YWdfaWQiOjUxNjYsInNjcmVlbl9yZXNvbHV0aW9uIjoiMTYwMHgxMjAwIiwiYWRibG9jayI6MCwidGltZXpvbmVfb2xzb24iOiJFdGMvVW5rbm93biIsInV0bV9zb3VyY2UiOiIiLCJ1dG1fbWVkaXVtIjoiIiwidXRtX2NhbXBhaWduIjoiIiwidXRtX2NvbnRlbnQiOiIiLCJtbSI6MCwiaW5pdF9zdGFydF9sYXRlbmN5IjowLjM4LCJpc192MiI6MCwiaXNfdjJfZW1wdHkiOjB9
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:29 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
csub.m.js
js.wpushsdk.com/npc/sdk/wpu/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpushsdk.com/npc/sdk/wpu/csub.m.js
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
4d841724e5f355abec9cbf6eb3369b68a948b1b3a663828af811cea0a42bce90

Request headers

Referer
https://ko.cm-ob.pt/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
last-modified
Thu, 28 Apr 2022 12:09:15 GMT
server
nginx/1.18.0
etag
W/"626a83eb-8272"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Apr 2022 05:55:29 GMT
cache-control
max-age=300
x-proxy-cache
HIT
push.m.js
js.wpshsdk.com/npc/sdk/ 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Requested by
Host: js.wpadmngr.com
URL: https://js.wpadmngr.com/static/adManager.m.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
6e040f861722deee40ea47ce05231fff57895321f15c7cd9bfe3414212e09546

Request headers

Referer
https://ko.cm-ob.pt/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
last-modified
Fri, 11 Mar 2022 12:04:54 GMT
server
nginx/1.18.0
etag
W/"622b3ae6-d90a"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
expires
Sat, 30 Apr 2022 05:55:29 GMT
cache-control
max-age=300
x-proxy-cache
HIT
latest.json
cdn.jsdelivr.net/gh/prebid/currency-file@1/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20220430
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:5714 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
08b5e4857b51f51f8c9793a0b76d9d42524bfeea16fd692e62964d8d35a84a1d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
10168
x-jsd-version
1.0.1326
x-cache
HIT, MISS
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra19149-FRA, cache-itm18836-ITM
timing-allow-origin
*
x-jsd-version-type
version
server
cloudflare
etag
W/"66b-mwiP82uPMnXw4Qi27aMoTYwtKPY"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3l5eyhS7vy96W544ny7iJDzEUvJOFTYN6CqzEMZzYvIXKdZodZCjC4w%2B5eTCjvILqd%2FDgwtfV2JLByqufCBLktdA14dSio5GyL5DNcWp9W94MDYqgPjbLSLfZltdcLIZ7Pke10%2BPCuiilkLg9U%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=604800, s-maxage=43200
cf-ray
703e0008bea49a1e-FRA
access-control-expose-headers
*
settings
syndication.twitter.com/ Frame F8DD 		169 B
425 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=8cc2937909527ce84f16fef1ac70fb3b2eef8c04
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.bbd13993eb53d3a11ac08f5e8cf9d6a4.html?origin=https%3A%2F%2Fko.cm-ob.pt
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.72 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-response-time
112
date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
last-modified
Sat, 30 Apr 2022 05:50:29 GMT
server
tsa_o
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
0df5397216954668ecec04ecb75e6b22562472444c020fc45a64f1836cdd5658
content-length
143
icomoon.woff
cm-ob.pt/template/fonts/icomoon/ 		0
0
page
t.skimresources.com/api/v2/ 		22 B
43 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://t.skimresources.com/api/v2/page
Requested by
Host: s.skimresources.com
URL: https://s.skimresources.com/js/192355X1677345.skimlinks.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.201.67.47 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
47.67.201.35.bc.googleusercontent.com
Software
Python/3.7 aiohttp/3.5.4 /
Resource Hash
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:29 GMT
via
1.1 google
x-content-type-options
nosniff
server
Python/3.7 aiohttp/3.5.4
access-control-allow-headers
Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/plain; charset=utf-8, application/javascript
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22
pubads_impl_2022042701.js
securepubads.g.doubleclick.net/gpt/ 		367 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
sffe /
Resource Hash
82d512d9de66d372be99b9169ce37787faaf6253487f07527aef39ce9651f11e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 17:57:51 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42758
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
127773
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 08:34:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sat, 29 Apr 2023 17:57:51 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		64 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=ko.cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
da20c0065fd6912a4faecf7819b851adc016f3b19b66d4b0f8e80d80ac0bb847
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69
x-xss-protection
0
expires
Sat, 30 Apr 2022 05:50:29 GMT
styles.css
js.wpshsdk.com/npc/sdk/push/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://js.wpshsdk.com/npc/sdk/push/styles.css
Requested by
Host: js.wpshsdk.com
URL: https://js.wpshsdk.com/npc/sdk/push.m.js?v=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.24 Philadelphia, United States, ASN7018 (ATT-INTERNET4, US),
Reverse DNS
Software
nginx/1.18.0 /
Resource Hash
1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
last-modified
Thu, 16 Jul 2020 20:33:19 GMT
server
nginx/1.18.0
etag
W/"5f10b98f-843"
content-type
text/css
access-control-allow-origin
*
expires
Sat, 30 Apr 2022 05:55:29 GMT
cache-control
max-age=300
x-proxy-cache
HIT
subscription-offers
notification.tubecup.net/in/ 		0
193 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://notification.tubecup.net/in/subscription-offers?href=https%3A%2F%2Fko.cm-ob.pt%2Fwill-there-be-sicario-3&tcid=0&spot_id=2470&site=tcpublisher&source_id=0
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
159.69.161.138 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.138.161.69.159.clients.your-server.de
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:29 GMT
server
nginx/1.18.0
vary
Origin
access-control-allow-methods
*
access-control-allow-origin
*
cache-control
no-transform, no-cache, no-store, must-revalidate
access-control-allow-headers
*
content-length
0
id
googleads.g.doubleclick.net/pagead/ Frame 1181
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/id
  • https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
100 B
146 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53a898adf0c79c80fb29476e1c9fa463a5305fc846d6e88a40dcf40b0c47e0d7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Apr 2022 05:50:29 GMT
x-content-type-options
nosniff
access-control-allow-origin
https://www.youtube.com
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad_status.js
static.doubleclick.net/instream/ Frame 1181 		29 B
588 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.doubleclick.net/instream/ad_status.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/www-embed-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:38:11 GMT
x-content-type-options
nosniff
age
738
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29
x-xss-protection
0
last-modified
Thu, 12 Dec 2013 23:40:16 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Apr 2022 05:53:11 GMT
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 30 Apr 2022 05:50:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1181 		44 KB
22 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9d1f8e40383d96d85c3afd250539874afe095b2f9e45ca120f787217bb7e94fb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
22172
x-xss-protection
0
remote.js
www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/ Frame 1181 		118 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/remote.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e0c4174e61491bcca41b0035a78384a41275762a80217fde843045a58defff6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:57:12 GMT
content-encoding
br
x-content-type-options
nosniff
age
121997
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37653
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:57:12 GMT
mz7NBNV2Cg_tP0eo8e_kKg8I5SIuzjUX-Ml401fNPCc.js
www.google.com/js/th/ Frame 1181 		35 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/th/mz7NBNV2Cg_tP0eo8e_kKg8I5SIuzjUX-Ml401fNPCc.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9b3ecd04d5760a0fed3f47a8f1efe42a0f08e5222ece3517f8c978d357cd3c27
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 09:45:39 GMT
content-encoding
br
x-content-type-options
nosniff
age
72290
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13664
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 11:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 09:45:39 GMT
embed.js
www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/ Frame 1181 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/embed.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3b5b1ae65b8c4bff67063af77d9186e254923c375d6b5994abf2d5d539ab62cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 19:52:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
122290
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8111
x-xss-protection
0
last-modified
Thu, 28 Apr 2022 00:16:30 GMT
server
sffe
vary
Accept-Encoding, Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Fri, 28 Apr 2023 19:52:19 GMT
truncated
/ Frame 1181 		175 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
QCpG1GrknNpsk_4DfTwNmUojKfTtt5-M5Ze92Mul8k30zlKaM5Vf9osQIpwyfmVN9ocOjEbq=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ Frame 1181 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://yt3.ggpht.com/QCpG1GrknNpsk_4DfTwNmUojKfTtt5-M5Ze92Mul8k30zlKaM5Vf9osQIpwyfmVN9ocOjEbq=s68-c-k-c0x00ffffff-no-rj
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
fife /
Resource Hash
0a3c2618b25badf3965912144424d8b551ffaa90ed61ede336fa89c203f3cf3f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 02:13:01 GMT
x-content-type-options
nosniff
age
13048
content-disposition
inline;filename="channels4_profile.jpg"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3076
x-xss-protection
0
server
fife
etag
"v1"
vary
Origin
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Content-Length
cache-control
public, max-age=86400, no-transform
timing-allow-origin
*
expires
Sat, 30 Apr 2022 14:09:00 GMT
sddefault.webp
i.ytimg.com/vi_webp/hTJ60p5FAT4/ Frame 1181 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.ytimg.com/vi_webp/hTJ60p5FAT4/sddefault.webp
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bcaa8c0d09d1f5a8df244a020efad7e5c0c3074958381e1052a44af5abcaee5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15356
x-xss-protection
0
server
sffe
etag
"1538817357"
vary
Origin
report-to
{"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type
image/webp
cache-control
public, max-age=7200
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="youtube"
expires
Sat, 30 Apr 2022 07:50:29 GMT
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ Frame 1181 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/base.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 05:50:29 GMT
generate_204
www.youtube.com/ Frame 1181 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.youtube.com/generate_204?etgtdw
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
cast_sender.js
www.gstatic.com/eureka/clank/101/ Frame 1181 		52 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/101/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.youtube.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 08:08:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
78113
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15395
x-xss-protection
0
last-modified
Fri, 01 Apr 2022 19:36:20 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Sat, 30 Apr 2022 08:08:36 GMT
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 1181 		98 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/player_ias.vflset/de_DE/base.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
073517305a0733b07e3c478d7b09562faa4fc17f469dcbd68ecb45961cc709c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

X-User-Agent
grpc-web-javascript/0.1
Referer
https://www.youtube.com/
X-Goog-Api-Key
AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json+protobuf

Response headers

date
Sat, 30 Apr 2022 05:50:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json+protobuf; charset=UTF-8
access-control-allow-origin
https://www.youtube.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
118
x-xss-protection
0
GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method
POST
Origin
https://www.youtube.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,x-goog-api-key,x-user-agent
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin
https://www.youtube.com
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
content-type
text/html
date
Sat, 30 Apr 2022 05:50:29 GMT
server
ESF
vary
origin referer x-origin
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-xss-protection
0
optad360.js
serving.stat-rock.com/player/ 		310 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serving.stat-rock.com/player/optad360.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/ab5675f8-9339-4bdf-ab1a-9125f95dcddc/plugin.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
gzip
last-modified
Fri, 01 Apr 2022 11:51:27 GMT
server
nginx
etag
W/"6246e73f-4d83b"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=600
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ko.cm-ob.pt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ko.cm-ob.pt
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ko.cm-ob.pt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ko.cm-ob.pt
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
localstore.js
script.4dex.io/ 		483 B
949 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1609879
x-amz-request-id
tx0c810f9b689a43feb0d6c-0062543d8e
x-amz-id-2
tx0c810f9b689a43feb0d6c-0062543d8e
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o%2FEpMeGkiljv%2BnmqQsSX%2FEDxvOmMeL8OQdWre%2FeI81yxE3Zl6JMLO2B99mXsInNuj8rCf%2BXKCQMnPKAvJqwzTPLf6ZBy9fx%2BSq9nvh9peNHCSY%2BVjwJJVvTyyVrbsRa9Mp3fbMkip%2BN4Kz01"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=1800
x-amz-version-id
1649687875786561
cf-ray
703e000eba6992b1-FRA
c
prebid.a-mo.net/a/ 		0
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
1
vary
origin, Accept-Encoding
openrtb
adx.adform.net/adx/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:30 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		50 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:30 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f74ea821-e92d-440d-9e0f-bcdcc7ea726d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4e94e02a490d304d30d6c8cccced4fe7505419817aae8318ddaa094c92a6a2a2
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 30 Apr 2022 05:50:30 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
b1f3bd94-6544-46ce-80fe-4303fec40a80
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a8afc9750b1f64409bc5d48267ef6f6db04f88553e826bf19b90c4c2d5fe5435
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 30 Apr 2022 05:50:30 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a370c560-5026-4329-ba9e-e0f4f4fc2f46
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:30 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
openrtb
adx.adform.net/adx/ 		0
406 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
prebid
ib.adnxs.com/ut/v3/ 		50 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:30 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a8dd0703-2777-4019-bcfd-a099417b905b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
c
prebid.a-mo.net/a/ 		0
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
2
vary
origin, Accept-Encoding
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
tx0a62bc3cce094ace8df40-0062543fa9
cf-ray
703e000ef8d99bca-FRA
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-id-2
tx0a62bc3cce094ace8df40-0062543fa9
last-modified
Mon, 11 Apr 2022 14:37:55 GMT
server
cloudflare
etag
W/"e88bab2e9c57f44732eeec31ca508d70"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RSV2FGLfWxompYkTdQl5zPXSA0M3YIsX3sfTKbo03AvGUDAsBzOaXV0jy3qY6lcV5R8ZFpjR%2BmbTJ9aceN%2FSnQw1LsQ7dDgHKcbDXPG9yt8tOAwt3hR7yzyfXKCUtpK3X1ZLf6BIj2EGob5j"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1649687874851815
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
content-type
application/javascript
access-control-allow-headers
Authorization
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ko.cm-ob.pt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ko.cm-ob.pt
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
prebid
ib.adnxs.com/ut/v3/ 		50 B
740 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:30 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5ec0378e-f7a6-4e67-b061-d9459abc0d53
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:30 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
c
prebid.a-mo.net/a/ 		0
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:29 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
163
vary
origin, Accept-Encoding
prebid
ib.adnxs.com/ut/v3/ 		12 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
11b4c308f296c85e0d4ae027ae331c944370dfcc17bdd2cc4ca88c10ae8a8638
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 30 Apr 2022 05:50:30 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
25ffa513-85ee-4dd6-9554-8992173ad0e3
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ko.cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ko.cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554948934738954&correlator=4370751422260145&eid=31067353%2C31065401%2C31066184&output=ldjh&gdfp_req=1&vrg=2022042701&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_SF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C750x100%7C970x90&ifi=1&adks=3012904734&didk=4024988749&sfv=1-0-38&ecs=20220430&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D31c842d0f0131b%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D31c842d0f0131b%26hb_bidder%3Dappnexus&sc=1&cookie_enabled=1&abxe=1&dt=1651297830476&lmt=1651297830&dlt=1651297828717&idt=815&biw=1600&bih=1200&adxs=436&adys=1200&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fko.cm-ob.pt%2Fwill-there-be-sicario-3&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=728x-1&fws=640&ohw=0&ga_vid=1956150542.1651297830&ga_sid=1651297830&ga_hid=1116327106&ga_fc=false&btvi=1&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
0d1ff32dcb6cc66dd2e38cde136e6718c33441e628e8f2959ae341e9d2e2e9e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11605
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ko.cm-ob.pt
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022042701&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f3aa28e2cd3a21e157e7f48d3ef2be9bfd1b4b9ceda1cf9edae91d6d3f814470
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10602
x-xss-protection
0
container.html
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5099 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
Sun, 30 Apr 2023 05:50:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		74 KB
23 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554948934738954&correlator=4370751422260145&eid=31067353%2C31065401%2C31066184&output=ldjh&gdfp_req=1&vrg=2022042701&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_ATF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x300&ifi=2&adks=3611737302&didk=2570963597&sfv=1-0-38&ecs=20220430&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D970x250%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D33098128bf30f1%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D970x250%26hb_pb%3D0.00%26hb_adid%3D33098128bf30f1%26hb_bidder%3Dappnexus&sc=1&cookie_enabled=1&abxe=1&dt=1651297830489&lmt=1651297830&dlt=1651297828717&idt=815&biw=1600&bih=1200&adxs=436&adys=169&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fko.cm-ob.pt%2Fwill-there-be-sicario-3&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&fws=644&ohw=1600&ga_vid=1956150542.1651297830&ga_sid=1651297830&ga_hid=1116327106&ga_fc=false&btvi=0&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
9a2ab405de7aa2cd1e79976942cbf6df8278e9d8e451d68689fe6b64c731817e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23075
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		630 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		376 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: serving.stat-rock.com
URL: https://serving.stat-rock.com/player/optad360.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128368
x-xss-protection
0
expires
Sat, 30 Apr 2022 05:50:30 GMT
1
serving.stat-rock.com/v1/log/js/ 		35 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://serving.stat-rock.com/v1/log/js/1?id=1651297830495.118&type=INIT&placementId=hb3_G2ZNDtYK2jOHlEfSvAb-0IW9_eBuI2U5fOuXM2YMAad3voo1&tagId=&message=&u=https%3A%2F%2Fko.cm-ob.pt%2Fwill-there-be-sicario-3&t=156&v=102.1&width=480&z=p%3Adf%3Bv%3AinBanner%3B&r=0.996061208978394
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
144.76.120.254 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
ap15.adplayer.pro
Software
nginx /
Resource Hash
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540

Request headers

Referer
https://ko.cm-ob.pt/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:30 GMT
srvf
144.76.120.254
server
nginx
srvb
127.0.0.1:8082
content-length
35
content-type
image/gif
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554948934738954&correlator=4370751422260145&eid=31067353%2C31065401%2C31066184&output=ldjh&gdfp_req=1&vrg=2022042701&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_BTF&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x250%7C970x300%7C1280x300&ifi=3&adks=1554671987&didk=1341088193&sfv=1-0-38&ecs=20220430&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D728x90%26hb_pb_appnexus%3D0.00%26hb_adid_appnexus%3D32455d8e6e072ca%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D728x90%26hb_pb%3D0.00%26hb_adid%3D32455d8e6e072ca%26hb_bidder%3Dappnexus&sc=1&cookie_enabled=1&abxe=1&dt=1651297830628&lmt=1651297830&dlt=1651297828717&idt=815&biw=1600&bih=1200&adxs=436&adys=4100&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fko.cm-ob.pt%2Fwill-there-be-sicario-3&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=728x0&fws=644&ohw=1600&ga_vid=1956150542.1651297830&ga_sid=1651297830&ga_hid=1116327106&ga_fc=false&btvi=2&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
594acca386d7d531c89141478e5f5581941c99ea5d78e1b4f937c70385ebb829
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8872
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 05:50:30 GMT
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://ko.cm-ob.pt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://ko.cm-ob.pt
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
-1
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
c
prebid.a-mo.net/a/ 		0
230 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
145.40.89.200 Ashburn, United States, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:30 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
173
vary
origin, Accept-Encoding
bids
prebid-eu.creativecdn.com/bidder/prebid/ 		0
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-eu.creativecdn.com/bidder/prebid/bids
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS
ip-185-184-8-90.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://ko.cm-ob.pt
date
Sat, 30 Apr 2022 05:50:30 GMT
access-control-allow-credentials
true
access-control-max-age
3600
vary
Origin
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ 		16 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
3e4f55f1f4c55feb061ad43d3d466a984ed1ac04bd14af61009047ba2ac0163b
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Date
Sat, 30 Apr 2022 05:50:30 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
a21973de-7b00-47b7-9ae9-3649ae8bff6d
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		50 B
895 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:30 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
af184292-f986-40f6-a3af-361043903182
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://ko.cm-ob.pt
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
50
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
openrtb
adx.adform.net/adx/ 		0
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ko.cm-ob.pt/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:30 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D820 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2945
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:01:25 GMT
expires
Sun, 30 Apr 2023 05:01:25 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 1D19 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
e3e035bcb8f27d80d63a5962408ce875be99358ef3f4031c4d728c76a13bbfa4
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-3KVDNVq419h+lZPhGyCvIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-3KVDNVq419h+lZPhGyCvIQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
Sat, 30 Apr 2022 05:50:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012203150226000/ Frame 69ED 		222 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62084
x-xss-protection
0
server
sffe
date
Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"fa1474a6dd6481f4"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Apr 2023 10:42:11 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 69ED 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5728
x-xss-protection
0
server
sffe
date
Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"d91e62368f79b48d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Apr 2023 10:42:11 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 69ED 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29618
x-xss-protection
0
server
sffe
date
Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"9a9baa9802fa29d2"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Apr 2023 10:42:11 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 69ED 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1900
x-xss-protection
0
server
sffe
date
Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"3393210d007db9ca"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Apr 2023 10:42:11 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012203150226000/v0/ Frame 69ED 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012203150226000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
155299
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13669
x-xss-protection
0
server
sffe
date
Thu, 28 Apr 2022 10:42:11 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"565eca32a909292d"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 28 Apr 2023 10:42:11 GMT
css
fonts.googleapis.com/ Frame 69ED 		8 KB
892 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 05:47:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 30 Apr 2022 05:50:30 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Apr 2022 05:50:30 GMT
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 69ED 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 18:10:31 GMT
x-content-type-options
nosniff
server
cafe
age
41999
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
17534803318082699211
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2552
x-xss-protection
0
expires
Sat, 30 Apr 2022 18:10:31 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 69ED 		344 B
368 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:59:05 GMT
x-content-type-options
nosniff
server
cafe
age
46285
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
6766994032117382215
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
344
x-xss-protection
0
expires
Sat, 30 Apr 2022 16:59:05 GMT
l
www.google.com/ads/measurement/ Frame 69ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTF427VxrPDLPGN9Da8KEs8RDSdNjKgAtXJXtUrAiWTU2PRDpffAhvZ8C3vWneiiIzSgPIpH2LtTfQQiNVNjkF3ThkAow
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 69ED 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CALUpJs5sYvSzIMik9u8PpbOR2AvpkpakaJGjt6i_D7rVvfSiLxABIKqAwyJgleKQgqAHoAGXh-6QA8gBAakCdK3SGmiwsT7gAgCoAwHIAwqqBPwBT9AjAALLFqQjw_usOhKhL9IJWw0RZHAGIXgJddtl9Mp0IA4_-7YhBCWW_P51pGYiMO2JJrjdvzcbmQHkWz4aTcE5fdgfCSI-TjFbHLTuvAUq73Z0NB2P41b4gRnUNCwFuR6Mkxtez09Y6UvAt9C3ruyF2r_BnNZFW9iZP-EglgTw2TQwoOXucEwQzBb_-uc3CjX85ptnaI6jav67H9zjg9lWdk1_eBFtyluySill5hkCyNUFBJIkLdzCBhXYtz8F2-SqB23ROgujQNOWiaylfZm_DTaP2P27AlOf7dwq-eTjpGH85jDcQxcn2Bukt6TxdsS5ex6g-fEC0i0lwAT-nMyl5APgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAYAH0fiRb6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEO3lEdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNzk0NDcyNjcwMDYwNDcwMYAKA8gLAdgTDYgUBNAVAZgWAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=qYFIaV85zDU&uach_m=[UACH]
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame D820 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 12:43:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
61632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 12:43:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 1D19 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022042701&jk=554948934738954&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ko.cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ko.cm-ob.pt
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		17 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=554948934738954&correlator=4370751422260145&eid=31067353%2C31065401%2C31066184&output=ldjh&gdfp_req=1&vrg=2022042701&ptt=17&impl=fif&iu_parts=121764058%3A22528037647%2Ccelebs-networth.com%2Ccelebs-networth.com_am_S1&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C336x280%7C360x300%7C580x200&ifi=4&adks=2126724386&didk=2753867647&sfv=1-0-38&ecs=20220430&fsapi=false&prev_scp=hb_format_appnexus%3Dbanner%26hb_size_appnexus%3D300x250%26hb_pb_appnexus%3D0.06%26hb_adid_appnexus%3D445c68af613d66a%26hb_bidder_appnexus%3Dappnexus%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D445c68af613d66a%26hb_bidder%3Dappnexus&sc=1&cookie=ID%3Dad8318f160aaf3b3-22fbdeab87cd009f%3AT%3D1651297830%3AS%3DALNI_MZyzvvx0pe7GKzYHuaXDUWD4cOsNQ&abxe=1&dt=1651297830962&lmt=1651297830&dlt=1651297828717&idt=815&biw=1600&bih=1200&adxs=559&adys=770&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fko.cm-ob.pt%2Fwill-there-be-sicario-3&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x0&msz=300x0&fws=644&ohw=1600&ga_vid=1956150542.1651297830&ga_sid=1651297830&ga_hid=1116327106&ga_fc=false&btvi=0&topics=1&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
2568dfa814d345c7da73ffb7e75197c7604a32f1550e55cccc63b0e1dc9d7a57
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9752
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ Frame 69ED 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
16d34ed66cab6c42375ce83930577fc8bcfcf6128ebdec127770c6fb7ccd2f54

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v44/ Frame 69ED 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v44/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ko.cm-ob.pt
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 22:12:07 GMT
x-content-type-options
nosniff
age
286704
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28276
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 19:33:38 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Apr 2023 22:12:07 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame 69ED
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Redirect headers

date
Sat, 30 Apr 2022 05:50:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
generate_204
tpc.googlesyndication.com/ Frame D820 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?gugLOA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:31 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5F03 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
Sun, 30 Apr 2023 05:50:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 5F03 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite_fy2019.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:29:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1257
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8007
x-xss-protection
0
server
cafe
etag
8765308293129799388
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:29:34 GMT
css
fonts.googleapis.com/ Frame 5F03 		8 KB
714 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 04:07:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sat, 30 Apr 2022 05:50:31 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 30 Apr 2022 05:50:31 GMT
outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/ Frame 5F03 		14 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/outstream.min.css
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2798
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 10:38:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Apr 2023 07:48:45 GMT
outstream.min.js
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/ Frame 5F03 		347 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/outstream.min.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ee816398ac59bd1a1fddcb80037e7fd618f481fe467ad65e73afb4daff29095
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:48:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79306
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122225
x-xss-protection
0
last-modified
Mon, 18 Apr 2022 10:38:44 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Apr 2023 07:48:45 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 5F03 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:24:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:24:10 GMT
l
www.google.com/ads/measurement/ Frame 5F03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT3o-shUJYgsZrXvtoV8w63PuTaGe8g9fw3rvuGBNSoJOi1ozeHZ24JZdwe2JQ62yeatDvithNmRDoGS-vs11isyIstmA
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
container.html
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 283D 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
Sun, 30 Apr 2023 05:50:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 69C5 		624 B
299 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYi7fKgQEwAQ&v=APEucNX-WfrnYnP2S64-xlRG8nTW7qDwlKXynkPryoTco6TSp3yR9uAAqDZfwCsOMpH9hUNjZ80Tla930O81XU4xsOul771BjHG72YpfhIyS7CS13fvy1IuQBnEE9fL8YiIkb5kuah1hZk9TJnEieVaxcu49JtYF4G_j7ugjPblyXPYkerPxtN0VNVnMej_AieNW-E7PTlP-Qp2ov-4bKuwzYZcCYUV7pA
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
276
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:31 GMT
expires
Sat, 30 Apr 2022 05:50:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 283D 		27 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9hWspZzGX-X0ToHPyQo3R-4iZ8oODpO7x92rnrQJ-eUrX1Lj18o2X-8pDe96nvSK37rheYo1KLcx2Wd-uTLpQkiZF2EakSJsXf3gM004vy2R03I_nyW9rN1YZTFxdtqTRPPzbfGh-ZF8GTGgvMD2W7-HgAQ&cry=1&dbm_d=AKAmf-BwNHfJcVeIOeAR863QEQGpM1JI_iT78SmebMYursBXLlEmNM86TBnmRZCeDL3l6OenhcqNgeIC53vEO1IXH1RlVB4klw2o80jWPMELJv5ebUiIPjm4vg7J8owXxA4QJXd7ZgnFhzbSkwukttiUX3oHLlX5pe64r0z84siNqn_AkKdFdnTl81oUazt4P7Syf7hHSo49BrPLecGaqTksVeFMwGY1OoSA9lM1VLNG6xDxkTdM8uDDVdDnyqYSXchew7ty--vmQzAzdlt934P4UXNHs2UX9spoY9mW_3lzFQQq8zq3lIXyneTswMrKB258djabFzvlcaeODEX4M2BfD3V-6cRRyzPrMWgJEurz8BWRDDNDcHtkP4XfSmXjYqGY2x8PkwAg78FUEBqEdrZlYIGfz3xALFb1dJza0z2ggkZGO_epMH4x8fTHSISsGOX-gYSgLAiDDQI7e_W4NtrAOFjyG4Ucxg8za91htRH0S_ME2xJhYCO2eFEjErRb2eYiVLTMAqlrWieRPFpE2E3dNfb9tNFkq1cXwGebSL5PhrvePv45E_sb5nUBVgu2MPZw4XMnwQgVceidMw69SzJ9w6UBS08xXYqMnarZW0YvKelxAW4TClHevZMubqvNocVYybxY8lkY1OpK4m6L4-g76t8dpRWyogNMOBt21yBQPG5JdK01kTSKJUYXq7WsMLHStic5aUlm2p7b7y5rq1RjSeceSyxFEYdHZjsXSjIvvwV63KVQ7Q4qBEtkqv8fa2vPhR2Hku_KEt-vRTB7VN8sKOWB14e7cHTAzYZLj3s-J3mbagntLXJ3hpIJVYuITw5ua4M217gJjKr19WGKDZfy6q566hmre2UO6l8TWu7Gx_TRlu0VACISm8UjExXxFzn0l9yiAjpmZly5wo-8fQJQR1yRnRoQHbmeFub5jOhO3CvIy0ayHhyPETHgQBMUdyWJ--8PE9VJg8BBuRW_2F7EEF9Rz0pZxwlLredsU0P8SRXGgY_-YcFBsMYVq7gKhJsjBrjtHKxDlx8ovtjg76mIfI0Sh5NItexPDzbXYeBORU6Np7hClkLgfhUP0ibFCyxJ785_xBpwYh_MxPFErS2M4EvtpLvI7-RJr8vhnZsxg0bWldBMa8my6PcFIi-bAZVOW84mZIVYpG0QSszH0CHUmfnvnwycDQZ7vD1OPwo2xg7C0-h6QuyS6ef12PX-PjezUH8FWt8PPHz1Nc_zVCBFmV0_RxMZkB0HM5o8rFwxJK2O3_ubOXWhngI3_SUT7oVQUsBmuZ-v860NJ3xpTTeKkX5K2CvEYFDKpnJOnjUWJtYwzEZmYC3owIHvnz2Y6AifAeM-gnEMOufrUTyv2g4dV_MnAR8OhHrriJWfzSDbQFH9ifjhlLsrFoQoHp3C_Mk7d0IAP33sn68z4uIV6UuEk8cGJl_2Eu5hCPM2D-4xuYwhbHUeozHoU4-DSmnqdEBMo_RZZXMYY3NnRMmCrQ5B7YKE4goyrwr-fzpiTBDSdil7vpoVY7MqUWs4b_Yg9q9eYwXgVNZo8FGi8fz75et2VfxJkBdpu1CRnneOvsXm0uAvY-z6n9uElpx9_UHGopp64_4WU3Fg2eNaI8fWczw8VTYaYHg79s2D6CiYl5Cb5NMbciLDfgKOPeJHxNRgwivbyvHxYf8Afh7fWrzVCYPAb13e0nldyNdi2Bw75h3PHlTVYxjsaQX7NtPLwyLXNJMwBnHlO36Eq1gC_PoGgac8E18y1Uulpz0N_83_O_hv4VmpZ5VJdzKl-Pl5_Rz5fSx_2VID2bWDTtcAsqA_L3ErALIdKEWRuAmUxRQFaOUnIG-y-srahWh2ftUvj7UJDByRRyANqQbSuQXZHZ3RLe3yIGDQxOHPeNH7fC3VYEwLL3VReuS8ZyxpAqxxzCdJZ41Z_x6LZtIqoIdy4SFqNob-UCgWnb18fL9duh15qXIL8SwNZGzzCS-JaVZBhtTbMxc4-AOqR8R5kT3r1Qm1D9-8xmwCVdMT8nz4CauaSK4L9geNH2SZHwqi37MFrfPtSfbz6xToEVzqSgg1PPAojfZcSUnkF0oS_TKP42lPhmrRCJHBx8-CjMP8KFMz9hYgqrqbW5AoJEVlmuCmQqFuphfkEmuj1BK6gPJWofbj2XMRXWpbHIsDZhXHUQOfXNCLk8tP3L7-9AAKVO1qGbgED-96pM0ZTuUGI9nQLz9lfrmIV-qntsZP9AEEhDHqWl8CArNImUegeMcqjeUx9qssAv1dQOVPsD-BJEzH87-j_QqPMwVQVkzXcu2TaaRqC8g6JDF_uepBScFnfuQda8shv53Rg714UxFd9du9rPs2kOnHh_cORGzj2GLprahbSTxyP2BS4YcqswhXlytwaTRjyJl8JNqraFg4YHoH81N0kCpo0_wgxU_ElS_Tktydj6yXJy1zzV0LO7FjuNES0uwUHesp4zsWAGod5ks62KHIC3RG7DboPmIyN7MI3HU5cOzrTt5elWvSE9qlU5q_y5CZN39Ywc6GN3UR2TWmbSRmb_RFc-eLCE4Ht9QhE4qABYNyGS-iqy4hkXMghGUWYLpncPu4dwlWyWpUxCclq2YnMw0T1pDaNzc0dCHebyEi1IzJti3yGKx0gGFg_227JvqBmHXZTd36vfimg0R39IUD4vMjD6OjtA4VV59cPZg1qoTveq44KVKf7aFBAG5t0a9mDTGz5CxQ2W8kfwd8mD0exR4gqFRBUmD0LFagBescGDhHVR_ikEgA9HzigsUTzkTq675vXxgzxB5DcRrSdSEIpAUA41Ikek8nmTysEUj4SvVyOvJ2EYcOWBnX52sOp6-ftKM62kvkgfLcQd3JDvLuYjARXe9o5agOX8rU8z2m8Pxt4WRqw9EnyW5Z59jT5KOUrZklQ4n4OAXSrOu1tYZVQmsrjXuqDxj3sg8YFRr95P7UFE1UETj1U2Ya11JtUo7P4SQDq-_6yfsVmcivyQg-e9SUnTZLwYnE9j2uZ2JbS1Q-DHwnLb058TFHBFTNMOY2uXnKS5GrfwjdQuJmfxnu4YPGdxZ0_XYZ4tdHf7X9DSb2Cv_3Btmzl4O6UgGmqQqWSi_MsuWghEe6l2ZRQWp85vuYSwJJeP4PuybtduHTP3mi6Sgg8Y6s-N2lH-K_1G6bbDRhXu1ynhSGqksczVuiZxfgFt-tBndtxm0zlSmQyvLO24fOyxffKjQFsFxQbIiPlNhAK27hRD5c9lfRGw68c7mwrpUg2HSkvMapsQeydJWDcZB7y5SeSHc9ivheuADpZym6o3Tb4eAHW7EjpQEUQQ-gguICWPm1WrMahkXaeJmbcgWqQFuzv8HcsfvPa77IRXh8iP07xf5_fo5y4pYwp71H-KMouDPz7ClewrP1WIU6Xoc4UILHAx-z&cid=CAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg&rfl=1%2Chttps%253A%252F%252Fko.cm-ob.pt%252F%240
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
03a17600280b4d4894f4d0f00e905773caa38ee4667161d9beeba24b68051310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16328
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 283D 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DjkeZ5sPRFGyCzN76Ly04TXm7oNH6j0D-9ltc4zV7M5FyMfa06ejaaLPcNBQRtni56pV67bzjvSxReRYYfXiOa4GR8Oo-e2lWhpswa3BuXoa7uq-0
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
r62eglto.js
ad4m.at/ Frame 283D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64725
x-guploader-uploadid
ADPycdu7l52mBWBll-hqLCXbkcaCo1chMkH9vph7wY-bDbYpIDMlsMkYLwETYJk3JCL-nEBWenkqir8abiKXoCX8qWuc-1yaGA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Apr 2022 11:51:07 GMT
server
cloudflare
etag
W/"6842a9524c0172027959a0f7c93f8770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QgkRUUiGhL1%2BMRJVjeDw5UYzjO9KEZ4eJNNJ2N9XVrf2RKH97ZznHvw8ncrgaG6yvQoiWKRbRSTNLvXg5R%2BTFrlmNr9wd0L1uWHXE8M4hQUVSLpQG07eddb1AzIdy4km9dYhEHY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1649159467260020
content-type
application/javascript; charset=utf-8
expires
Fri, 29 Apr 2022 11:51:46 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11886
cf-ray
703e0017aeac9241-FRA
cf-bgj
minify
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 283D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:31:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 283D 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 05:50:31 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 283D 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:24:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:24:10 GMT
csi
csi.gstatic.com/ Frame 5F03 		0
327 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l2lg3dgg&c=6489605522042&slotId=3244802761021&qqid=CNLZ_eSLu_cCFf-P_QcdByIM6g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5F03 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 20:07:55 GMT
x-content-type-options
nosniff
age
294156
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15828
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:28 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 20:07:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 5F03 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Tue, 26 Apr 2022 18:59:49 GMT
x-content-type-options
nosniff
age
298242
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 26 Apr 2023 18:59:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F03 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CU6m1Js5sYtKuMP-f9u8Ph8Sw0A70uZjmaJKHxcbtD42A5LbrAhABIKqAwyJgleKQgqAHoAHc-Kq7AsgBBakCdK3SGmiwsT6oAwHIA5sEqgSWAk_Qbvnk8QBwurU3XN0Lzvm5zXfx0k2AKEf8Wu0HgIXruR-ig_J0HPvt1bzpixFdXkTb0QcZhCLkscB6wOF7hsbX7KwvPEGkHlzLfOLAwAnKhK_QmLR0F8d7LhYnCwcvZIEZYvCyGCQCS83RBGbP-Xo-olKOI9lxCIQJ4NkJSa-TsfCVd2jPJbNY8mk-iNidi88nBRSDrtJTMC_L4M_zFVr5aLXH1VgVw_DUaYwPI3BH6ZSglP5jbIIshOe-1lDlkpSv4RKEgP0NeemSR9WXkXlHnxf5ltEe7y38lTgGd6sgrMqAiZN_FpLAXussnBxdMd6bJbBNCJV-QgBa9oRqAIrR3NZXJv6x4sgCBdLOBOIH7FUoA-4owAS2r6rH7gPgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsB4AsBgAwBsBPNoeMOyBOvyM3fA9gTCogUBtgUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1651297831654&ai=CU6m1Js5sYtKuMP-f9u8Ph8Sw0A70uZjmaJKHxcbtD42A5LbrAhABIKqAwyJgleKQgqAHoAHc-Kq7AsgBBakCdK3SGmiwsT6oAwHIA5sEqgSWAk_Qbvnk8QBwurU3XN0Lzvm5zXfx0k2AKEf8Wu0HgIXruR-ig_J0HPvt1bzpixFdXkTb0QcZhCLkscB6wOF7hsbX7KwvPEGkHlzLfOLAwAnKhK_QmLR0F8d7LhYnCwcvZIEZYvCyGCQCS83RBGbP-Xo-olKOI9lxCIQJ4NkJSa-TsfCVd2jPJbNY8mk-iNidi88nBRSDrtJTMC_L4M_zFVr5aLXH1VgVw_DUaYwPI3BH6ZSglP5jbIIshOe-1lDlkpSv4RKEgP0NeemSR9WXkXlHnxf5ltEe7y38lTgGd6sgrMqAiZN_FpLAXussnBxdMd6bJbBNCJV-QgBa9oRqAIrR3NZXJv6x4sgCBdLOBOIH7FUoA-4owAS2r6rH7gPgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsB4AsBgAwBsBPNoeMOyBOvyM3fA9gTCogUBtgUAdAVAfgWAYAXAQ
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vast
bid.g.doubleclick.net/dbm/ Frame 5F03 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-Cv1GkDTKzdKnw24Uvj100cluFdVFhRqwmwhiBonrvcCd8DBq-HQtf0xaIc3a9CIiiqsUuId-zHnYD7dpsLOtU63PFKUg&cry=1&dbm_d=AKAmf-ARjVKRVzB-kStN3FQDCOff3KIIlhgJVrXp5hD61sIdipVh6DeXZRcnN74GE5IDW33hUbAYgOvIvyroCWn8nxbKnCtIo9wNvjJ9t2tPnWKckwYfkwvY72FoFOYzxRjMSMOPdBUEtU2Wpu4Zdn6YgWcWLHLNRO5PqScB0b5RCKK8ZtAekmCpzzbXFV9gdTuAL_ozl5_qnLSfoWoDUf0BROi5GUMaIK1J_IgOlfGh54lojp8pyU13t0ZkV-Uc8_lH7vUrzYbnhbcRh3xzpuZ4QRENHMX3tuXeY0c2zMd7RE73tp1fb8ZqzNUL7WwsnvmynGq_u4l04rfBE1bY3JmeABpMr9vHTiYewXmpdYfHBS0OwvjxXspF49wBH6P8gK7_du53gyVrWt98mp4o8IT0l7VpN-JUhFy5tf2wl0CIOowzNVxluMxNck3ZsSqxB4z1V2T3rNZ57gntH_D_XZ817Rfh9wMUP6dkbChAFWKDv7rBSQZYmBbAa72ToFBTTpBqAB13g4_j4mfhfMsB1hCSpouy_wOaOIQrDS_YjKNmV-pUEtq1XktHvxizbEzy1Gac4ixZd6tZ6ORRVcXShrW4Ng1T9EW8BYVAJnnQbRVEDA6voFtPh4Nx1_enwIEM0tFMmECj1iJ1jGzeKGLczKeiYlJGahzK6-VmxAqpG93wFcbcEUo1II7oZO4v3h_LvkI6U9lD70TI25K7jPfJnM-rsLevKUVUw1pa4nq1xPCyzOkT7dkjxtJC6ZjgjGeRbZbXuiAZp_5Ln0mCKXDbtndVWqEPaoApbhcZuI8IXSUt5OyeJyHNUir6V2ALXEs2eG-JWZ9dlbrKaUVmSqx60k6WVBCXZnxb5NeebcLhbr7Niny60Ymlvw0QksY9siJ_S-EPaZD84z7e6YngSjaOx5FH7QpoELjqZOj5IXIZ9RNRkierjgVYbQRZ8CzZhu5sUPGVCzpwlfat4Fni_ytXcMrJdeEmNSH7lKMj9zKNsPFBLlzvhpflHFWUp7AjX19Axt-cqASetJAwNJEpu9ELcpwkrSre-zBD_x3z5TvuU6MqJ4Ax-SQ_ge29fIjzGkUYe0rE9E8gJEZMBEFxct1oxtUHpkya6jWrzT8hzami5j9nADsjAgcjGGgAsJlhqC-s3KxRVI55s8di5VGi94-4IcSFZDm-ELKdHpc_3cWYx6HfOURYbLq1SMRGgG8LUZVV37wrMO9bW7Ajdv5R549GxVhTqDVmZ2vkyCUUdExXjB5hI1inCsKtGIoW3aD4F6DsFDHWVhq7mSOFeEgCIbuY_iFtnfQpgQAAYcUARsn0v_GDE8AW3F-gms0gLKEwbmbPjvPKkDcEqNfan--9fS_UBlpkkVZSGIeZQf8dSlhPIZgFZ4579ax62qz6nzOtLOoEmxYxurdam6mbRxBoaNEtbYIKfpJ8er0lza2_vpDw1dmXJqgMyaswuYdppON7hC8_lshtah1wp3dvF_hgMA5zhdFJMVh7Zw48iTpPo9MUgrbb9Dfa-nothqgd8Rv0ukI_aQM-bsqUAhWoKuaJvLIBNIxeBkCD9Zc3hkFcfx_9jK5DnaEhkBZwR4R3pMAbRWNThbA3ZP2RnljS6uSv886JVyqZqL-s822YAIsZ4CwtURYAfHlZ3Dq_1N05sopjRdV8nh2W8yxe1kn5mrD9IWaA5BdVT5toYB_Ts0To0kAGniUitM0SX7EZKbeMnbwvndRaDFeKKoutKX8MJY_UqLT-c4aV_jDy8o2zKOzwFZVsOS21dd-OFnu5pFSsG9SL1fYjU5FNvKTkzq3cvBXZYnyz1o1D2c_OaBhoXFw-PYN3MNCIJOxUaxFvdrJkzOBOzIAXLyBYFOeh6LIW_4R2MthfuMxCIuP6tvfmaQzoD0syIi6Hf6uL_EQPY8Mgr-IwJyKe4GQs3oPR_-vz1BXATyv51b2EJMD8hyM8J6dUUh7dv1sXyPKlrHRCJ8KoMNq1r7PxODqIKhePqm7zdUwKBZ5HRRD3tNtmI7Gu4nO7h7oua0Xrq3o7hiP-U8RBX-SJtsgotNbebHdWfL56cOMAqjcw1eBAHP0yvzELAi0KlNdibRSqmCmRsx5Qahc1F3I3EJk-5uf_GW1lzgWdwHbZlWckF-EqlB6fOztzSF5S83aEeuOjU7qyTaa30GN8LhjQaIkmYLYooze3hiMx1iVVXddxQIA4f0Oltw-8ovNBdXrMDuJFaNVL6vns1U_VU5dFwVpdQ36AgavFQmBpe8swt1ZZdcK80UxpQhSFtbKmJmQJgYZmRAw01CCYS0SkFQ86a-XfrQk9UyWqkNtYlO7iqO_tSKd6-aPcxZ2DMnqZOmnqMKNtAhxrE-QaI-6mNnNEAk-N0gsOXuxIqHnhBBG9n3sxbYW6XhMYrarYzaVvXi6eEAgqHulLKLUQtm-XVre3nmR6_n3yt1JYf48zOkYm-s-MZQxee4Ft_SBJQ9-BrKw1aGd2SltPAlQ4xU5MVrFyGDQNdqj07T7Z7m82DTqVf7CjYPUUnXaGnqbGWA3EgQ3t1HOYyATNO42wwBdkgX1i62n6aD7bToBFAxcJjHykPO2Too1Ps9KD6ChzCqAH3EWNOuAfpXR-3nztx5hGMuMjuTLzggBVDfNk_79otnh71FEHXy46Sb6zJIlElFIh5NQpx7N8GVm7tkFvgHIBOEZJOPSInVBKrWRyIQ2lAHXU6NE862AA-uJkLCxW5RRRjTC4ftCidGve_x4DAt4Y7hirZjfADlrsxwE50jeMdMPKz38Ie7Cva982QiM_3SS_Yg42m5Cds30Q-KmL7gZhhqO8mbhzatbOBl1k4cJ8Xq03_X-xSQjl3HxX48N5DNT6kkTW9z4euGBejKE0nEhFAzSP3JyzkZ8ktpqMQ3SEdW8zJDTLy4C256erYZwWalul1yHk8FaK3W-hsfU5ZYwX8-yBRq8pezsFmi3nliyQGkSXCgN6dSHdOCPMlGjbIRjxFwq9PS97idEdMGc6-e3KVjuWL4JNdkvbHOXMdMxIIstzchu0Twz_Rft3u_0NLN6GxntLfAUomgHLikGONKerGjmlbM3rTznfyunCbaarduAAL5P_g-J9AkszgAM0QnbIuEMaxOkMJGDoGaxQc-gbSvF7Ue87cQMWYm7V5L8rGbpVKZScFvhmI9RxQhhS-w822RHHeuzvTpbSkWx0ZfLjMvE8184FAS5QSNasvKe4FRqPhSM9Zgr9uENemI52idXcJzqTjUROP_GZDcaoES4l2G1NeI2Uo-OMNTMlyEBgakzOby1K1nh_kI0nMlYwtiJhKC7NDvDIJab7vcI72rVLcr4tFS-NCHQIMBS1NToUMYFTJYUqJYMNznHVnq38s6GMixaC4kVMy5cpFu_VOffOwCmVX3oaaYTULyp4-15OkKzHitglt33chsFcGtMYOP3CZokqfncO1qirUEG5hvDwZPyl-yL71BhhuzEE2qPgZ9pBCSp7fgrvZHkPf1k8v_sAVj3X4YkCVf0YvkIEWGD3A9PE8fN5O6tWNNqPA5L8hQqyYSEaoYzTNAP0cx9jVXiSdTuGDOj3n0w-p-2wmaXEdHEsY8uCNkQ74Pg8ISsttp33kFeO837aOEB0f373eGqBTPrDMQXTGogSNc339jtpLRMQyq3Pcx2S4zn3W8WaS7rKMakjrmE_Gnl3u_fNN7ellsUhAAZgszBDqdcrp_d0aE-dlGT5V5s1-w69rTSSuZgGb3zYIyoPI8FLxnlOvwCoNbibRR0A2CfT0vpZ6pVX6_zItGVQp5-KhVY2VJ7slvsIqSRANHuxspPckaWZIw&cid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.5.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
wg-in-f155.1e100.net
Software
cafe /
Resource Hash
8f27a42793517467e388f55e78f2177ed300838e422a7904a6a6a679565e8812
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15523
x-xss-protection
0
pragma
no-cache
server
cafe
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5F03 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkTgvJs5sYtKuMP-f9u8Ph8Sw0A70uZjmaJKHxcbtD42A5LbrAhABIKqAwyJgleKQgqAHoAHc-Kq7AsgBBakCdK3SGmiwsT6oAwGqBJcCT9Bu-eTxAHC6tTdc3QvO-bnNd_HSTYAoR_xa7QeAheu5H6KD8nQc--3VvOmLEV1eRNvRBxmEAuQDBMDEJbkVLKdBP3OHYA521UQ8OZnJCcqfr9CYtXQKx7Iu42T-DK-kcBoXc7ZY8AG-jvCEk8wM-T6ip43W2nEIcQoV2glJWpJE85V1nczQsFnynD1B3Jx5AhM0dsjc5ct-fc_Ab_xrBGD19zHtQi_L8PJonA8FcX_pCQg1_2bsvJyFa4vbUESYqZEBFIMAnc7_thUqYvOcHPkbHTTeCRbt7XV8hcHnkhsPvo_EGGGbmf1ocDpgL1RCfaWuGWUqlXVR5Gn_98k0qNHQwsItw4d5_CAF3Ni_lgih3raYANI_wAS2r6rH7gPgBAOIBaiKlao9kgUGCBsQAhgBkgULCCIQAxgBSOzMqgGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQwMkdGOqO2MMB0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsBsBPNoeMOyBOvyM3fA9gTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=3RJwCPyEm9c&uach_m=[UACH]&cid=CAQSPwCNIrLM1ebrxSL88vSsuUz0Cy--lyrLIBZjHBWPcUiQSRSNft0yboZ2cBo3AfgiGifIba5SJ2_G1Tju1986Cw&vt=10
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
truncated
/ Frame 5F03 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
526da676becebe7aea7903c8e06210f3c1c5a2eaa0128a8b29ef7f9b485ab580

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
rum
dsum-sec.casalemedia.com/ Frame 69C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYi7fKgQEwAQ&v=APEucNX-WfrnYnP2S64-xlRG8nTW7qDwlKXynkPryoTco6TSp3yR9uAAqDZfwCsOMpH9hUNjZ80Tla930O81XU4xsOul771BjHG72YpfhIyS7CS13fvy1IuQBnEE9fL8YiIkb5kuah1hZk9TJnEieVaxcu49JtYF4G_j7ugjPblyXPYkerPxtN0VNVnMej_AieNW-E7PTlP-Qp2ov-4bKuwzYZcCYUV7pA
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 30 Apr 2022 05:50:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 69C5
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YmzOJ-RHwBmGHqiSmhktTwAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
43 B
894 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYi7fKgQEwAQ&v=APEucNX-WfrnYnP2S64-xlRG8nTW7qDwlKXynkPryoTco6TSp3yR9uAAqDZfwCsOMpH9hUNjZ80Tla930O81XU4xsOul771BjHG72YpfhIyS7CS13fvy1IuQBnEE9fL8YiIkb5kuah1hZk9TJnEieVaxcu49JtYF4G_j7ugjPblyXPYkerPxtN0VNVnMej_AieNW-E7PTlP-Qp2ov-4bKuwzYZcCYUV7pA
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:31 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sat, 30 Apr 2022 05:50:31 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEI6NSQTPLR-YQzXL2arBVy4&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 69C5
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEP-5KMsule_DHgzpAsZG2fA&google_cver=1
43 B
1020 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEP-5KMsule_DHgzpAsZG2fA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYi7fKgQEwAQ&v=APEucNX-WfrnYnP2S64-xlRG8nTW7qDwlKXynkPryoTco6TSp3yR9uAAqDZfwCsOMpH9hUNjZ80Tla930O81XU4xsOul771BjHG72YpfhIyS7CS13fvy1IuQBnEE9fL8YiIkb5kuah1hZk9TJnEieVaxcu49JtYF4G_j7ugjPblyXPYkerPxtN0VNVnMej_AieNW-E7PTlP-Qp2ov-4bKuwzYZcCYUV7pA
Protocol
HTTP/1.1
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:31 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
3406ce47-49ba-4855-8792-91f4e2954558
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEP-5KMsule_DHgzpAsZG2fA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 69C5
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIyMjczNDY5NjY1ODYxMQ%3D%3D
170 B
502 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIyMjczNDY5NjY1ODYxMQ%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CICHEhC30jMYi7fKgQEwAQ&v=APEucNX-WfrnYnP2S64-xlRG8nTW7qDwlKXynkPryoTco6TSp3yR9uAAqDZfwCsOMpH9hUNjZ80Tla930O81XU4xsOul771BjHG72YpfhIyS7CS13fvy1IuQBnEE9fL8YiIkb5kuah1hZk9TJnEieVaxcu49JtYF4G_j7ugjPblyXPYkerPxtN0VNVnMej_AieNW-E7PTlP-Qp2ov-4bKuwzYZcCYUV7pA
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:31 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
05c802cd-77e2-4cd7-98a1-ce33f233ddec
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzQxMDIyMjczNDY5NjY1ODYxMQ%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 283D 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9hWspZzGX-X0ToHPyQo3R-4iZ8oODpO7x92rnrQJ-eUrX1Lj18o2X-8pDe96nvSK37rheYo1KLcx2Wd-uTLpQkiZF2EakSJsXf3gM004vy2R03I_nyW9rN1YZTFxdtqTRPPzbfGh-ZF8GTGgvMD2W7-HgAQ&cry=1&dbm_d=AKAmf-BwNHfJcVeIOeAR863QEQGpM1JI_iT78SmebMYursBXLlEmNM86TBnmRZCeDL3l6OenhcqNgeIC53vEO1IXH1RlVB4klw2o80jWPMELJv5ebUiIPjm4vg7J8owXxA4QJXd7ZgnFhzbSkwukttiUX3oHLlX5pe64r0z84siNqn_AkKdFdnTl81oUazt4P7Syf7hHSo49BrPLecGaqTksVeFMwGY1OoSA9lM1VLNG6xDxkTdM8uDDVdDnyqYSXchew7ty--vmQzAzdlt934P4UXNHs2UX9spoY9mW_3lzFQQq8zq3lIXyneTswMrKB258djabFzvlcaeODEX4M2BfD3V-6cRRyzPrMWgJEurz8BWRDDNDcHtkP4XfSmXjYqGY2x8PkwAg78FUEBqEdrZlYIGfz3xALFb1dJza0z2ggkZGO_epMH4x8fTHSISsGOX-gYSgLAiDDQI7e_W4NtrAOFjyG4Ucxg8za91htRH0S_ME2xJhYCO2eFEjErRb2eYiVLTMAqlrWieRPFpE2E3dNfb9tNFkq1cXwGebSL5PhrvePv45E_sb5nUBVgu2MPZw4XMnwQgVceidMw69SzJ9w6UBS08xXYqMnarZW0YvKelxAW4TClHevZMubqvNocVYybxY8lkY1OpK4m6L4-g76t8dpRWyogNMOBt21yBQPG5JdK01kTSKJUYXq7WsMLHStic5aUlm2p7b7y5rq1RjSeceSyxFEYdHZjsXSjIvvwV63KVQ7Q4qBEtkqv8fa2vPhR2Hku_KEt-vRTB7VN8sKOWB14e7cHTAzYZLj3s-J3mbagntLXJ3hpIJVYuITw5ua4M217gJjKr19WGKDZfy6q566hmre2UO6l8TWu7Gx_TRlu0VACISm8UjExXxFzn0l9yiAjpmZly5wo-8fQJQR1yRnRoQHbmeFub5jOhO3CvIy0ayHhyPETHgQBMUdyWJ--8PE9VJg8BBuRW_2F7EEF9Rz0pZxwlLredsU0P8SRXGgY_-YcFBsMYVq7gKhJsjBrjtHKxDlx8ovtjg76mIfI0Sh5NItexPDzbXYeBORU6Np7hClkLgfhUP0ibFCyxJ785_xBpwYh_MxPFErS2M4EvtpLvI7-RJr8vhnZsxg0bWldBMa8my6PcFIi-bAZVOW84mZIVYpG0QSszH0CHUmfnvnwycDQZ7vD1OPwo2xg7C0-h6QuyS6ef12PX-PjezUH8FWt8PPHz1Nc_zVCBFmV0_RxMZkB0HM5o8rFwxJK2O3_ubOXWhngI3_SUT7oVQUsBmuZ-v860NJ3xpTTeKkX5K2CvEYFDKpnJOnjUWJtYwzEZmYC3owIHvnz2Y6AifAeM-gnEMOufrUTyv2g4dV_MnAR8OhHrriJWfzSDbQFH9ifjhlLsrFoQoHp3C_Mk7d0IAP33sn68z4uIV6UuEk8cGJl_2Eu5hCPM2D-4xuYwhbHUeozHoU4-DSmnqdEBMo_RZZXMYY3NnRMmCrQ5B7YKE4goyrwr-fzpiTBDSdil7vpoVY7MqUWs4b_Yg9q9eYwXgVNZo8FGi8fz75et2VfxJkBdpu1CRnneOvsXm0uAvY-z6n9uElpx9_UHGopp64_4WU3Fg2eNaI8fWczw8VTYaYHg79s2D6CiYl5Cb5NMbciLDfgKOPeJHxNRgwivbyvHxYf8Afh7fWrzVCYPAb13e0nldyNdi2Bw75h3PHlTVYxjsaQX7NtPLwyLXNJMwBnHlO36Eq1gC_PoGgac8E18y1Uulpz0N_83_O_hv4VmpZ5VJdzKl-Pl5_Rz5fSx_2VID2bWDTtcAsqA_L3ErALIdKEWRuAmUxRQFaOUnIG-y-srahWh2ftUvj7UJDByRRyANqQbSuQXZHZ3RLe3yIGDQxOHPeNH7fC3VYEwLL3VReuS8ZyxpAqxxzCdJZ41Z_x6LZtIqoIdy4SFqNob-UCgWnb18fL9duh15qXIL8SwNZGzzCS-JaVZBhtTbMxc4-AOqR8R5kT3r1Qm1D9-8xmwCVdMT8nz4CauaSK4L9geNH2SZHwqi37MFrfPtSfbz6xToEVzqSgg1PPAojfZcSUnkF0oS_TKP42lPhmrRCJHBx8-CjMP8KFMz9hYgqrqbW5AoJEVlmuCmQqFuphfkEmuj1BK6gPJWofbj2XMRXWpbHIsDZhXHUQOfXNCLk8tP3L7-9AAKVO1qGbgED-96pM0ZTuUGI9nQLz9lfrmIV-qntsZP9AEEhDHqWl8CArNImUegeMcqjeUx9qssAv1dQOVPsD-BJEzH87-j_QqPMwVQVkzXcu2TaaRqC8g6JDF_uepBScFnfuQda8shv53Rg714UxFd9du9rPs2kOnHh_cORGzj2GLprahbSTxyP2BS4YcqswhXlytwaTRjyJl8JNqraFg4YHoH81N0kCpo0_wgxU_ElS_Tktydj6yXJy1zzV0LO7FjuNES0uwUHesp4zsWAGod5ks62KHIC3RG7DboPmIyN7MI3HU5cOzrTt5elWvSE9qlU5q_y5CZN39Ywc6GN3UR2TWmbSRmb_RFc-eLCE4Ht9QhE4qABYNyGS-iqy4hkXMghGUWYLpncPu4dwlWyWpUxCclq2YnMw0T1pDaNzc0dCHebyEi1IzJti3yGKx0gGFg_227JvqBmHXZTd36vfimg0R39IUD4vMjD6OjtA4VV59cPZg1qoTveq44KVKf7aFBAG5t0a9mDTGz5CxQ2W8kfwd8mD0exR4gqFRBUmD0LFagBescGDhHVR_ikEgA9HzigsUTzkTq675vXxgzxB5DcRrSdSEIpAUA41Ikek8nmTysEUj4SvVyOvJ2EYcOWBnX52sOp6-ftKM62kvkgfLcQd3JDvLuYjARXe9o5agOX8rU8z2m8Pxt4WRqw9EnyW5Z59jT5KOUrZklQ4n4OAXSrOu1tYZVQmsrjXuqDxj3sg8YFRr95P7UFE1UETj1U2Ya11JtUo7P4SQDq-_6yfsVmcivyQg-e9SUnTZLwYnE9j2uZ2JbS1Q-DHwnLb058TFHBFTNMOY2uXnKS5GrfwjdQuJmfxnu4YPGdxZ0_XYZ4tdHf7X9DSb2Cv_3Btmzl4O6UgGmqQqWSi_MsuWghEe6l2ZRQWp85vuYSwJJeP4PuybtduHTP3mi6Sgg8Y6s-N2lH-K_1G6bbDRhXu1ynhSGqksczVuiZxfgFt-tBndtxm0zlSmQyvLO24fOyxffKjQFsFxQbIiPlNhAK27hRD5c9lfRGw68c7mwrpUg2HSkvMapsQeydJWDcZB7y5SeSHc9ivheuADpZym6o3Tb4eAHW7EjpQEUQQ-gguICWPm1WrMahkXaeJmbcgWqQFuzv8HcsfvPa77IRXh8iP07xf5_fo5y4pYwp71H-KMouDPz7ClewrP1WIU6Xoc4UILHAx-z&cid=CAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg&rfl=1%2Chttps%253A%252F%252Fko.cm-ob.pt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
139
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:48:12 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 283D 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9hWspZzGX-X0ToHPyQo3R-4iZ8oODpO7x92rnrQJ-eUrX1Lj18o2X-8pDe96nvSK37rheYo1KLcx2Wd-uTLpQkiZF2EakSJsXf3gM004vy2R03I_nyW9rN1YZTFxdtqTRPPzbfGh-ZF8GTGgvMD2W7-HgAQ&cry=1&dbm_d=AKAmf-BwNHfJcVeIOeAR863QEQGpM1JI_iT78SmebMYursBXLlEmNM86TBnmRZCeDL3l6OenhcqNgeIC53vEO1IXH1RlVB4klw2o80jWPMELJv5ebUiIPjm4vg7J8owXxA4QJXd7ZgnFhzbSkwukttiUX3oHLlX5pe64r0z84siNqn_AkKdFdnTl81oUazt4P7Syf7hHSo49BrPLecGaqTksVeFMwGY1OoSA9lM1VLNG6xDxkTdM8uDDVdDnyqYSXchew7ty--vmQzAzdlt934P4UXNHs2UX9spoY9mW_3lzFQQq8zq3lIXyneTswMrKB258djabFzvlcaeODEX4M2BfD3V-6cRRyzPrMWgJEurz8BWRDDNDcHtkP4XfSmXjYqGY2x8PkwAg78FUEBqEdrZlYIGfz3xALFb1dJza0z2ggkZGO_epMH4x8fTHSISsGOX-gYSgLAiDDQI7e_W4NtrAOFjyG4Ucxg8za91htRH0S_ME2xJhYCO2eFEjErRb2eYiVLTMAqlrWieRPFpE2E3dNfb9tNFkq1cXwGebSL5PhrvePv45E_sb5nUBVgu2MPZw4XMnwQgVceidMw69SzJ9w6UBS08xXYqMnarZW0YvKelxAW4TClHevZMubqvNocVYybxY8lkY1OpK4m6L4-g76t8dpRWyogNMOBt21yBQPG5JdK01kTSKJUYXq7WsMLHStic5aUlm2p7b7y5rq1RjSeceSyxFEYdHZjsXSjIvvwV63KVQ7Q4qBEtkqv8fa2vPhR2Hku_KEt-vRTB7VN8sKOWB14e7cHTAzYZLj3s-J3mbagntLXJ3hpIJVYuITw5ua4M217gJjKr19WGKDZfy6q566hmre2UO6l8TWu7Gx_TRlu0VACISm8UjExXxFzn0l9yiAjpmZly5wo-8fQJQR1yRnRoQHbmeFub5jOhO3CvIy0ayHhyPETHgQBMUdyWJ--8PE9VJg8BBuRW_2F7EEF9Rz0pZxwlLredsU0P8SRXGgY_-YcFBsMYVq7gKhJsjBrjtHKxDlx8ovtjg76mIfI0Sh5NItexPDzbXYeBORU6Np7hClkLgfhUP0ibFCyxJ785_xBpwYh_MxPFErS2M4EvtpLvI7-RJr8vhnZsxg0bWldBMa8my6PcFIi-bAZVOW84mZIVYpG0QSszH0CHUmfnvnwycDQZ7vD1OPwo2xg7C0-h6QuyS6ef12PX-PjezUH8FWt8PPHz1Nc_zVCBFmV0_RxMZkB0HM5o8rFwxJK2O3_ubOXWhngI3_SUT7oVQUsBmuZ-v860NJ3xpTTeKkX5K2CvEYFDKpnJOnjUWJtYwzEZmYC3owIHvnz2Y6AifAeM-gnEMOufrUTyv2g4dV_MnAR8OhHrriJWfzSDbQFH9ifjhlLsrFoQoHp3C_Mk7d0IAP33sn68z4uIV6UuEk8cGJl_2Eu5hCPM2D-4xuYwhbHUeozHoU4-DSmnqdEBMo_RZZXMYY3NnRMmCrQ5B7YKE4goyrwr-fzpiTBDSdil7vpoVY7MqUWs4b_Yg9q9eYwXgVNZo8FGi8fz75et2VfxJkBdpu1CRnneOvsXm0uAvY-z6n9uElpx9_UHGopp64_4WU3Fg2eNaI8fWczw8VTYaYHg79s2D6CiYl5Cb5NMbciLDfgKOPeJHxNRgwivbyvHxYf8Afh7fWrzVCYPAb13e0nldyNdi2Bw75h3PHlTVYxjsaQX7NtPLwyLXNJMwBnHlO36Eq1gC_PoGgac8E18y1Uulpz0N_83_O_hv4VmpZ5VJdzKl-Pl5_Rz5fSx_2VID2bWDTtcAsqA_L3ErALIdKEWRuAmUxRQFaOUnIG-y-srahWh2ftUvj7UJDByRRyANqQbSuQXZHZ3RLe3yIGDQxOHPeNH7fC3VYEwLL3VReuS8ZyxpAqxxzCdJZ41Z_x6LZtIqoIdy4SFqNob-UCgWnb18fL9duh15qXIL8SwNZGzzCS-JaVZBhtTbMxc4-AOqR8R5kT3r1Qm1D9-8xmwCVdMT8nz4CauaSK4L9geNH2SZHwqi37MFrfPtSfbz6xToEVzqSgg1PPAojfZcSUnkF0oS_TKP42lPhmrRCJHBx8-CjMP8KFMz9hYgqrqbW5AoJEVlmuCmQqFuphfkEmuj1BK6gPJWofbj2XMRXWpbHIsDZhXHUQOfXNCLk8tP3L7-9AAKVO1qGbgED-96pM0ZTuUGI9nQLz9lfrmIV-qntsZP9AEEhDHqWl8CArNImUegeMcqjeUx9qssAv1dQOVPsD-BJEzH87-j_QqPMwVQVkzXcu2TaaRqC8g6JDF_uepBScFnfuQda8shv53Rg714UxFd9du9rPs2kOnHh_cORGzj2GLprahbSTxyP2BS4YcqswhXlytwaTRjyJl8JNqraFg4YHoH81N0kCpo0_wgxU_ElS_Tktydj6yXJy1zzV0LO7FjuNES0uwUHesp4zsWAGod5ks62KHIC3RG7DboPmIyN7MI3HU5cOzrTt5elWvSE9qlU5q_y5CZN39Ywc6GN3UR2TWmbSRmb_RFc-eLCE4Ht9QhE4qABYNyGS-iqy4hkXMghGUWYLpncPu4dwlWyWpUxCclq2YnMw0T1pDaNzc0dCHebyEi1IzJti3yGKx0gGFg_227JvqBmHXZTd36vfimg0R39IUD4vMjD6OjtA4VV59cPZg1qoTveq44KVKf7aFBAG5t0a9mDTGz5CxQ2W8kfwd8mD0exR4gqFRBUmD0LFagBescGDhHVR_ikEgA9HzigsUTzkTq675vXxgzxB5DcRrSdSEIpAUA41Ikek8nmTysEUj4SvVyOvJ2EYcOWBnX52sOp6-ftKM62kvkgfLcQd3JDvLuYjARXe9o5agOX8rU8z2m8Pxt4WRqw9EnyW5Z59jT5KOUrZklQ4n4OAXSrOu1tYZVQmsrjXuqDxj3sg8YFRr95P7UFE1UETj1U2Ya11JtUo7P4SQDq-_6yfsVmcivyQg-e9SUnTZLwYnE9j2uZ2JbS1Q-DHwnLb058TFHBFTNMOY2uXnKS5GrfwjdQuJmfxnu4YPGdxZ0_XYZ4tdHf7X9DSb2Cv_3Btmzl4O6UgGmqQqWSi_MsuWghEe6l2ZRQWp85vuYSwJJeP4PuybtduHTP3mi6Sgg8Y6s-N2lH-K_1G6bbDRhXu1ynhSGqksczVuiZxfgFt-tBndtxm0zlSmQyvLO24fOyxffKjQFsFxQbIiPlNhAK27hRD5c9lfRGw68c7mwrpUg2HSkvMapsQeydJWDcZB7y5SeSHc9ivheuADpZym6o3Tb4eAHW7EjpQEUQQ-gguICWPm1WrMahkXaeJmbcgWqQFuzv8HcsfvPa77IRXh8iP07xf5_fo5y4pYwp71H-KMouDPz7ClewrP1WIU6Xoc4UILHAx-z&cid=CAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg&rfl=1%2Chttps%253A%252F%252Fko.cm-ob.pt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3012
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 05:00:19 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022042701&jk=554948934738954&bg=!Z2SlZCDNAAZNIUvJbSE7ACkAdvg8WlO-uIAeFQg_DzLeQb0v6oOF8l3bPpwJwePlWJzgk5rNzlkn3gIAAAB6UgAAAAJoAQeZAs49R5jp2I7gG_BXDkCNHUXYPnFJ1Y5PWyh2ACfOhJ9D4mxFb7ibHQorxccBELsZLpDJf5T3iV2o4isExd1WgSMaAIyB9eg2B3RWkaEx0eDmbulQTdHJd-Cj71fwPWVtsCGMVXka1KN51nPXVb5tC3NAy6W9eytmDK8RFNr1WUXmaA5AjJj1v6pTZeLksB48LTZhUneUeReRYYO2dlu3nK1VIV-e1DiuvauUXNPYseZkOi4pvk0ViEtABJCUGaV6PVFgW6c7OSpEYec20CcbvZeV2bTwZzXfc5F0a_wSurcHTUotyYQYGbC24YQf4PVHzL_AR-kFTOHkAjamMi7I-W2VHOpdDoi5_dcE8lqIv8ZvHWpY9_vVjZNCCvakO5x-x7TyIlreg3H6DZjShf68XVVufTIPusLM1k4XhH6s4gN4_kWiQsoib_P0l7T0QHejw-DtVqxkT_WhKN6epvMUskdlGLKDWVBscgDuuuYkErtprmbBjIcT5SSjbfiZsxfx_3812w3-CvqdfZzi45b66IFtYgeWztLKk38U4DZWVLWRuDF3Od4-8xvxhPD9djO4JbUK1eSFtrwC85OP8LYiwy0kxrw0E1vAXOfcsPZNN31U_RKdahH9IkWQSCMmt07U-dkp6GSij9QTMWKaXjYAjMsfiTrgfKeFsrKtcKiC-zL89hoGYeWMtX8duPus1JKq6fkhXwnBvosLbvU540PDHzYQhmx5fnW0n4QMLsq16qRTWQWTaqS6ml9hTMWmg2LP_1gNzdpH8PajGZsAttdQLRex_GDAVP225Jagk4tYnhoy_kYRMRCVy6XxV23kpD_on8CnNzAcCS1SDLz7YObsyLH-4IAsDNye4JRRW-h7JmnW-4_RY_Z4NirSankZ08AdAbo2YakBr8zJ4J8Rv46gWC8blcEQSlhCaRXLewUxWcRtoHUjmclw7ELo8EZuOJ11
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
r62eglto.js
ad4m.at/ Frame 283D 		35 KB
13 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/r62eglto.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=RQuziQ==, md5=aEKpUkwBcgJ5WaD3yT+HcA==
date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64725
x-guploader-uploadid
ADPycdu7l52mBWBll-hqLCXbkcaCo1chMkH9vph7wY-bDbYpIDMlsMkYLwETYJk3JCL-nEBWenkqir8abiKXoCX8qWuc-1yaGA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 05 Apr 2022 11:51:07 GMT
server
cloudflare
etag
W/"6842a9524c0172027959a0f7c93f8770"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mpKVrofYsNTWiN1QkxHFbe1KxY3h%2FlIV4BsP4NfPiIb9oQOYxDGzTQRdBdU09Y9ov12ugBjLZO2HLKcwrSwTMoVZHodMypIu1LZ6KeLAxyiWJGtyynNHAFtUWAzdjnLwQPH5760%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1649159467260020
content-type
application/javascript; charset=utf-8
expires
Fri, 29 Apr 2022 11:51:46 GMT
cache-control
public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length
11886
cf-ray
703e00187b1291dd-FRA
cf-bgj
minify
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 8737 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166226
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 07:40:05 GMT
expires
Fri, 28 Apr 2023 07:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 8737 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 12:43:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
61632
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 12:43:19 GMT
HdsydzJK.js
tpc.googlesyndication.com/sodar/ Frame 5F03 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/outstream.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Thu, 28 Apr 2022 10:42:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
155291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15407
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 28 Apr 2023 10:42:20 GMT
file.mp4
r3---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5F03
Redirect Chain
  • https://gcdn.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
  • https://r1---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,ita...
  • https://r3---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,ita...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://r3---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/78D67F755518EDDFAC9B555530C922ED1BF367ED.DBF77110583D031382D1B4A61EB54A5A0A14ED/key/cms1/cms_redirect/yes/mh/v_/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1651297526/mv/u/mvi/1/pl/48/ir/1/rr/12/file/file.mp4
Protocol
HTTP/1.1
Server
2a00:1450:400e:a::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 30 Apr 2022 05:50:32 GMT
X-Content-Type-Options
nosniff
Connection
close
Alt-Svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1728179
Last-Modified
Wed, 02 Mar 2022 11:10:25 GMT
Server
gvs 1.0
Vary
Origin
Content-Type
video/mp4
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=86400
Access-Control-Allow-Credentials
true
Accept-Ranges
bytes
Timing-Allow-Origin
null
Expires
Sat, 30 Apr 2022 05:50:32 GMT

Redirect headers

Date
Sat, 30 Apr 2022 05:50:32 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 02 May 2007 10:26:10 GMT
Server
gvs 1.0
Location
https://r3---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/78D67F755518EDDFAC9B555530C922ED1BF367ED.DBF77110583D031382D1B4A61EB54A5A0A14ED/key/cms1/cms_redirect/yes/mh/v_/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1651297526/mv/u/mvi/1/pl/48/ir/1/rr/12/file/file.mp4
Vary
Origin
Content-Type
text/html
Access-Control-Allow-Origin
null
Access-Control-Expose-Headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control
private, max-age=900
Access-Control-Allow-Credentials
true
Connection
close
Timing-Allow-Origin
null
Content-Length
0
Expires
Sat, 30 Apr 2022 05:50:32 GMT
csi
csi.gstatic.com/ Frame 5F03 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l2lg3dgn&c=6489605522042&slotId=3244802761021&qqid=CNLZ_eSLu_cCFf-P_QcdByIM6g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=953&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&met.4=videopreviewvisible.10h
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91AD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022042701.js?cb=31067353
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:30 GMT
expires
Sun, 30 Apr 2023 05:50:30 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 283D 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7de3a0f29d77ab3a4225b0c3dd67b7e3bdd1c2b1948512ea06e0951e1dc4510d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
frame.html
ad4m.at/ Frame 7160 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/frame.html
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
159125
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
public, max-age=3600
cf-cache-status
HIT
cf-ray
703e00192d1391dd-FRA
content-encoding
br
content-language
en
content-type
text/html; charset=utf-8
date
Sat, 30 Apr 2022 05:50:31 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Sat, 30 Apr 2022 06:50:31 GMT
last-modified
Wed, 06 May 2020 15:09:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mj%2BXycsFRmlorbUk6bX7dICqQfiiEx%2BWHExShbMLZytKe81J73%2FoV%2FBxBn%2Bui%2F6R1csl01e%2FQjPvlIS8T2koIn93chOJV2lnT%2Fms9c0DPtpstVMWcAZfv6Ob14fRMV4eXOX%2BaFE%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-generation
1588777770164783
x-goog-hash
crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-meta-
x-goog-metageneration
3
x-goog-storage-class
MULTI_REGIONAL
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
1681
x-guploader-uploadid
ADPycdtyt0YYJGM7L4Qh4KppAxdHUa6qSHGwk_MVt1bnpkWR4u_j_tebe8lZvHDpkzKsfKnRm3Uay31h5MKGRnI-yLI
log_event
www.youtube.com/youtubei/v1/ Frame 1181 		28 B
54 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8
Requested by
Host: www.youtube.com
URL: https://www.youtube.com/s/player/9cdfefcf/www-embed-player.vflset/www-embed-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json
X-YouTube-Utc-Offset
0
X-YouTube-Client-Name
56
Referer
https://www.youtube.com/embed/hTJ60p5FAT4?modestbranding=1
X-YouTube-Client-Version
1.20220427.01.00
X-YouTube-Time-Zone
Etc/Unknown
X-Goog-Visitor-Id
CgtIRXB5dE5kUUJURSiknLOTBg%3D%3D
X-YouTube-Ad-Signals
dt=1651297829306&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C556%2C311&vis=1&wgl=true&ca_type=image

Response headers

date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
x-frame-options
SAMEORIGIN
vary
Origin, X-Origin, Referer
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control
private
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
31
x-xss-protection
0
expires
Sat, 30 Apr 2022 05:50:31 GMT
H0ZEmIz7.html
tpc.googlesyndication.com/sodar/ Frame 763B 		23 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
155291
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8727
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 10:42:20 GMT
expires
Fri, 28 Apr 2023 10:42:20 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 644A 		640 B
316 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiX79XIATAB&v=APEucNU1YrYEGGOWw8whTGDyza_VgJf437r8OfUUfDfNiFh49og92ViBGsLiczbyN-ikGdP6TRnlCEnUqdg7TSThwVVvTz_gXncLRgX1VYeZTOnD8lQvQT-92UfdsYetn7qApf9xp3K91Bvf-vW2YvT0RzaTwD11hJLOq6IW8JrChV5IG6wlhJA7kqoqKjtOjYbaiHWCsLU2Gxy2-u8U5MyLQDeiV4_UqQ
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
gzip
content-length
295
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:31 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ad
googleads.g.doubleclick.net/dbm/ Frame 91AD 		83 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ayk9nAt1OGi2Ng3-Kklde9ODQh9hbZF16X3ky_t0RmdosCRjhGjPZNTOSrpJ4a1286dVMuGg3IabtKsvJuXNIVUG1wAogO_-TOsKlIVtwvq9aPNy6txH9YvTf6MT13b6e7CvYmErA7etDZVjo_GUk_zr65NQ&dbm_d=AKAmf-AkeavA_WDc2a8YIoB38MDaSbA46MpSRUxdtvTjN3SjRyJHXaYGv9uBVpgGJ7yQdD5vThxLDgiI9my5qPSBIlq5BF22-FnoA5IH2zWG5xjixVE0AA_UpLAJi3XfqUFxwHzsMorZ-PBSJCmmUwfmDCl3Sd1Nq96FDEK4iod7cjhsY-k9osmLjggCFTBPvjOnSOxpXQI1if5m3TIArfRzIxiMpQ9ZzQ39yd3itRX5RPEk4r2LMyiPngcMK_M0yIObsC1vmeX3j-DqPPy245leA3AvNjqJy43PUeGIGT_gWvTr_LAGyUBKildJf97mX6A8fCSnZ9fJROLnKzmZVsw8bkwXy82RMquprIlNFwo19W_FX98fRrvEmf1DaDqmC8WGrOr8wICFpRxzbNs1BD8_R6ie6jtsjN9taa3ua7jWEswrlxM27Sfvbc3NsqEBg3LXR_r8d1pV4LMPy2pHQisJ6wfSbOKQR1ILBFwQZQOcKm1cqvXXCS5VdxbWzspvVgw5lIego_D_xChVY8bhSTJUrZT7pJKED7T82Zm3yQ_a7tUWGyx-igGO-G9S-X9frG87lGDVDupX_sAjKiVv-O4dD1FVUt0WVIRLMBh3BKJV_zu_XlglIwVKcGMb5tyF4j6_ejH7EweCbQXAG_Z-YFzb5kIOv1CwxN-8I7Qb366SehLDtaIYfSXWfZymd8dpzdNlZCxJ7MlPfztxXTePJ0pBhOHQoVuvzhghnJqOr5ys6bQWUXS22b3CIpxUJZeM35g2NLU24CEJ_8DUYeFxI3IDyfbmoj1i3gRGknWkugIJ8BTThn7c-24eVGFtQxR621Xi_tkLLA0z3alEQ8sylkJ4WUXUk0PT0_BeS4qKR2LoUcL6TobiPRaL4tLsHosBu42qzTGyY32_X1BBj2OLEV7F_pcU-TFQSA9Sns36bzCSMR8sY8yN6ukIU8MTyBnkJTFPnj5eMoHqRNrUHG0woeO_aXFp8EEqQlxXADoBjVadXrVZPfTc_LjH4dBe4KJDMTfjauFy0Sks7507MJotNOivCCWniohBEeLBZ5C9OSwEVkW8BbuD_xgqsmX285os0DWT_vIvwNfQLV-oexbBt4M6WBJc42xTup5UqfyEFio7gkOipKMMA71X9X-mMSxJU2A-BS9HCevtHvKwUE79BZkAtJDIM2wIvn94NKtLvU30p-qT7gCEW6kPTOpSQtDhHENEmYNcRnhK4cHItP4GD5jrYTCsvEO4vtixx6oankO--CCPsJArZUGyB7ZoShZMi3yyxVNqV-33wk-sZcOox9wlD2EIg96lT7_b4VHgMJbq19BFbp1OWguAv_B1hT2vodlqKGLk6ltHEIRAlw672bvFZbvhC7USoWPA4rKrF4Efv0czVv49HVl2-MyB4lO0W62NB3iFqAjWcL901zECDg-BPGnIIPX2GPbYrrFKkElBRjtKeGs7V1AjZ1WlDxNaaydmNbMv2NfTzZaWNmpr4o8gcSr8Uu-VXUFJRBFY5ldM-ceZ2p8Whnbph7oBLt7DA9BuiRro_jfyiwWYH5iy17YoVn5ZALKP7DrgOp7d5q2OQSRp_RVGGiccdXJ2vsnntGcWEpuYcc_0yYF6jVIdZUpN6KsGkN6tsu-97QWKwlrgPXtjBOnBsvobSW4vx-GGGblU5MWPVaR1mf2957iqmnpZk40oPqdokE7Qr2aOHQSGOV3qFW8j_aQbnrcjVf-jj57ZWSzj9uEfaofdEkhiatK-1-j9N-gMCjz5MVM9PVnbk6-ZHBcRVnNXvugEc14fWWWl4MD3gxoK0xNnmyyRtMiLwXrookZHwG6TzvImKIJfmpHz4V3nlvOtq9BXMBYf9OrYj4BzTv8jugDCEVSPTSneICoXQaW-bZW7DwB-YZERmFxWfa7xRlJXXRPWb80PJbsZDQgVO4Rxh2feH3-w745zplEVQ57yfHlmMbWif5Znum8IHNLkSVkVHjSF2fWiRHH6x9RzGvchVMY2Ri9UyScyCgeK4nYkokmSayeabOmWak6shxWOWgQY1-P2E4Hh3oY88b6gWNWOGZ6N895ZvPaxhg_h9BcQ0pjwbwPRb2hQNO0veaHYhd-sSKhW0Exhmk55QIPKhIgpdZXvn1_Etz7FPmHAkFrBw4EOdcm3OD1gnFvMfL3Egxvk-uoxYM2zzysCDyb89aahDiQj_F6DJ_JCbkeSV6oyOH3JUC2MZ5Rcr7ow7ECobDE-Byz3d7BrOwA6CN9zf2UnomS84HLqps2hpwiAlJNfhcb_9cj1GAeu0OGNAFKwqhD4aewf7TJ_maVtlzW8wJVaGuYoQaGKkvM9B3ligsAnmBLTMrpyDWMOYBRievekJ5MiXdgsKn-O-Z7tBHxIWiVT6td6c4icyNc7nKAHrnpx5wgM98HEyLWYwQ-WyMp1K8mVWXOwo7FgGFnbByqb0oP4kQ5DJ6hUHc5b4lJbDFf5jJYaXiaWZuWcsG49XZqMDunKThG4tRiz2dtNYPrEN7dpsVjdkF3U7m9VY91mW7HWsmZCjUo9SqSIYvgdyhwtBsne3ezAn8qSM70h9VaE8U4A88dMhbFkEff6y0ymlsLXAlUp0hwJ-ztusytWJl2pNhBZHBVmpLU5aPML3BQt_fuMp8zgyndL5FOboDamGVqPI53i0Q5EyKPMvX6sTC5dib4-NQbTBZn_19O6X4sj5AI1YFqg_SeZQbvtjqMFKyQ-8EZkcNhGePjzsTwFXTyZSdTILaqoCMjY5kqJAV0qCC5p1XMQG7YM192JVvNHgEF5gjBBcbDxMZ2DBvQBb80nVSnB_iXMANvxTUV3wmQucDtpuxi_48UuEP0jLCDJ7gJ3Aq9GZrRoLNCSBNPuJLYp1q6Cpc1ctJnSkO5WYRd4veWFOGvpn0vUTzOxZv1H5fyhkfOicP27RVPRHbNTeLfEvMcs3PRWS89Ua4sY__nSYuyvRu3_lafrQam1GMHR66yctLCGUvKFObDM1Q0k4UUeDiCloTOiBJ4_XtWG-seVkBhmSdDHYtYRriN-BXsqgePJsFcRApicFPnSzHe8KKU1nNs-x_zg6WpwDEcs-1Ryuu38FZwgnh7Z7dK2oCcpRyCH1iAjHyJXF0bp37d3IjMLnDYtf2qySs7jawlvgTMW-X3fBnxAbizpOxXq0OIgUPk73yJaR79a1q63RTCdHS_23f_wuo-J3muuFMB5AQ1fhn9nKjTt8wcEyiIn8-L1Ou0Ye6aat8xRSTAWUAK1yxBjbwHc0bGLvHxuqgTJ8o7p2MJrJvnOP4RUtikI5-RCSkkazzFvG5I0xKF3mzFsXkiZop2xNEnOcESo5NyPuItc_DftQLSeVPJmKXAxrpWCqOArKU68cLx-ZNEFW0iYVET7BZma8ujFbDbrzRJygS4AY_fB9H5ShlhPEeqa3Ds5eUB4cw2wywH-jS53Qg8Z1dzOCpBOcuxKnCGdoycZxPPS6JqiRtDTOgc3yNcxq-WbM7JBUDKcK4xavyElgjkYjd3op-Eb8yNjQJtDgiA3iugT3ttOQXuhbphrfyb1CW44h_-Dfeb17qTq4MiSQg6rmgCB8JXzsL3DRmP8RUCOI3cxskeb&cid=CAASJeRomJfFE6RU-7eoH0RLHHixgryjrm3dkORXbj3nFfmCspwErCg&rfl=1%2Chttps%253A%252F%252Fko.cm-ob.pt%252F%240
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
907f4eb06d710eed09e15829248419e4c51a87c76c342270af3a674fb7a4a41b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34049
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 91AD 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CKTlLd72_rCg5MOS0LHjeNlG541C87SAVuIczwHx_10ly2OYcXfqpobJSzjFGDFHEcd-AKNmasiQut_KMkk9PFrYbLMLImTHBdgTifV0yyVCHqO8c
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:31 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 91AD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:31:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1157
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:31:14 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 91AD 		120 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 05:50:32 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 91AD 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:24:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1581
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:24:10 GMT
l
www.google.com/ads/measurement/ Frame 91AD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwgFU6JoMxlfos0a3uGMROaiKn6CNcTseZXC42q3HoEfO4Tw06PqxwxInghK2gxKjZcEwvRfDdBlP72P6Ea88ewEZ-gw
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame 763B 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 17:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
44364
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 17:31:07 GMT
rs
ad4m.at/ Frame 283D 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b8d5737f90ef11347330f34aa3207d511a9629e75eda72dbf35cbc62be32e7d6

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

cf-ray
703e001a2d9c906c-FRA
date
Sat, 30 Apr 2022 05:50:32 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Nk5j0jCVjJjiNdbsIjO0nRRu25sAjNNyCr1deQLpHL44UNrnnmEDo5pxFRb8Lr2GVofzhMlN4mluuwG3DlA9WKKl24AqQn3Z462LOoNHqsgHjwxIIkTYhbgDTcDB8Eu58vVWUVk%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain
access-control-allow-origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials
true
content-encoding
br
x-backend-server
aa-reachservice-group-europe-west1-lmw8
rs
ad4m.at/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ad4m.at/rs
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
access-control-max-age
1800
allow
HEAD,POST,GET,OPTIONS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
703e0019dd38906c-FRA
content-length
24
content-type
text/plain
date
Sat, 30 Apr 2022 05:50:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gh27MOo7dEAq0fIg6ivG17zbc%2BWN%2FQwJUYtPF2TU5K%2Fkk900eCrsWXxF86TxU5CcOduXacptxU1t96WRykEtCtB%2B18g0OuvyKMBBRN2vHnirgXThC18%2BpM729gRMWEu7YNoguis%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
via
1.1 google
x-backend-server
aa-reachservice-group-europe-west1-lmw8
sd
us-u.openx.net/w/1.0/ Frame 644A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF996c44CiT0hTiVmnew0ac&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF996c44CiT0hTiVmnew0ac&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiX79XIATAB&v=APEucNU1YrYEGGOWw8whTGDyza_VgJf437r8OfUUfDfNiFh49og92ViBGsLiczbyN-ikGdP6TRnlCEnUqdg7TSThwVVvTz_gXncLRgX1VYeZTOnD8lQvQT-92UfdsYetn7qApf9xp3K91Bvf-vW2YvT0RzaTwD11hJLOq6IW8JrChV5IG6wlhJA7kqoqKjtOjYbaiHWCsLU2Gxy2-u8U5MyLQDeiV4_UqQ
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
via
1.1 google
server
OXGW/18.1.0
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEF996c44CiT0hTiVmnew0ac&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 644A 		43 B
305 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiX79XIATAB&v=APEucNU1YrYEGGOWw8whTGDyza_VgJf437r8OfUUfDfNiFh49og92ViBGsLiczbyN-ikGdP6TRnlCEnUqdg7TSThwVVvTz_gXncLRgX1VYeZTOnD8lQvQT-92UfdsYetn7qApf9xp3K91Bvf-vW2YvT0RzaTwD11hJLOq6IW8JrChV5IG6wlhJA7kqoqKjtOjYbaiHWCsLU2Gxy2-u8U5MyLQDeiV4_UqQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/18.1.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
content-encoding
gzip
server
OXGW/18.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
via
1.1 google
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 644A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEH_JoeTg_U3NfqLwrjx7hkk&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEH_JoeTg_U3NfqLwrjx7hkk&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiX79XIATAB&v=APEucNU1YrYEGGOWw8whTGDyza_VgJf437r8OfUUfDfNiFh49og92ViBGsLiczbyN-ikGdP6TRnlCEnUqdg7TSThwVVvTz_gXncLRgX1VYeZTOnD8lQvQT-92UfdsYetn7qApf9xp3K91Bvf-vW2YvT0RzaTwD11hJLOq6IW8JrChV5IG6wlhJA7kqoqKjtOjYbaiHWCsLU2Gxy2-u8U5MyLQDeiV4_UqQ
Protocol
H2
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 30 Apr 2022 05:50:32 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://sync.teads.tv/um?eid=3&uid=CAESEH_JoeTg_U3NfqLwrjx7hkk&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 644A 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQj_jnAhiX79XIATAB&v=APEucNU1YrYEGGOWw8whTGDyza_VgJf437r8OfUUfDfNiFh49og92ViBGsLiczbyN-ikGdP6TRnlCEnUqdg7TSThwVVvTz_gXncLRgX1VYeZTOnD8lQvQT-92UfdsYetn7qApf9xp3K91Bvf-vW2YvT0RzaTwD11hJLOq6IW8JrChV5IG6wlhJA7kqoqKjtOjYbaiHWCsLU2Gxy2-u8U5MyLQDeiV4_UqQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.56 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-56.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.7 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
cache-control
max-age=0, no-cache, no-store
expires
Sat, 30 Apr 2022 05:50:32 GMT
server
akka-http/10.2.7
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 8737 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMEycJ85sYqT6Jd6G9u8Pi_GjmAEAAAAAOAHgBAI&bg=!9fal9rLNAAZNIUvJbSE7ACkAdvg8WjyMRGlOcWia6buv-1kMVBTHqHSAWrRAFeZPCBA9JPcmvjXq-gIAAAB-UgAAAAVoAQeZAw0vPKeH15ygJHpJil60qp7Xpq46I_eqXd6en4aF0hQk5r7vLyt2nJnylq8Gxim3znpbTCRd5MLBR5rcsAzsqRM4JScNq8nsdDPmh7ylkANZIjYw-osZy3rmxY5z7kpzJTtyICOkt0Ny8ohdOA8h7LQwFwYJNcQSCehmZQUt1ODtyhVs54-TCjxTnYM451nKAVxab_iyH1lFUZucKjmRpfSuhquji-EJ_ON3-9uYUZJk18YO_r8kBfutLeDObH2wnVX20qbx5MLu3Uetu73JtRS2wTbpR38a1y7-MHZ6Q-lAwtWuyYWeEJG52mSC2wQvlQMRgn5iwg468IH3x9WKabyq143nrPmGvLNh4d3V8aCds9wnIASU35GGgbx187xMcnsqFvJVJD6nQdQ3_319O8P9rNEKGRYLWXuArnXgyfxmXarehE5x7sj00kTvPnCY_JdjpTCOpiQw1wNpz3IqPuM9eCslyqI5ijD6Cvux9CCWlk7EiBjQPTICysoY7WPMoceh2uQvXsPJM9fyTFuMpvLTW7ifYOcI--OIaeBSA6HP2c5w5YJ1FKNvsB_6R--dgXKTlv9unlM2DpxSeZJnTh96M8UBaF4moca1qgIulmAFtrCtGEsMXUoIAtuu_kLbJvOll9xoCVaHQsJ2hI0JWN76DU8Rg57uiLwyk98mn1qRrnTF4taiN6LH-yaq0cgm0IQZ0FUxyjDkamPYZOWO20zvkjvV5iV9_omN5gOGW1dtPqVUNzVopzC8EEea-Is5nEXV_vCIeqcGFiFj0fE4NeZbF1xXd1W7shbDjDKP1AcEEPH753M1Qk0v1u0dwIfzsJKtd0hJtllXZGs8hc9uKIxX1q9s_b5Dq1nvdGif2OEHO-m4xfPpm4bmjYBQRwPxZz_yLY87lP8ZMPdp6l_PZ1C1vG8CdQLeoIZQXAhjdK-Ya6aCZNzwWAXap7Xe7QAIywIj5-i-Bxjjxgm63XB7TUxGQ9EVap3uhV5K-cHJi_kcbaUpIfBVNGRwpyFpAZMQYzJi3kiuySsI5Y24N8jm
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
express_html_obb_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 91AD 		119 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 07:49:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
79273
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42405
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:28 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 30 Apr 2022 07:49:19 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/ Frame 91AD 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/elements/html/omrhp.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ayk9nAt1OGi2Ng3-Kklde9ODQh9hbZF16X3ky_t0RmdosCRjhGjPZNTOSrpJ4a1286dVMuGg3IabtKsvJuXNIVUG1wAogO_-TOsKlIVtwvq9aPNy6txH9YvTf6MT13b6e7CvYmErA7etDZVjo_GUk_zr65NQ&dbm_d=AKAmf-AkeavA_WDc2a8YIoB38MDaSbA46MpSRUxdtvTjN3SjRyJHXaYGv9uBVpgGJ7yQdD5vThxLDgiI9my5qPSBIlq5BF22-FnoA5IH2zWG5xjixVE0AA_UpLAJi3XfqUFxwHzsMorZ-PBSJCmmUwfmDCl3Sd1Nq96FDEK4iod7cjhsY-k9osmLjggCFTBPvjOnSOxpXQI1if5m3TIArfRzIxiMpQ9ZzQ39yd3itRX5RPEk4r2LMyiPngcMK_M0yIObsC1vmeX3j-DqPPy245leA3AvNjqJy43PUeGIGT_gWvTr_LAGyUBKildJf97mX6A8fCSnZ9fJROLnKzmZVsw8bkwXy82RMquprIlNFwo19W_FX98fRrvEmf1DaDqmC8WGrOr8wICFpRxzbNs1BD8_R6ie6jtsjN9taa3ua7jWEswrlxM27Sfvbc3NsqEBg3LXR_r8d1pV4LMPy2pHQisJ6wfSbOKQR1ILBFwQZQOcKm1cqvXXCS5VdxbWzspvVgw5lIego_D_xChVY8bhSTJUrZT7pJKED7T82Zm3yQ_a7tUWGyx-igGO-G9S-X9frG87lGDVDupX_sAjKiVv-O4dD1FVUt0WVIRLMBh3BKJV_zu_XlglIwVKcGMb5tyF4j6_ejH7EweCbQXAG_Z-YFzb5kIOv1CwxN-8I7Qb366SehLDtaIYfSXWfZymd8dpzdNlZCxJ7MlPfztxXTePJ0pBhOHQoVuvzhghnJqOr5ys6bQWUXS22b3CIpxUJZeM35g2NLU24CEJ_8DUYeFxI3IDyfbmoj1i3gRGknWkugIJ8BTThn7c-24eVGFtQxR621Xi_tkLLA0z3alEQ8sylkJ4WUXUk0PT0_BeS4qKR2LoUcL6TobiPRaL4tLsHosBu42qzTGyY32_X1BBj2OLEV7F_pcU-TFQSA9Sns36bzCSMR8sY8yN6ukIU8MTyBnkJTFPnj5eMoHqRNrUHG0woeO_aXFp8EEqQlxXADoBjVadXrVZPfTc_LjH4dBe4KJDMTfjauFy0Sks7507MJotNOivCCWniohBEeLBZ5C9OSwEVkW8BbuD_xgqsmX285os0DWT_vIvwNfQLV-oexbBt4M6WBJc42xTup5UqfyEFio7gkOipKMMA71X9X-mMSxJU2A-BS9HCevtHvKwUE79BZkAtJDIM2wIvn94NKtLvU30p-qT7gCEW6kPTOpSQtDhHENEmYNcRnhK4cHItP4GD5jrYTCsvEO4vtixx6oankO--CCPsJArZUGyB7ZoShZMi3yyxVNqV-33wk-sZcOox9wlD2EIg96lT7_b4VHgMJbq19BFbp1OWguAv_B1hT2vodlqKGLk6ltHEIRAlw672bvFZbvhC7USoWPA4rKrF4Efv0czVv49HVl2-MyB4lO0W62NB3iFqAjWcL901zECDg-BPGnIIPX2GPbYrrFKkElBRjtKeGs7V1AjZ1WlDxNaaydmNbMv2NfTzZaWNmpr4o8gcSr8Uu-VXUFJRBFY5ldM-ceZ2p8Whnbph7oBLt7DA9BuiRro_jfyiwWYH5iy17YoVn5ZALKP7DrgOp7d5q2OQSRp_RVGGiccdXJ2vsnntGcWEpuYcc_0yYF6jVIdZUpN6KsGkN6tsu-97QWKwlrgPXtjBOnBsvobSW4vx-GGGblU5MWPVaR1mf2957iqmnpZk40oPqdokE7Qr2aOHQSGOV3qFW8j_aQbnrcjVf-jj57ZWSzj9uEfaofdEkhiatK-1-j9N-gMCjz5MVM9PVnbk6-ZHBcRVnNXvugEc14fWWWl4MD3gxoK0xNnmyyRtMiLwXrookZHwG6TzvImKIJfmpHz4V3nlvOtq9BXMBYf9OrYj4BzTv8jugDCEVSPTSneICoXQaW-bZW7DwB-YZERmFxWfa7xRlJXXRPWb80PJbsZDQgVO4Rxh2feH3-w745zplEVQ57yfHlmMbWif5Znum8IHNLkSVkVHjSF2fWiRHH6x9RzGvchVMY2Ri9UyScyCgeK4nYkokmSayeabOmWak6shxWOWgQY1-P2E4Hh3oY88b6gWNWOGZ6N895ZvPaxhg_h9BcQ0pjwbwPRb2hQNO0veaHYhd-sSKhW0Exhmk55QIPKhIgpdZXvn1_Etz7FPmHAkFrBw4EOdcm3OD1gnFvMfL3Egxvk-uoxYM2zzysCDyb89aahDiQj_F6DJ_JCbkeSV6oyOH3JUC2MZ5Rcr7ow7ECobDE-Byz3d7BrOwA6CN9zf2UnomS84HLqps2hpwiAlJNfhcb_9cj1GAeu0OGNAFKwqhD4aewf7TJ_maVtlzW8wJVaGuYoQaGKkvM9B3ligsAnmBLTMrpyDWMOYBRievekJ5MiXdgsKn-O-Z7tBHxIWiVT6td6c4icyNc7nKAHrnpx5wgM98HEyLWYwQ-WyMp1K8mVWXOwo7FgGFnbByqb0oP4kQ5DJ6hUHc5b4lJbDFf5jJYaXiaWZuWcsG49XZqMDunKThG4tRiz2dtNYPrEN7dpsVjdkF3U7m9VY91mW7HWsmZCjUo9SqSIYvgdyhwtBsne3ezAn8qSM70h9VaE8U4A88dMhbFkEff6y0ymlsLXAlUp0hwJ-ztusytWJl2pNhBZHBVmpLU5aPML3BQt_fuMp8zgyndL5FOboDamGVqPI53i0Q5EyKPMvX6sTC5dib4-NQbTBZn_19O6X4sj5AI1YFqg_SeZQbvtjqMFKyQ-8EZkcNhGePjzsTwFXTyZSdTILaqoCMjY5kqJAV0qCC5p1XMQG7YM192JVvNHgEF5gjBBcbDxMZ2DBvQBb80nVSnB_iXMANvxTUV3wmQucDtpuxi_48UuEP0jLCDJ7gJ3Aq9GZrRoLNCSBNPuJLYp1q6Cpc1ctJnSkO5WYRd4veWFOGvpn0vUTzOxZv1H5fyhkfOicP27RVPRHbNTeLfEvMcs3PRWS89Ua4sY__nSYuyvRu3_lafrQam1GMHR66yctLCGUvKFObDM1Q0k4UUeDiCloTOiBJ4_XtWG-seVkBhmSdDHYtYRriN-BXsqgePJsFcRApicFPnSzHe8KKU1nNs-x_zg6WpwDEcs-1Ryuu38FZwgnh7Z7dK2oCcpRyCH1iAjHyJXF0bp37d3IjMLnDYtf2qySs7jawlvgTMW-X3fBnxAbizpOxXq0OIgUPk73yJaR79a1q63RTCdHS_23f_wuo-J3muuFMB5AQ1fhn9nKjTt8wcEyiIn8-L1Ou0Ye6aat8xRSTAWUAK1yxBjbwHc0bGLvHxuqgTJ8o7p2MJrJvnOP4RUtikI5-RCSkkazzFvG5I0xKF3mzFsXkiZop2xNEnOcESo5NyPuItc_DftQLSeVPJmKXAxrpWCqOArKU68cLx-ZNEFW0iYVET7BZma8ujFbDbrzRJygS4AY_fB9H5ShlhPEeqa3Ds5eUB4cw2wywH-jS53Qg8Z1dzOCpBOcuxKnCGdoycZxPPS6JqiRtDTOgc3yNcxq-WbM7JBUDKcK4xavyElgjkYjd3op-Eb8yNjQJtDgiA3iugT3ttOQXuhbphrfyb1CW44h_-Dfeb17qTq4MiSQg6rmgCB8JXzsL3DRmP8RUCOI3cxskeb&cid=CAASJeRomJfFE6RU-7eoH0RLHHixgryjrm3dkORXbj3nFfmCspwErCg&rfl=1%2Chttps%253A%252F%252Fko.cm-ob.pt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:48:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
126
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3159
x-xss-protection
0
server
cafe
etag
1394524276809619753
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:48:26 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/ Frame 91AD 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220427/r20110914/abg_lite.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Ayk9nAt1OGi2Ng3-Kklde9ODQh9hbZF16X3ky_t0RmdosCRjhGjPZNTOSrpJ4a1286dVMuGg3IabtKsvJuXNIVUG1wAogO_-TOsKlIVtwvq9aPNy6txH9YvTf6MT13b6e7CvYmErA7etDZVjo_GUk_zr65NQ&dbm_d=AKAmf-AkeavA_WDc2a8YIoB38MDaSbA46MpSRUxdtvTjN3SjRyJHXaYGv9uBVpgGJ7yQdD5vThxLDgiI9my5qPSBIlq5BF22-FnoA5IH2zWG5xjixVE0AA_UpLAJi3XfqUFxwHzsMorZ-PBSJCmmUwfmDCl3Sd1Nq96FDEK4iod7cjhsY-k9osmLjggCFTBPvjOnSOxpXQI1if5m3TIArfRzIxiMpQ9ZzQ39yd3itRX5RPEk4r2LMyiPngcMK_M0yIObsC1vmeX3j-DqPPy245leA3AvNjqJy43PUeGIGT_gWvTr_LAGyUBKildJf97mX6A8fCSnZ9fJROLnKzmZVsw8bkwXy82RMquprIlNFwo19W_FX98fRrvEmf1DaDqmC8WGrOr8wICFpRxzbNs1BD8_R6ie6jtsjN9taa3ua7jWEswrlxM27Sfvbc3NsqEBg3LXR_r8d1pV4LMPy2pHQisJ6wfSbOKQR1ILBFwQZQOcKm1cqvXXCS5VdxbWzspvVgw5lIego_D_xChVY8bhSTJUrZT7pJKED7T82Zm3yQ_a7tUWGyx-igGO-G9S-X9frG87lGDVDupX_sAjKiVv-O4dD1FVUt0WVIRLMBh3BKJV_zu_XlglIwVKcGMb5tyF4j6_ejH7EweCbQXAG_Z-YFzb5kIOv1CwxN-8I7Qb366SehLDtaIYfSXWfZymd8dpzdNlZCxJ7MlPfztxXTePJ0pBhOHQoVuvzhghnJqOr5ys6bQWUXS22b3CIpxUJZeM35g2NLU24CEJ_8DUYeFxI3IDyfbmoj1i3gRGknWkugIJ8BTThn7c-24eVGFtQxR621Xi_tkLLA0z3alEQ8sylkJ4WUXUk0PT0_BeS4qKR2LoUcL6TobiPRaL4tLsHosBu42qzTGyY32_X1BBj2OLEV7F_pcU-TFQSA9Sns36bzCSMR8sY8yN6ukIU8MTyBnkJTFPnj5eMoHqRNrUHG0woeO_aXFp8EEqQlxXADoBjVadXrVZPfTc_LjH4dBe4KJDMTfjauFy0Sks7507MJotNOivCCWniohBEeLBZ5C9OSwEVkW8BbuD_xgqsmX285os0DWT_vIvwNfQLV-oexbBt4M6WBJc42xTup5UqfyEFio7gkOipKMMA71X9X-mMSxJU2A-BS9HCevtHvKwUE79BZkAtJDIM2wIvn94NKtLvU30p-qT7gCEW6kPTOpSQtDhHENEmYNcRnhK4cHItP4GD5jrYTCsvEO4vtixx6oankO--CCPsJArZUGyB7ZoShZMi3yyxVNqV-33wk-sZcOox9wlD2EIg96lT7_b4VHgMJbq19BFbp1OWguAv_B1hT2vodlqKGLk6ltHEIRAlw672bvFZbvhC7USoWPA4rKrF4Efv0czVv49HVl2-MyB4lO0W62NB3iFqAjWcL901zECDg-BPGnIIPX2GPbYrrFKkElBRjtKeGs7V1AjZ1WlDxNaaydmNbMv2NfTzZaWNmpr4o8gcSr8Uu-VXUFJRBFY5ldM-ceZ2p8Whnbph7oBLt7DA9BuiRro_jfyiwWYH5iy17YoVn5ZALKP7DrgOp7d5q2OQSRp_RVGGiccdXJ2vsnntGcWEpuYcc_0yYF6jVIdZUpN6KsGkN6tsu-97QWKwlrgPXtjBOnBsvobSW4vx-GGGblU5MWPVaR1mf2957iqmnpZk40oPqdokE7Qr2aOHQSGOV3qFW8j_aQbnrcjVf-jj57ZWSzj9uEfaofdEkhiatK-1-j9N-gMCjz5MVM9PVnbk6-ZHBcRVnNXvugEc14fWWWl4MD3gxoK0xNnmyyRtMiLwXrookZHwG6TzvImKIJfmpHz4V3nlvOtq9BXMBYf9OrYj4BzTv8jugDCEVSPTSneICoXQaW-bZW7DwB-YZERmFxWfa7xRlJXXRPWb80PJbsZDQgVO4Rxh2feH3-w745zplEVQ57yfHlmMbWif5Znum8IHNLkSVkVHjSF2fWiRHH6x9RzGvchVMY2Ri9UyScyCgeK4nYkokmSayeabOmWak6shxWOWgQY1-P2E4Hh3oY88b6gWNWOGZ6N895ZvPaxhg_h9BcQ0pjwbwPRb2hQNO0veaHYhd-sSKhW0Exhmk55QIPKhIgpdZXvn1_Etz7FPmHAkFrBw4EOdcm3OD1gnFvMfL3Egxvk-uoxYM2zzysCDyb89aahDiQj_F6DJ_JCbkeSV6oyOH3JUC2MZ5Rcr7ow7ECobDE-Byz3d7BrOwA6CN9zf2UnomS84HLqps2hpwiAlJNfhcb_9cj1GAeu0OGNAFKwqhD4aewf7TJ_maVtlzW8wJVaGuYoQaGKkvM9B3ligsAnmBLTMrpyDWMOYBRievekJ5MiXdgsKn-O-Z7tBHxIWiVT6td6c4icyNc7nKAHrnpx5wgM98HEyLWYwQ-WyMp1K8mVWXOwo7FgGFnbByqb0oP4kQ5DJ6hUHc5b4lJbDFf5jJYaXiaWZuWcsG49XZqMDunKThG4tRiz2dtNYPrEN7dpsVjdkF3U7m9VY91mW7HWsmZCjUo9SqSIYvgdyhwtBsne3ezAn8qSM70h9VaE8U4A88dMhbFkEff6y0ymlsLXAlUp0hwJ-ztusytWJl2pNhBZHBVmpLU5aPML3BQt_fuMp8zgyndL5FOboDamGVqPI53i0Q5EyKPMvX6sTC5dib4-NQbTBZn_19O6X4sj5AI1YFqg_SeZQbvtjqMFKyQ-8EZkcNhGePjzsTwFXTyZSdTILaqoCMjY5kqJAV0qCC5p1XMQG7YM192JVvNHgEF5gjBBcbDxMZ2DBvQBb80nVSnB_iXMANvxTUV3wmQucDtpuxi_48UuEP0jLCDJ7gJ3Aq9GZrRoLNCSBNPuJLYp1q6Cpc1ctJnSkO5WYRd4veWFOGvpn0vUTzOxZv1H5fyhkfOicP27RVPRHbNTeLfEvMcs3PRWS89Ua4sY__nSYuyvRu3_lafrQam1GMHR66yctLCGUvKFObDM1Q0k4UUeDiCloTOiBJ4_XtWG-seVkBhmSdDHYtYRriN-BXsqgePJsFcRApicFPnSzHe8KKU1nNs-x_zg6WpwDEcs-1Ryuu38FZwgnh7Z7dK2oCcpRyCH1iAjHyJXF0bp37d3IjMLnDYtf2qySs7jawlvgTMW-X3fBnxAbizpOxXq0OIgUPk73yJaR79a1q63RTCdHS_23f_wuo-J3muuFMB5AQ1fhn9nKjTt8wcEyiIn8-L1Ou0Ye6aat8xRSTAWUAK1yxBjbwHc0bGLvHxuqgTJ8o7p2MJrJvnOP4RUtikI5-RCSkkazzFvG5I0xKF3mzFsXkiZop2xNEnOcESo5NyPuItc_DftQLSeVPJmKXAxrpWCqOArKU68cLx-ZNEFW0iYVET7BZma8ujFbDbrzRJygS4AY_fB9H5ShlhPEeqa3Ds5eUB4cw2wywH-jS53Qg8Z1dzOCpBOcuxKnCGdoycZxPPS6JqiRtDTOgc3yNcxq-WbM7JBUDKcK4xavyElgjkYjd3op-Eb8yNjQJtDgiA3iugT3ttOQXuhbphrfyb1CW44h_-Dfeb17qTq4MiSQg6rmgCB8JXzsL3DRmP8RUCOI3cxskeb&cid=CAASJeRomJfFE6RU-7eoH0RLHHixgryjrm3dkORXbj3nFfmCspwErCg&rfl=1%2Chttps%253A%252F%252Fko.cm-ob.pt%252F%240
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:48:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
140
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9783
x-xss-protection
0
server
cafe
etag
9821519945299111448
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 05:48:12 GMT
rar
as.ad4m.at/ad/ Frame 7CA1 		14 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Requested by
Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
74de70e8e800d2b01d4ee91c90c18be0b14248c3b76078196821612faffe4338
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status
DYNAMIC
cf-ray
703e001a9a639241-FRA
content-encoding
br
content-security-policy
block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
unsafe-none
cross-origin-opener-policy
unsafe-none
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 05:50:32 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
0
feature-policy
geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma
no-cache
referrer-policy
same-origin
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server
cloudflare
strict-transport-security
max-age=86400; includeSubDomains; preload
surrogate-control
no-store
vary
accept-encoding
via
1.1 google
x-content-type-options
nosniff
x-download-options
noopen
x-xss-protection
1; mode=block
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 91AD 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:00:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3013
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 30 Apr 2023 05:00:19 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame D681 		1 KB
749 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
59060
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=86400
content-encoding
gzip
content-length
724
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 13:26:12 GMT
etag
48472445140208031
expires
Sat, 30 Apr 2022 13:26:12 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 91AD 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a1c7f2401a055447a3b5c064547a1849fda64595d148a40311797ad02ae55752

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 763B 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BsgaUJ85sYqXsLczDb_qTtPgIAAAAADgB4AQC&bg=!eXqlej7NAAZNIUvJbSE7ACkAdvg8WsaEuZTwt7Nj5EhPMYQg6PXRI2YpJEkFhTgDmVEVdRDvW_ljvgIAAABYUgAAAAJoAQeZAyhYhD7FBXjxHC_YAKk4hOUTklT4oukL1l7_O-4m9kTvNwboIL5UrjKeEuaN2nze0T0aWPPjXGVu1iK38Ct6ziaZlT5K3_Gx47PXmsuaQZyJMN7CpV9p5SoMkYJnxv8Rh9F464Ck1D-29vOHl1hwzCxpQslHEoFMo8abGDBOhqWwfy_-bZ7eWSlXTZx6rkQVpLD0ZAbyFFMt97ViqsWzGtBOVmVgPiAfLwmivfmnqCqgubBbccwhFoaZuJwwcCy9Q0M6rR1Be1REJqs9VTWy3U27yZLfDCh0E8aKFcjPu6YQ1hkTOOz9dmWKRYcT2NyppBADssdAqx0lW-xEEb5yPeoQ4G_-Oo2KXk9CDXAkxkzmowUvUYGERzZkVmNaXujmmj6QYgrgQUrF2tNdQLhKZK6cjdAYxiov_0tWKl_OYLlazCyZInM7QIK_SSAaJufK8tZZxtTAjRM3RZi-fJelOyKo0iaNiBw8-DgRTEY8ctiW4wWI64Cc1XXFGF0ayPKmvQvqSP6t8ZesjtqhcLsEl9Khhhj8eRXfEWP-tlE3k1LPJUnWyxG8gwWYPPXkL7h4ZbhcnGzyR4d3kALJ0oe1YjYCAQkXHGyeBH7uceOofKc4F3ciJ1DkHV8Fn-Gri-axNGAD9hbbde8kuvdsMf9aXLENH3fcvEfb-XLW8IYNSFA5DhuUpdTam8p7ZgXqHLgvfTbWrzIeCOq8zxYJsRxgLBJzu2PXRYUBzsAlR1V6BotE2cJqXMhqbXKW5EeugDXn63QZtN1CkkiC0midcMjmox3g8pBcet4xaHGBeG9FjQztjuWCBLm9wdgvXAZHRG7RHrPFtbWZZKJ1ptSD5m7Zh_e890ODe7Thz2N024uO0QHAyYcLbsTPaIckhJlCO_JjDbfWqI9JLnQpbQ4Kqf6O-r4R5XQ5B0zkFxah0gmfofSPg2jYRaEGDWRxMJkMBVzZ7NCkd4WKhg2cm6paLr0A2ZiUaHLs9TTbyiwSoRomnzLI1AB6-5ThNgHvh7NGxzeQpGrNyXQr4VvVOw0-hguKy_EGI9OidVFcL4rlXMBgkxHXEk9Rda_C8IF0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 7CA1 		81 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
Security Headers
Name Value
Strict-Transport-Security max-age=86400; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:32 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age
936031
cross-origin-embedder-policy
unsafe-none
cf-polished
origSize=83581
surrogate-control
no-store
report-to
{"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=86400; includeSubDomains; preload
content-encoding
br
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
same-origin
last-modified
Tue, 19 Apr 2022 09:50:01 GMT
server
cloudflare
cross-origin-opener-policy
unsafe-none
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
accept-encoding
x-download-options
noopen
content-type
text/css; charset=utf-8
expires
0
cache-control
max-age=3600, must-revalidate, proxy-revalidate
cf-ray
703e001ad93291dd-FRA
cf-bgj
minify
DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
assets.ad4m.at/logo/ Frame 7CA1 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/DF9A32151D42BCC835EC0C9BE62CF0094313EE46FD4E5D3DC0F1217B7F8F1AD49F0F4DDF5D50AE1511A12D11F97A6BCA3DF8CE9D056CE7A3DC11AF6ED1255D71
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=euqM8A==, md5=F0uw3DVkfiBLCaoSCWVgSg==
date
Sat, 30 Apr 2022 05:50:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
63689
cf-polished
origFmt=png, origSize=24833
x-guploader-uploadid
ADPycdsi0swWfje5B21xpjPj3Xsup5qvELL1PF75-R-PqGIJBZWrCwZ42X01rcctWdEHYROCjrQ6STqUfBhj2AG-jkRtA7mv3hXm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
9258
last-modified
Tue, 09 Feb 2021 15:11:57 GMT
server
cloudflare
etag
"174bb0dc35647e204b09aa120965604a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sV0xg%2BYxQroBzT9JHX8nhRzGKvVm%2FY8QJyQkfQGmqRMuqW7Dtn6TVGg7W6Vr7WB1SQRamXlKjswVgS%2BBJTDZZbuKB4986tbmRe24s1zPGXSY9NUR7lRWByIBLURMmZDkJxdZGMT6rjMQT412"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1612883517528266
content-type
image/webp
expires
Sun, 01 May 2022 05:50:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
24833
accept-ranges
bytes
cf-ray
703e001aeabe9241-FRA
cf-bgj
imgq:85,h2pri
0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
assets.ad4m.at/product_image/ Frame 7CA1 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/0AC0DD533161B07A3BB2D72DC66FF10DF997383C63884E78FDBEF4BEDA8ED904DC259BD68D098814FB574FED8B566E90A3C1272EA9C368275203F9D628BB015E
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=1aKs/g==, md5=nBaxji7Rcg1LrHhoV5P3TA==
date
Sat, 30 Apr 2022 05:50:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
68065
cf-polished
qual=85, origFmt=jpeg, origSize=84530
x-guploader-uploadid
ADPycdtq6Vo-uxme94Smev73rpG-ghgg3e7q7aQ2n9Z3F0fwXxuRWIRGv1gVFOY0B_JRAOCAu5k107K_UpEFDTij_Ne8
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
19022
last-modified
Wed, 10 Nov 2021 15:00:52 GMT
server
cloudflare
etag
"9c16b18e2ed1720d4bac78685793f74c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2B0ay0SLRR09uepb9D79ZyI1K2pxHdKi88aayJeHNYKVNYjZDwmm4Ap3aDu4YfMD1%2BLmQLnWzKmZDKSQlHUTIucaQsFsEbIMrfG55zRcl49S6%2BQSc8krnNK54TWx5%2FooD5qdBjbzUEW9iHr%2B"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1636556452656256
content-type
image/webp
expires
Sun, 01 May 2022 05:50:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
84530
accept-ranges
bytes
cf-ray
703e001aeab99241-FRA
cf-bgj
imgq:85,h2pri
/
partner.blau.de/a/ Frame 7CA1
Redirect Chain
  • https://www.telefonica-partner.de/tpv.php?t=113752V1225131106M&subid=oneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_consent=&gdpr...
  • https://www.lead-alliance.net/tpv.php?t=113752V1225131106M&subid=oneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_consent=&gdpr=0&g...
  • https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022043007503267879621645X113752V1225131106MSoneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0F...
49 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022043007503267879621645X113752V1225131106MSoneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Server
88.99.63.132 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
nonstopads3.sunbonet.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Date
Sat, 30 Apr 2022 05:50:32 GMT
X-NODEIP
88.99.63.132
Server
nginx/1.18.0 (Ubuntu)
RM-PrivacyPolicy
https://www.nonstoppartner.net/
P3P
policyref="https://a.nonstoppartner.net/w3c/p3p.a.xml", CP="NOI CUR OUR STP"
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=10
Content-Length
49

Redirect headers

location
https://partner.blau.de/a/?i=pview&client=blau&camp=pview&l=de&nw=lea1&affiliate=113752&s_id=2022043007503267879621645X113752V1225131106MSoneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
nginx
x-xss-protection
1; mode=block
content-type
text/html; charset=UTF-8
E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 7CA1 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date
Sat, 30 Apr 2022 05:50:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64150
cf-polished
origFmt=png, origSize=77267
x-guploader-uploadid
ADPycdshEaEKSVUbw89DvqaTRXsWO0JGD7XJXyeGJ_Rb80geEH-duekeYzLbKzB2xy8H6VgRPcDO4IPTZ5dgyVdMpgLEkw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
38696
last-modified
Wed, 22 Jan 2020 13:11:48 GMT
server
cloudflare
etag
"2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XhI4%2F7mrC47%2FdwUEjumdDSv8ygFNGwv0z9seD%2FDvLJm%2FItw6lO4PSKDPO7pYz5LmKGyDlnRiohnFdV0Y8M8%2FSrpmaHXpKvoqx2D3NyHMqh7SzkexObGTjhITW7hHzjBuYuPM3LM45tzd2LCq"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698708801217
content-type
image/webp
expires
Sun, 01 May 2022 05:50:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
77267
accept-ranges
bytes
cf-ray
703e001aeabb9241-FRA
cf-bgj
imgq:85,h2pri
B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 7CA1 		84 KB
84 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date
Sat, 30 Apr 2022 05:50:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
159124
cf-polished
origSize=90165, status=webp_bigger
x-guploader-uploadid
ADPycdtZLUxD1St7sXk-EYespXLKb1_2k2_uAb02nvpX2rsuktJyd27hfzyYqfRDDXoeb15PzHJj0pqtmerHh9g5c2a9TSnMgg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
85727
last-modified
Wed, 09 Oct 2019 16:06:53 GMT
server
cloudflare
etag
"a6c89bb079950765946aeeda42e13d01"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W%2BM6ULjKw2OiqCex4Rg8oOISnuHOmvfBrW8cE5hlsjAphi61eqb%2FH%2FB5kQYQewDs%2Bg7l%2FDT5de06dYTYyEFXeGmw%2B2rpaD9KAnqwtvsbOCKtm6yzsaRsFqbzIQu2UpaK3yYJF%2BfIZYQuPB5s"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1570637213281727
content-type
image/jpeg
expires
Sun, 01 May 2022 05:50:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
90165
accept-ranges
bytes
cf-ray
703e001aeabf9241-FRA
cf-bgj
imgq:85,h2pri
188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 7CA1 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=tG7Jcw==, md5=BMt+wgXOo1EVeu/7mY86hQ==
date
Sat, 30 Apr 2022 05:50:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
64074
cf-polished
qual=85, origFmt=jpeg, origSize=16723
x-guploader-uploadid
ADPycdvEZpS20Q32Xe_7ASGwy4MDMm8DO1SSYZ-ntQ9YbVJbet-8JVmb6oyluS-AG--xO_yOA1Aacr8ThG07NdKSyELE4Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8354
last-modified
Wed, 22 Jan 2020 13:13:07 GMT
server
cloudflare
etag
"04cb7ec205cea351157aeffb998f3a85"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HaOIGFq1f4yMqoy3M5HYP8ww4SVP4ikp7LV5L02bg4cRjA55SvI5HB%2Bdn8Y6nZqf7pjqIQbsDngP4RmGatW5cq905SINN8xPQ6BsaWAUyg26dtmFOQbCxk6YLGGqFLLrBrnrnjbjc%2FFYRM0T"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1579698787150900
content-type
image/webp
expires
Sun, 01 May 2022 05:50:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
16723
accept-ranges
bytes
cf-ray
703e001aeabc9241-FRA
cf-bgj
imgq:85,h2pri
FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
assets.ad4m.at/product_image/ Frame 7CA1 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.ad4m.at/product_image/FC413BBA72211F5AF56B42ACBA3ABD3A49D827F593C9E1323C0F2A226E056430F688C15FF4CD83A6D4A3CFCFA1FE4220CE28CD84F613C42E73DA82679F4A107B
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-goog-hash
crc32c=yOKvRQ==, md5=98ixwodW4fBCQU4EOgLh+g==
date
Sat, 30 Apr 2022 05:50:32 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
66133
cf-polished
qual=85, origFmt=jpeg, origSize=81547
x-guploader-uploadid
ADPycdsoaRk7A7VpSDk1rtY4GUKUTEHkQk6tLOm3FRFPbUOu48DCTWcxOymaYBJ1DthBoL4LenkFcGH90z9mWqFjs3pO4rrOgIMy
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
30226
last-modified
Thu, 09 Apr 2020 08:50:22 GMT
server
cloudflare
etag
"f7c8b1c28756e1f042414e043a02e1fa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fb%2BOPOk%2FJi7BaToV8eu7zILISEXc4ewKYUfiXDJrE%2FqvFyhqlK06zhW%2BYE5TE9BGDnkACM7BeUeY0TX1ipEW7ULumoLHy5rKC4KrEfhIz9N7EzcbmqnIcj33I6sEbTkM4ygPpxUmOr1MlWHU"}],"group":"cf-nel","max_age":604800}
x-goog-generation
1586422222365290
content-type
image/webp
expires
Sun, 01 May 2022 05:50:32 GMT
cache-control
public, max-age=86400
x-goog-stored-content-length
81547
accept-ranges
bytes
cf-ray
703e001aeab79241-FRA
cf-bgj
imgq:85,h2pri
/
banner.congstar.de/cookie/ Frame 7CA1
Redirect Chain
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=?https%3A%...
  • https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLH41OWLu_cCFdL3dwodND4HWA;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
  • https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=oneidR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7oneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&gdpr_c...
  • https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1651297832_72b4c4a0-c849-11ec-8f9a-2230a0859272
0
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 0394 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
166227
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 28 Apr 2022 07:40:05 GMT
expires
Fri, 28 Apr 2023 07:40:05 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEASR1vRI4_y13lkdbgLd4lg&google_cver=1&google_push=AYg5qPLaFnAIEJUjX86iaHjUJ_U1gm2aDwOrk9JHFsT4YVJZGyBB8TwcQwO91McAMZkGpeYDnjb...
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=glrdr&google_gid=CAESEASR1vRI4_y13lkdbgLd4lg&google_cver=1&google_push=AYg5qPLaFnAIEJUjX86iaHjUJ_U1gm2aDwOrk9JHFsT4YVJZGyBB8TwcQwO91McAMZkGpeYDnjb...
  • https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=EJVHZDG9Rga051jxiA5hRQ&gdpr=1&gdpr_consent=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=EJVHZDG9Rga051jxiA5hRQ&gdpr=1&gdpr_consent=
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
Apache-Coyote/1.1
location
https://cm.g.doubleclick.net/pixel?google_nid=lucid1&google_push&google_hm=EJVHZDG9Rga051jxiA5hRQ&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain
  • https://a.c.appier.net/gcm?google_gid=CAESEKqx4q4tvwHQdSvQmDAAZj0&google_cver=1&google_push=AYg5qPKlhauwQweXHX-rECjgaeZZ5d1Vjzz_Zbyggoa0VZY4__oJec9GMvXYl97OOD9Z-IsPEV2Uv_xNsL9VOYIp9x4UbWrln1Uq
  • https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dGVEdjA0YVREcDZQY1oyOEtNNXNZZw%3D%3D&google_push=AYg5qPKlhauwQweXHX-rECjgaeZZ5d1Vjzz_Zbyggoa0VZY4__oJec9GMvXYl97OOD9Z-IsPEV2Uv_xNsL9VO...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dGVEdjA0YVREcDZQY1oyOEtNNXNZZw%3D%3D&google_push=AYg5qPKlhauwQweXHX-rECjgaeZZ5d1Vjzz_Zbyggoa0VZY4__oJec9GMvXYl97OOD9Z-IsPEV2Uv_xNsL9VOYIp9x4UbWrln1Uq
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=dGVEdjA0YVREcDZQY1oyOEtNNXNZZw%3D%3D&google_push=AYg5qPKlhauwQweXHX-rECjgaeZZ5d1Vjzz_Zbyggoa0VZY4__oJec9GMvXYl97OOD9Z-IsPEV2Uv_xNsL9VOYIp9x4UbWrln1Uq
date
Sat, 30 Apr 2022 05:50:32 GMT
cache-control
no-store
server
nginx
content-type
text/html; charset=utf-8
content-length
243
p3p
CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEGTmgVLh5NLDvLkNQ7Irvvo&google_cver=1&google_push=AYg5qPKBWycmfRE3v5x3PHuzVCuxDZrxzzPEqpRAqCQVXfVL-cDiv52QH4I-omVLQ6bDfx_rQNs4CKqPhAUJUkUcnqBkvPK...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKBWycmfRE3v5x3PHuzVCuxDZrxzzPEqpRAqCQVXfVL-cDiv52QH4I-omVLQ6bDfx_rQNs4CKqPhAUJUkUcnqBkvPK_Znf_&google_hm=NjU4NzgwNTI2NzgxNDg1MT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKBWycmfRE3v5x3PHuzVCuxDZrxzzPEqpRAqCQVXfVL-cDiv52QH4I-omVLQ6bDfx_rQNs4CKqPhAUJUkUcnqBkvPK_Znf_&google_hm=NjU4NzgwNTI2NzgxNDg1MTE0Ng%3D%3D
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Sat, 30 Apr 2022 05:50:32 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPKBWycmfRE3v5x3PHuzVCuxDZrxzzPEqpRAqCQVXfVL-cDiv52QH4I-omVLQ6bDfx_rQNs4CKqPhAUJUkUcnqBkvPK_Znf_&google_hm=NjU4NzgwNTI2NzgxNDg1MTE0Ng%3D%3D
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain
  • https://ssp.adriver.ru/cgi-bin/sync.cgi?ssp_id=10&external_id=&google_gid=CAESEEUPtJZacqyDlRgW9GgHtew&google_cver=1&google_push=AYg5qPIB0C-CxtxiTTBMaXTsPxNtJd24R68blD8wT6Vsx2sSquOlcrVspJMGt6R_ICbbr...
  • https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIB0C-CxtxiTTBMaXTsPxNtJd24R68blD8wT6Vsx2sSquOlcrVspJMGt6R_ICbbrnPOywzxfu12MUPmXJ-p1T5GUudFwfBa&google_hm=QVNoQjduM1gxYlhXamU2YWRS...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIB0C-CxtxiTTBMaXTsPxNtJd24R68blD8wT6Vsx2sSquOlcrVspJMGt6R_ICbbrnPOywzxfu12MUPmXJ-p1T5GUudFwfBa&google_hm=QVNoQjduM1gxYlhXamU2YWRSd1JPWmc=
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
//cm.g.doubleclick.net/pixel?google_nid=ADR&google_push=AYg5qPIB0C-CxtxiTTBMaXTsPxNtJd24R68blD8wT6Vsx2sSquOlcrVspJMGt6R_ICbbrnPOywzxfu12MUPmXJ-p1T5GUudFwfBa&google_hm=QVNoQjduM1gxYlhXamU2YWRSd1JPWmc=
Date
Sat, 30 Apr 2022 05:50:32 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
sync
sync.srv.stackadapt.com/ Frame D681 		0
0
sync
dsp.adkernel.com/ Frame D681 		42 B
233 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEHzAx79B9RLipy-R71YurLM&google_cver=1&google_push=AYg5qPJwaTzrAUHosU0rM3CSahUNeA1CdbXz1poNOUTDPQG65etAEtrMnlGTZGFA6jB86RDIljJy7bZn8iBfn4IAb6VYOPy_KKTQ
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:32 GMT
Server
nginx
Age
0
Content-Type
image/gif
Cache-Control
no-store
Connection
keep-alive
Content-Length
42
pixel
cm.g.doubleclick.net/ Frame D681
Redirect Chain
  • https://match.sharethrough.com/E4rooAtA/v1?google_gid=CAESEDcC3756ILReI2wCsjWMTZg&google_cver=1&google_push=AYg5qPJ-ISwMFtEqPpl5rwEcfKVtIIwow5eDMD7wNBkjEMMARqp350E5g4KDW436rCsrqgPSdRMGTKCr0rxlb6dbM...
  • https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTI0YWJlOGItNDU2YS00NzhjLTgwOGMtOTE5MzZjMmVlZWZh&google_push=AYg5qPJ-ISwMFtEqPpl5rwEcfKVtIIwow5eDMD7wNBkjEMMARqp350E5g4KDW436...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTI0YWJlOGItNDU2YS00NzhjLTgwOGMtOTE5MzZjMmVlZWZh&google_push=AYg5qPJ-ISwMFtEqPpl5rwEcfKVtIIwow5eDMD7wNBkjEMMARqp350E5g4KDW436rCsrqgPSdRMGTKCr0rxlb6dbM_XQePZUeFqLlw
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=sharethrough_ob&google_hm=YTI0YWJlOGItNDU2YS00NzhjLTgwOGMtOTE5MzZjMmVlZWZh&google_push=AYg5qPJ-ISwMFtEqPpl5rwEcfKVtIIwow5eDMD7wNBkjEMMARqp350E5g4KDW436rCsrqgPSdRMGTKCr0rxlb6dbM_XQePZUeFqLlw
date
Sat, 30 Apr 2022 05:50:32 GMT
content-length
0
attr
cm.g.doubleclick.net/pixel/ Frame D681 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LicfX3_OxE1DwvmqLHgY1jSOytR2p7yzR1cub4eNvBY2Ihvtll_7ESQ3Tzkt-Kv9L3GhTFwA
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:32 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
content-type
text/html
file.mp4
r3---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5F03 		2 MB
2 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://r3---sn-5hnekn7l.c.2mdn.net/videoplayback/id/e0ee3230c65fd1e4/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1682833831/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/78D67F755518EDDFAC9B555530C922ED1BF367ED.DBF77110583D031382D1B4A61EB54A5A0A14ED/key/cms1/cms_redirect/yes/mh/v_/mip/2a03:1b20:6:f011::7e/mm/42/mn/sn-5hnekn7l/ms/onc/mt/1651297526/mv/u/mvi/1/pl/48/ir/1/rr/12/file/file.mp4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400e:a::8 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gvs 1.0 /
Resource Hash
0722a78a7564b24fe7d3796803dab12ac321c9e1b20ed3de80fed97b0f289b2c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
Content-Range
bytes 0-1728178/1728179
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length
1728179
expires
Sat, 30 Apr 2022 05:50:32 GMT
last-modified
Wed, 02 Mar 2022 11:10:25 GMT
server
gvs 1.0
vary
Origin
content-type
video/mp4
access-control-allow-origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
access-control-expose-headers
Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control
private, max-age=86400
access-control-allow-credentials
true
accept-ranges
bytes
timing-allow-origin
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
client-protocol
quic
link.html
track.webgains.com/ Frame 7CA1 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4kbfxyezpjrx1hgjdvwnae8ve55yjac2axg4cawq5942vc0gr9jkn1t1qx1ect81e887dcga0t6dtjhwy1xwjzkzzqr28tz5pdzx6rxdqre1jha9fpn9tf4ewvbcp2vpj1xwhhwj4k3yyw8zz88czp2h9hmnesm4sjvbczv7948wzz7c24qdda6wkfr88bweqra1xh69851bbzq3680dr7q83qr80d879ds8dyd3m31txw80ksncgy358kk9h49e9h4myzs04zc06t94546b72f0e28x4gnr6emp429d07frsq%26a%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%25253Fsa%25253DL%252526ai%25253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%252526sig%25253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%252526client%25253Dca-pub-5512390705137507%252526dbm_c%25253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%252526cry%25253D1%252526dbm_d%25253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%252526adurl%25253D&clickref=oneidqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3oneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&viewref=oneidYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sroneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
794dcd29f05c2aad386c6de8e9415a30ab4391c261a86660e22c437e4cff4f73

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:32 GMT
Last-Modified
Sat, 30 Apr 2022 05:50:32 GMT
Server
Apache
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
text/html;charset=utf-8
Content-Length
1476
Expires
Mon, 26 Jul 1997 05:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 69ED 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstEPNr7XddFv9kx0nnKAPZVZ_qAduCQOajGGYzdUGh1xYPOoCPg20pp-jKq9W0RtLsRlPGJMWdSisClQ3J86miJXN6ZY-8mYhTRvlRSQ26rWelXNzZWoRATtI45&sai=AMfl-YRLYJSEZinAeWniQwTv_k1SELXahbcjyfpyStTQ34VA4PqvLe2KuUAenkVuqYXMqKhokx1M-sJM06izOm0VXaxqTK_6tRmpMm9xipRYdfMxtcv-qsYxlpae9MCHhGSX&sig=Cg0ArKJSzGhbayanygMQEAE&id=ampim&o=315,1100&d=970,100&ss=1600,1200&bs=1600,1200&mcvt=1002&mtos=0,0,1002,1002,1002&tos=0,0,1002,0,0&tfs=291&tls=1293&g=100&h=100&tt=1294&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=3012904734
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 0394 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 12:43:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
61633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 12:43:19 GMT
dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARg...
ade.googlesyndication.com/ddm/activity/ Frame 5F03 		42 B
494 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1651297832214;dc_rfl=[URL_SIGNALS];ecn1=1;etm1=0;eid1=11;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5F03 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU6m1Js5sYtKuMP-f9u8Ph8Sw0A70uZjmaJKHxcbtD42A5LbrAhABIKqAwyJgleKQgqAHoAHc-Kq7AsgBBakCdK3SGmiwsT6oAwHIA5sEqgSWAk_Qbvnk8QBwurU3XN0Lzvm5zXfx0k2AKEf8Wu0HgIXruR-ig_J0HPvt1bzpixFdXkTb0QcZhCLkscB6wOF7hsbX7KwvPEGkHlzLfOLAwAnKhK_QmLR0F8d7LhYnCwcvZIEZYvCyGCQCS83RBGbP-Xo-olKOI9lxCIQJ4NkJSa-TsfCVd2jPJbNY8mk-iNidi88nBRSDrtJTMC_L4M_zFVr5aLXH1VgVw_DUaYwPI3BH6ZSglP5jbIIshOe-1lDlkpSv4RKEgP0NeemSR9WXkXlHnxf5ltEe7y38lTgGd6sgrMqAiZN_FpLAXussnBxdMd6bJbBNCJV-QgBa9oRqAIrR3NZXJv6x4sgCBdLOBOIH7FUoA-4owAS2r6rH7gPgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsB4AsBgAwBsBPNoeMOyBOvyM3fA9gTCogUBtgUAdAVAfgWAYAXAQ&sigh=XfsOQlRFsjI&label=part2viewed&ad_mt=7&acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D0%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26i0%3D18%26ic%3D0%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1651297832214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 5F03 		0
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuh2TMhCFSQAdRLLpVcucdcIsU7kt9ZALRK333DG3HeWHhAKq33USvA9GH7TCSdr3oNCVTU39r1D-ST98-tYgs8Lkdc6SdPwO7olU80hDUMXGg6HzaVpWxmaG_owt8zzVKrzIcYsiM79300b2SWv-SfkcWauKCE-BjW_Obrkyo9v6ICSZxqCM5J5TuwSFMRMn1hrLv89QW0oh3fRx0uB_Le0vzmPQSN3ce9ylenhLGyJ8m6dPZk3TeHuhWoXjN8t8kZUuPu4XLYfwon-Zqw2c14a5bn664C6X4qwlC1bipdA5LPHJW3VftagsQr_71F5gx7aPuzIdTxquH-d2YhmD-LXxlq0n1BkMv-VeT5m5H97evGpiqPOcFSkXlrN-9MeTLx-CnE7j0wG6eHztsi6Ykft_eE2mLXkk94vA2IlLK4DdRXhxpnV3zEmfwUuAiWglj39IDpvmIUQ4YWaUDM69j5PRq53kRUjeufZRp8Ma8a8EkhX1tV3wsUk491EZE7HER-HDFxRUzu-woc1gVLpEBICut2sPgQR8PP-1gV_NtdWmUFjqRl22CW7QbA7eciWTNTsZf70fVDgFDG7Zr1g4yDoF2_ZuxOQ3kBAfd9Lso4zulJ3_pizSOEGZboJWTs-qP7TM9lA7wQnYIHqYQTROdqr9v1DR_6GAwNv7Iabgo05jpN2oMZrYYfG2FLSn5zzkgr-FsUj9rFirPTYf3bGJZ_td5DxZTL_KWCg6pGkNyxCy4XVDX_ZEBARQ8kFPj8zjIixMqExeV3nFtLgg_q33cx7Rn9CrpF8j-AcScj_pzjMcT7oNJNOFNg3EP-kkZENG2oU_Wu_wZ40KIwaT6BkMRsfPM1nC5zX04fizq4P7jo-9iW3qxgC1bgsiWcyl9ipklhh16iz4v6Sb5pUXvvnoJNPXGzv7Hr6alZDWwLRqu3oyPfsQhQcXuNllD_NUYuFFggNB2ZbRM-oD1r3KNbzmdLm-6p5qZfHGNXTyPCbIFWCrN_cMYQmmiQ4dvxh3DPC8OHeC6zPkbmwt-ywqvqRaNwrNVTUw_ErCrUskqd4jO4e2XfhTCgA5j7_aAd0Id_jrXd89eR5UbryNcmN8Fl5Qh6dJlUJFYoupZ4ZiRm9W5DMdegjmBdcLKmGQmJ1gUanboMslC_VLERltJ-zKYRBtQeEF0L7JecmIevaiK_Q6tugHCf-ySrEwrqxhP7U8Cq7XFgBMDio0zWQke4C0oOdTj2c-KyhWUOHGH5QntOO-7XvxrOo7xl54bubJNsfwR8_uY_DCl7&sai=AMfl-YQDcdcYqdL6AGWo9mbVgsPMeNKbxUSqu1SwmIWXrkzABDHWD25DJ_EcTnSxmZZ04U7Lpf1LR30jQNf__9oP2VRqJd14ULRaup7_aibhoJ3hagAFXBhDqhzgak0Yq7AOHZcDoD1ncnGQdzeKrtlgWZaZ0nK5Av_oR80ArJJ0sP4Ui9MPJkaoSZqajgEvE9-ReWTn-c2p9duX5j97MSWgXmPoqXcmgodkgw&sig=Cg0ArKJSzCEm1ruSBtJ5EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 30 Apr 2022 05:50:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5F03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=COvS1gIQg_znAhjqjtjDASABMAE&v=APEucNUfOWBtmwazrcAQ7teY-D1oFC0kjBZpCwG4xaZpXCYdaoalxmFGbUVj9VyXhhGOQ8GvIQyo9WWgXqML9ZqqvtUONBsnFQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5F03 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=video_impression_ping
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARg...
ade.googlesyndication.com/ddm/activity/ Frame 5F03 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1651297832214;ecn1=1;etm1=0;eid1=200101;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5F03 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfq0GyxNQDOgxtzquC5eSOfgqByjd5g2p4JT1JlW8YypEyb3tL4CTHRaQE_gyQucHcx02ZoPzvPDLS-vVecHVHGkxbBEUsWSzKCewmWHo61-YwrpTGfeirqRy8&sai=AMfl-YRDpIXLNP6vJ_AXPSaLvt00h3Cn4P5O-G9G-inM6GUXjzYYCNbPUHZfNX6raokuo1vFXNoc5PGNmiMsfa-XLIfvgQ-iI77x-Glt_MHpzuu8wzY5sROCze55_nUK_g_J&sig=Cg0ArKJSzJLnRVz7fDKqEAE&cid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw&id=lidarv&acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D15%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D6%26dvs%3D0%26dfvs%3D0%26dvpt%3D0%26is%3D18%26ic%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26ss%3D0%26t%3D1651297832214&avm=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5F03 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU6m1Js5sYtKuMP-f9u8Ph8Sw0A70uZjmaJKHxcbtD42A5LbrAhABIKqAwyJgleKQgqAHoAHc-Kq7AsgBBakCdK3SGmiwsT6oAwHIA5sEqgSWAk_Qbvnk8QBwurU3XN0Lzvm5zXfx0k2AKEf8Wu0HgIXruR-ig_J0HPvt1bzpixFdXkTb0QcZhCLkscB6wOF7hsbX7KwvPEGkHlzLfOLAwAnKhK_QmLR0F8d7LhYnCwcvZIEZYvCyGCQCS83RBGbP-Xo-olKOI9lxCIQJ4NkJSa-TsfCVd2jPJbNY8mk-iNidi88nBRSDrtJTMC_L4M_zFVr5aLXH1VgVw_DUaYwPI3BH6ZSglP5jbIIshOe-1lDlkpSv4RKEgP0NeemSR9WXkXlHnxf5ltEe7y38lTgGd6sgrMqAiZN_FpLAXussnBxdMd6bJbBNCJV-QgBa9oRqAIrR3NZXJv6x4sgCBdLOBOIH7FUoA-4owAS2r6rH7gPgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsB4AsBgAwBsBPNoeMOyBOvyM3fA9gTCogUBtgUAdAVAfgWAYAXAQ&sigh=XfsOQlRFsjI&label=vast_creativeview&ad_mt=7&acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D19%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D0,0,0,0%26tos%3D0,0,0,0,0%26mtos%3D0,0,0,0,0%26amtos%3D0,0,0,0,0%26mcvt%3D0%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26at%3D0%26as%3D0%26vpt%3D0%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D0%26pst%3D-1%26dur%3D12010%26vmtime%3D6%26is%3D18%26i0%3D18%26cs%3D18%26c%3D0%26mc%3D0%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D1%26psv%3D0%26psfv%3D0%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,0&gv=atos%3D0,0,0,0,0%26avt%3D0%26ss%3D0%26t%3D1651297832214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 5F03 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~l2lg3dkr&c=6489605522042&slotId=3244802761021&qqid=CNLZ_eSLu_cCFf-P_QcdByIM6g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=953&mt=video%2Fmp4&vs=640x360&dm=12000&ple=0&umsem=0&event_name=first_play&asset_bytes=214304&video_bytes=0&cached_data_bytes=0&js_cached=false&css_cached=false&num_assets=10&num_assets_cached=0&num_assets_cache_validated=0&num_assets_unmeasurable=0&video_played_seconds=0.00&video_muted=true&video_seconds_loaded=0.00&met.4=ff.1ca~videopreviewstarted.1cc
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220418_RC00/outstream.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2404:6800:4015:801::2003 , Australia, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index.html
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e5402292beed4ded5e764e05d4a0aaf2c0d152b148121485de91d8c685df113
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
64557
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1502
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 11:54:35 GMT
expires
Sat, 29 Apr 2023 11:54:35 GMT
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 91AD 		0
64 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgJZOfysqvEuB7WPIMX_QXIFG4kC74cdXKwsHiiyVO2YmdvCuCsN6Ck3f3FOOB5hiYW4Av4XqdA31M881ELHJ5fUpTT22eiZafGug6rZS8HEIaMrfr46H3MOXczSdxhx9shEZXOzAL8K98Jq7D37K5xPrI0T2hU9GJNhJYTyjC5QU-pRhiKyDyRCgO15TGa3NguTqMjM8M_MiHSv3B65yb1dvNlnoepJ4Q4rwF2pA-vI69E7FoZ-ks_K18fGuSg-Qft6vqb5XMsSD2QYHTMMiHdnwcaOi3fVC6BxRiLEVvW1QIGEkOBeSwZFvrIki8yw0TEtpE_j-iAr2O4YyNWjKdnaCCkJrapCipO4-p8LeYBUcGQp3B4yTmJr28O8E2aR45PgApMiJFvLHL_C6CR07XbNFLT2HVCgWKtqk-iRyHdQt-CVwASRO-Y5gf8UZC-edWuDEilEf98SVpqH3C9_4gRZMI_Ov7JQbM1Ai51rdM-BbByxB8UsO3wG4yq0fXe8tF0NaN9G7VDzhEOrAbEzKFTHqUqKr7uHSE4xzbhaGOx6ZKY4sYx8b_6QDxoGJDzv4-TyCpEibQbIwsvsphSqpJdiFOMONRCiKa4czm1vjDBaaBiNqjxhhTN4JV4vqvsUIKXWaORCgrzULtzNGOb0ob9BpcixIwoipudJBIXKRg8QQYsSIx6-fc3wzEhboJ_2K8eh8Z2NeFI2SHDFHTChioXjauuCUK2fmBD9e3hX0lZzKnfHKf9qMeOUhivezzOQUjZe77TLaLf7NJchESVGhZMGxegcisq07rR3cgVKN2QK0Ev0eQP9QZycAUYe7rQPVYBjA6v2M7eXj9YAeTuJZrBsZbXRceTYU71M974foYRilWRgj34bL_s9n6ySukA3aaS7p-qRN2SUor8bjOsrRdOd1KQN6upvLKL04FIKVnj7WveysKNt44TCgtz0bnbm7jIT-Wbz3HStVk9_mDNDVaxQu3BG0EH7tbWFl05gFDdZnU5DiDkwtPlzhwfPJsoY1z5QAKBV4gUjkfTvBcVHH7NATwrPXxJN7M460pqAEWuUrEGZOU6meYONBjTeXP8e8EsIbfQaoCzyhlIPBNZrfHosDcuBLiiSljbi6Dbiq3YJZWAQHOoHnLkMRDuAEyZHYCkJEGbBiHm0oTAXTsaH6CqqRdCjUtOSdIwBIPZCNc0TxUT91F0htBrZgRcROl7534y4NWAtrIJ7mhJfOBl2-zBiuxzJamlwwlIPRruSwB6vxvOfbsE5XV4AE_wvfKSdI_-DQJx5-x75VvNE9HdhxB_vaW4RN8NM4RzapK3JokPz2LeUW9ejs-P1nVbDXSTGjSolNTUOT8_qa7UuZV18u856AIYMvKnYNFZcNoKrK_5pqXijIs35KuTe3qeAUG&sai=AMfl-YRKZ6IV4ocKBFZUa7EO95CuvzLeKpbbI1_L-WPRN62iDe7EY7-6FVbmrXfAoH2X5FPxngV05h_wGj4M4TxONsWgsRKnzZURRoh-NIj5PuRHTD6CCKMcRN5UAugrVraId4Q8SyNNFJzdb_mGbHc17kZOD9gLpmV05l_j_dppNM4zs5gOBkyxdE55FSRxGWDyk7MpVtgY5NF1Nc-aZskIeyRfSQzg1d1bxSwrBhldlbEKTPes&sig=Cg0ArKJSzPATgtUzc1PlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=229&cbvp=1&cstd=225&cisv=r20220427.32434&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date
Sat, 30 Apr 2022 05:50:32 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
styles.css
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		2 KB
663 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/styles.css
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7282ef3935430cad842681d478a23c343dd14548adbff41c5ed1c8128503c3be
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64557
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
634
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:35 GMT
background.jpg
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/background.jpg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4adb034a054dde11edc5355bd37728733d992007b5d8e5e4c924042861a95ffd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:35 GMT
x-content-type-options
nosniff
age
64557
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4875
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:35 GMT
pfeil.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/pfeil.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
56b7af801ad31f3b1ae7456fff07ba0f0104b12976fa8c2f258b7cc9ec4680bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2062
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
h1.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/h1.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
803bf029d75bae3f48acbe6e731a032354808114464cb96ea4b61cd8622fc5cc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5898
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
h2.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/h2.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2a09b303a06eaba3727ad39559840b0902862900d939e44e323d58989d1ea2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4296
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
preis.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/preis.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
449e6e7f9fab5eb4229af721f7742dbbed6ab11228f6367dcef5e59f5b085a89
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2814
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
sim.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/sim.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ffd9c6013049611b535ec72c8366993287a318935c9df51a8f3710c5c6b77b51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5839
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
db.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/db.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e4259e2810a17934b15b752d5f631e23cc29c114ee5ebcb17e59a917e5a136fa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16008
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
stoerer.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/stoerer.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9e7bbc13b468fe5b17e5121d0d7f2f50ff9a3dda100cc2f5986f612795996630
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1842
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
logo.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/logo.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fec72f3f90fae7965be18e0a4280cd821eb630c970afc04f7a8339e8b818ccf2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3266
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
laufzeit.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		488 B
515 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/laufzeit.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2be1f759c5bacca5d958516dc0c71de5102924805793e909770358fc1ad81d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
488
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
button.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		772 B
799 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/button.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bccf1cb1deb66d46da34cf50ae212bd505ff2fadd0f1aabaef0ed86819f4a480
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
772
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
border.png
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		152 B
179 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/border.png
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d17abe6a44fe8b727a8282982c49a6defe969b90941f868c7191aa9b59f2f81
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
152
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
gsap.min.js
cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/ Frame 02DB 		63 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/gsap/3.9.1/gsap.min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:32 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
67835
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
22890
timing-allow-origin
*
last-modified
Sat, 25 Dec 2021 03:05:32 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"61c68a7c-596a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DhLRH5MHW6y8GN4MDXVVwrX%2BXQJ8HcoRxLIOGuhWmD1iQuRqE4VYIcnD%2FitRtpbv8PHGhtsUjZyvQRZ%2Bas7n%2F3vuD8%2FYg4uVIQ3QSR9mif4aGJ6uC3FMTG4ygpK5uUUuD4maKWtSnzg2WGAK5Hj%2BB9Pe"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
703e001cfcc0915c-FRA
expires
Thu, 20 Apr 2023 05:50:32 GMT
main.js
s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/ Frame 02DB 		2 KB
491 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4acdbae0e000825a6749106785f89dc8663e1d64db491268d10274f8f28ce314
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/7122740052246014723/km_202204_AF15GB-1999-monat_300x250/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 11:54:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64556
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
462
x-xss-protection
0
last-modified
Thu, 21 Apr 2022 11:49:50 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 29 Apr 2023 11:54:36 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0394 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BYyskJ85sYpTmOfT33wPZqzMAAAAAOAHgBAI&bg=!eXqlej7NAAZNIUvJbSE7ACkAdvg8WrZ0WYV0Z0O-8AmbrByQsMNR-XXtOHEkjcMbXJFQ89cPA0gSCwIAAACQUgAAAAJoAQcKAEtPEBzP9S0iRLo-X2emmbu0GfjjI2RolqkYp70Lk5PfPqzYrTVSYWdeZR8nJZcWvZb0CReBDrbZ5gB6cjSCWAmcSTwe7LXsRql_DuWZAzE7ZD5HZdmmubP8PjTXft1_2hQVRU6IIeYXPIK19W_1NunX0c_QtrwmjcoLhtPTjUTf-xJL8Nug4OCKyIA69BVIlLEO_a5uCyS0nANE4OTWrJBHQz2itlP0_5UwwO-l_dJlr9t-fbakuWRfzpi9cNKmeNPUrj63QStOd3R6iO219r3tCPyPTDReDJM00DLjyV11_LrC8bHky2MeRXDcSuO1ZRqYTXJQfX2i9eHwlyGTRmEZySDC_e8Rj8CvbYm9MfsQQXOgbvB2hhPRN3sQMf8204WPwtUCy8yQO0eyTqOaiNyCPjTGIXOSGVK8bQmAlIbCRAUjGS_G_cLm9V6Lr9-8U2Oy2xkVTMqzgt-Eez7Yp6Q4n2TzyzxLLzm2HQYiUKFe3R1VWbAWJh9WQ3Tma-f2r4VPvme1Fl2y8qHDoe6nL2xs5kuo4YZjkwfeAz6mAawZcp-fZ1-DNN1ODDETTwbScm_ksmLGYrC0IV5LfiUJkiK9rcz9T3p06LI_Z3DR19emRkMYCILk20jQY-kOHpHN8HjfQXaxwEdW1gfZak2OJUxYbNURTKv83vDhllWCNt-z03nNTRAi6benWyaQXKcFXDgZN37AgdoDDytZkqB9-hsteGHT_ld5LDBDZcmnEwa93fIyYT1gVbZQuhPjuCwlhzKYVzOKL6ZCsqGW2oiLlTjanQX7CYq5xveUzJxqy5_sTEhE36djWgWgCIGImDSm4TUpvzSNErX4coQJJxb2WiQv-BiHvzLLlr39C8UruRtbagR4gzMQTSQ9yqnOzCpFlHf9LjaPYOi4zT40DhovjgB9-eyi1nowp9AZKLO9kJ8AYPOjjUuKc6D45idSk1hX4c85xVPwy8ZUVwEENC8vU23Z2lQaYdkurcNCJM5YA-atd1PZ8DZfY217yrb-lEKNJfznGlcfsLijN2pYUzirF_y85t6L-QIT8dMMuvVSw0I54IxRtoVvfFkTpjZuw6Z_3t3G0oj-KItZW9tJaM4oI7q9SwCndGZlAYMXhr-PtGDiUD-ashDowF5abhXkSeej-ZsqSz34oigTCLpMGpwxnu_jyaeGSJRfEisxGr4axuI8
Requested by
Host: 1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
URL: https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pvClk.min.js
analytics.webgains.io/ Frame 7CA1 		51 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1j4kbfxyezpjrx1hgjdvwnae8ve55yjac2axg4cawq5942vc0gr9jkn1t1qx1ect81e887dcga0t6dtjhwy1xwjzkzzqr28tz5pdzx6rxdqre1jha9fpn9tf4ewvbcp2vpj1xwhhwj4k3yyw8zz88czp2h9hmnesm4sjvbczv7948wzz7c24qdda6wkfr88bweqra1xh69851bbzq3680dr7q83qr80d879ds8dyd3m31txw80ksncgy358kk9h49e9h4myzs04zc06t94546b72f0e28x4gnr6emp429d07frsq%26a%3Dhttps%253A%252F%252Fgoogleads.g.doubleclick.net%252Fdbm%252Fclk%25253Fsa%25253DL%252526ai%25253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%252526ae%25253D1%252526num%25253D1%252526cid%25253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%252526sig%25253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%252526client%25253Dca-pub-5512390705137507%252526dbm_c%25253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%252526cry%25253D1%252526dbm_d%25253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%252526adurl%25253D&clickref=oneidqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3oneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&viewref=oneidYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sroneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-120.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id
snQAK.nud_Ry1pExcABmNeZsZtrLXsiU
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
last-modified
Wed, 23 Mar 2022 11:22:01 GMT
server
AmazonS3
age
2813
etag
"101c8120dbcfdb729e8ebf54cc77d0cd"
x-cache
Hit from cloudfront
content-type
application/javascript
date
Sat, 30 Apr 2022 05:03:40 GMT
x-amz-cf-pop
DUS51-P1
accept-ranges
bytes
content-length
52083
x-amz-cf-id
fda0u6F6KExosuQgK_ouv-X81h9zIiZNF4bEi6lzYXJVGbhCu2zyRg==
link.html
track.webgains.com/ Frame 7CA1 		85 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track.webgains.com/link.html?wgcampaignid=1384975&viewref=oneid5pBSXfEfKWkaWC7HMt3tE3QaYSVTVmRUmqxoneid__asuidJ-t5STQoPSyWosB4UwimKb4hyXalPxC9asuid__suite_Netmix_Reach09_Mweb_PRIVATKREDIT&wglinkid=713569
Requested by
Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=19491%2C24673%2C22451&b=JePCzf5fqP9tBH6H7tptppVfxSgTJpuX%2CYGdHrf3f85xFVH9HetQtRBqfkS1Tj3sr%2CR6KugfQf6WbFkHwH3tQtPzJu9SzT4df7&f=Ge3CBfpfqKPtKHeHGtBCppQfZSYTkYSE%2CqVeTmfWfwJBtZHgHDtRCXPzfeSgTzPT3%2CQeXC4fjfjMJCxH5HYt9C83Xc6S4TEYHV&c=970&d=90&e=zMVor6D-0FB_1VGPVCu2B6wMQvnBR0fy&g=0cae01e27573229ca9db182815d8a3f8%2F78891759214588162&i=20773%2C20430%2C25174&j=14%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dbm_Netmix_Reach05_DC&r=1651297832046&h=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%253Fsa%253DL%2526ai%253DCN-J3J85sYr7kD9CK7_UPhs-HKIbr0-1pjIfYpNYLpKjv7cAaEAEgqoDDImCV4pCCoAfIAQmpAnSt0hposLE-qAMBqgTmAU_QU0uG3UKpcWQq-FPZ-tfKbM_lkALK4VY9g3dDUrMfgm-VT35DlpQq7Y12pCo6UJyhsbcudKZBCY9PT4y6SZ8lhbnyT7LDFF0DtyCitHx_LaGaXsGZ_tGeFMI8u0C14ReF9LGb0m0iMWhi3vLLkFvIbYrjJrDrK3yLJxoQCst5YeOGma4r-ZvSHLEFp7SLAsR9YsKZqfmmuP7Dx1aeMRWX-BFcg1ssMeARRthtCMN8oQK-uv7Vvio10cS4wZKRylwnSc-qcyhrQS209BAhguxUO-BijcNCKB2U3c8AwR8ZKgM49-wAwATzmZnQoAPgBAOQBgGgBk2AB-qTn0OoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIiOGAEBABGB3yCBthZHgtc3Vic3luLTc5NDQ3MjY3MDA2MDQ3MDGACgOYCwHICwGADAGwE_qo1AbQEwDYEwOIFAHYFAHQFQH4FgGAFwE%2526ae%253D1%2526num%253D1%2526cid%253DCAASJ-RogO-mDcK91W_7BuLXsJCq7nKUuVOdM1Y0fthDc8df4peZy8g7dg%2526sig%253DAOD64_3MCO1t-Jl26ZRh6ekyLPdKL-0a8Q%2526client%253Dca-pub-5512390705137507%2526dbm_c%253DAKAmf-CwFytXz3hmmWtPaUGb2F9yG5aQRXgL1hPomX0-CLq2ebGufki1kCwMApMUY8MIK5vC-F-Uxvv-gYNMsfpgtFFXM6AnB8BNfxjVdqLJnIwh_CMl0JKaz3tABGRGnI2OxAo2pPlQIEI-H8qzG7ZjfPeKVYnWTA%2526cry%253D1%2526dbm_d%253DAKAmf-Cp0VPGN0SbpDa8nBVUKyQlyIpN0plzhnSAeflUI14-cCFHU0MqeC7eF-FjVVbOHAFdOBzMl6SovjR1L70hDLGfdXZL2GUqM-tFiVuiwK-IR2mC5Vmdt3cUV9YIHRubdLRRF137gsnrhVKG3QanbAyRESYg2AVNS3lRRwCacF1XMc8fPorcXzjoWd1sdvKVhWEd4ao8G_SktnWPXAD8ptL_ZLhPYguEnDXXR0jQS3tpwYJqcCLDn3C6Q1FuILt3eO7YHwsvShT10eB5hmqAtCQEJLgQW-hsZCmkYYLCeJsDi6ptuHxH4A_yELvUVpgyPF2bNA0junc3SJ_Q2tR2iRsKTrOJol6wgDcx75qzC2Wl8QK25uU7CR4jsQdczDSEAK6S-6VyP4lXFFZp0CmM5Y24Qj1JZfIk-67lEKsjXToUCN1-ULojvPrlP8sG804pe7nq_a_M7mV1CGy-o5Puj-oikkTnN2M_Dr5YWmwhWpTTqZvr0hPUeKM9f9e-a7Gm4MEZEsIj%2526adurl%253D&y=1&z=0
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.236.13.147 , United Kingdom, ASN12703 (PULSANT-AS, GB),
Reverse DNS
46-236-13-147.servers.dedipower.net
Software
Apache /
Resource Hash
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:32 GMT
Last-Modified
Sat, 30 Apr 2022 05:50:32 GMT
Server
Apache
Transfer-Encoding
chunked
P3P
policyref="http://www.webgains.com/w3c/p3p.xml", CP="NON DSP COR NID ADM DEV CURi OUR NOR COM NAV"
X-WG-cache
hit
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
close
Content-Type
image/png
Expires
Mon, 26 Jul 1997 05:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 91AD 		0
26 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstgJZOfysqvEuB7WPIMX_QXIFG4kC74cdXKwsHiiyVO2YmdvCuCsN6Ck3f3FOOB5hiYW4Av4XqdA31M881ELHJ5fUpTT22eiZafGug6rZS8HEIaMrfr46H3MOXczSdxhx9shEZXOzAL8K98Jq7D37K5xPrI0T2hU9GJNhJYTyjC5QU-pRhiKyDyRCgO15TGa3NguTqMjM8M_MiHSv3B65yb1dvNlnoepJ4Q4rwF2pA-vI69E7FoZ-ks_K18fGuSg-Qft6vqb5XMsSD2QYHTMMiHdnwcaOi3fVC6BxRiLEVvW1QIGEkOBeSwZFvrIki8yw0TEtpE_j-iAr2O4YyNWjKdnaCCkJrapCipO4-p8LeYBUcGQp3B4yTmJr28O8E2aR45PgApMiJFvLHL_C6CR07XbNFLT2HVCgWKtqk-iRyHdQt-CVwASRO-Y5gf8UZC-edWuDEilEf98SVpqH3C9_4gRZMI_Ov7JQbM1Ai51rdM-BbByxB8UsO3wG4yq0fXe8tF0NaN9G7VDzhEOrAbEzKFTHqUqKr7uHSE4xzbhaGOx6ZKY4sYx8b_6QDxoGJDzv4-TyCpEibQbIwsvsphSqpJdiFOMONRCiKa4czm1vjDBaaBiNqjxhhTN4JV4vqvsUIKXWaORCgrzULtzNGOb0ob9BpcixIwoipudJBIXKRg8QQYsSIx6-fc3wzEhboJ_2K8eh8Z2NeFI2SHDFHTChioXjauuCUK2fmBD9e3hX0lZzKnfHKf9qMeOUhivezzOQUjZe77TLaLf7NJchESVGhZMGxegcisq07rR3cgVKN2QK0Ev0eQP9QZycAUYe7rQPVYBjA6v2M7eXj9YAeTuJZrBsZbXRceTYU71M974foYRilWRgj34bL_s9n6ySukA3aaS7p-qRN2SUor8bjOsrRdOd1KQN6upvLKL04FIKVnj7WveysKNt44TCgtz0bnbm7jIT-Wbz3HStVk9_mDNDVaxQu3BG0EH7tbWFl05gFDdZnU5DiDkwtPlzhwfPJsoY1z5QAKBV4gUjkfTvBcVHH7NATwrPXxJN7M460pqAEWuUrEGZOU6meYONBjTeXP8e8EsIbfQaoCzyhlIPBNZrfHosDcuBLiiSljbi6Dbiq3YJZWAQHOoHnLkMRDuAEyZHYCkJEGbBiHm0oTAXTsaH6CqqRdCjUtOSdIwBIPZCNc0TxUT91F0htBrZgRcROl7534y4NWAtrIJ7mhJfOBl2-zBiuxzJamlwwlIPRruSwB6vxvOfbsE5XV4AE_wvfKSdI_-DQJx5-x75VvNE9HdhxB_vaW4RN8NM4RzapK3JokPz2LeUW9ejs-P1nVbDXSTGjSolNTUOT8_qa7UuZV18u856AIYMvKnYNFZcNoKrK_5pqXijIs35KuTe3qeAUG&sai=AMfl-YRKZ6IV4ocKBFZUa7EO95CuvzLeKpbbI1_L-WPRN62iDe7EY7-6FVbmrXfAoH2X5FPxngV05h_wGj4M4TxONsWgsRKnzZURRoh-NIj5PuRHTD6CCKMcRN5UAugrVraId4Q8SyNNFJzdb_mGbHc17kZOD9gLpmV05l_j_dppNM4zs5gOBkyxdE55FSRxGWDyk7MpVtgY5NF1Nc-aZskIeyRfSQzg1d1bxSwrBhldlbEKTPes&sig=Cg0ArKJSzPATgtUzc1PlEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=481&vt=11&dtpt=252&dett=3&cstd=225&cisv=r20220427.32434&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=
Requested by
Host: ko.cm-ob.pt
URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:32 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
sodar
pagead2.googlesyndication.com/getconfig/ Frame 91AD 		7 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
800585df7428f9c9f0c87748295ca2208eb2b07018d0b031c317b894cfeee151
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 05:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5445
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ Frame 91AD 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 05:50:32 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 05:50:32 GMT
nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
pagead2.googlesyndication.com/bg/ Frame 019C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/nzSewf41wl2BVJkwxVV_7a6HO8nVCXbzOneYH_Xeelk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 12:43:19 GMT
content-encoding
br
x-content-type-options
nosniff
age
61633
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13484
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 12:43:19 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 91AD 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv1oLowzCFuqjjn1jorW1RRUdgV-ybla5G_l84ecO_WMKlK42EZfEh8hadEagA2v-3CQwSkPQBwozlqpR62Xm8ITm_bV0m-nCiAvsO_nrDuwGl4VMN43qheKtmw&sai=AMfl-YS4oCmESExcB65mA_d2uh9IODqayzFSvsth0svSROdmhq8Bkfg_lTWn59NBSHdK6wFx9mVcCEe79RX-SmI0wWUZTkZTnK9dfggV2H7Wd5t2lEW2_22-LAm08-eP&sig=Cg0ArKJSzDHUrda09BafEAE&cid=CAASJeRomJfFE6RU-7eoH0RLHHixgryjrm3dkORXbj3nFfmCspwErCg&id=lidar2&mcvt=1073&p=1001,574,1251,844&mtos=0,1073,1073,1073,1073&tos=0,1073,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=0.8&if=1&vu=1&app=0&itpl=20&adk=2126724386&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651297831837&rpt=259&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:33 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tracking-event
api.webgains.io/ Frame 7CA1 		16 B
232 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
application/json

Response headers

date
Sat, 30 Apr 2022 05:50:33 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/7.4.26
x-frame-options
SAMEORIGIN
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.212.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-212-160.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://as.ad4m.at
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers
Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Sat, 30 Apr 2022 05:50:33 GMT
server
nginx
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fko.cm-ob.pt%2F&domain=ko.cm-ob.pt&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=bWUwxHxkVEIxNnlQOWFBU3lhOWFmcDl0K2puTWJ5RmMvcWVCeC93dk5iUWE0ZHdQWVhyVXFUMEkrbnYzcGY5UEpkVVVNV3FpSnlRckdyY2VLME1aK2tjaHJ3a3MyR21tWnYyODlDaFdYb0VnSXl0OFpZSnZZNi8veWt1Wk...
345 B
615 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bWUwxHxkVEIxNnlQOWFBU3lhOWFmcDl0K2puTWJ5RmMvcWVCeC93dk5iUWE0ZHdQWVhyVXFUMEkrbnYzcGY5UEpkVVVNV3FpSnlRckdyY2VLME1aK2tjaHJ3a3MyR21tWnYyODlDaFdYb0VnSXl0OFpZSnZZNi8veWt1WktmUUVSYU9tcGJSL1BqRnUzbGlnbW1UUUxzNk9uc21OeHRyVWRKUUpGSERIc1dXNFBxdVA5MEJxY011OVR0SUkwUGJMWExBbnZEeWFBVWtQaVU0bVpaRmFVaUdkekhGOXBPY1ErZlJNMGdkTUtNUWtVYnVrPXw&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
49f1f1227656f341460fd8a3ab951a497d7295c49c4b64b637f3462d8f80254c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ko.cm-ob.pt/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:32 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
2969
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:33 GMT
location
https://mug.criteo.com/sid?cpp=bWUwxHxkVEIxNnlQOWFBU3lhOWFmcDl0K2puTWJ5RmMvcWVCeC93dk5iUWE0ZHdQWVhyVXFUMEkrbnYzcGY5UEpkVVVNV3FpSnlRckdyY2VLME1aK2tjaHJ3a3MyR21tWnYyODlDaFdYb0VnSXl0OFpZSnZZNi8veWt1WktmUUVSYU9tcGJSL1BqRnUzbGlnbW1UUUxzNk9uc21OeHRyVWRKUUpGSERIc1dXNFBxdVA5MEJxY011OVR0SUkwUGJMWExBbnZEeWFBVWtQaVU0bVpaRmFVaUdkekhGOXBPY1ErZlJNMGdkTUtNUWtVYnVrPXw&cppv=2
strict-transport-security
max-age=31536000; preload;
access-control-allow-methods
GET
content-type
text/html; charset=utf-8
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1475
content-length
482
expires
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fko.cm-ob.pt%2F&domain=ko.cm-ob.pt&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://ko.cm-ob.pt
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://ko.cm-ob.pt
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 30 Apr 2022 05:50:33 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1138
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 4E7A 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 30 Apr 2022 05:50:33 GMT
ETag
"623de86a-cf34"
Expires
Sun, 01 May 2022 05:50:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 21B2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 30 Apr 2022 05:50:33 GMT
ETag
"623de86a-cf34"
Expires
Sun, 01 May 2022 05:50:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 3129 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 30 Apr 2022 05:50:33 GMT
ETag
"623de86a-cf34"
Expires
Sun, 01 May 2022 05:50:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 48AB 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: get.optad360.io
URL: https://get.optad360.io/sf/prebid5.14.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://ko.cm-ob.pt/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Sat, 30 Apr 2022 05:50:33 GMT
ETag
"623de86a-cf34"
Expires
Sun, 01 May 2022 05:50:35 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 4E7A 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
333118c0-7f03-4b65-bc19-6fb4f2489f3b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=bWUwxHxkVEIxNnlQOWFBU3lhOWFmcDl0K2puTWJ5RmMvcWVCeC93dk5iUWE0ZHdQWVhyVXFUMEkrbnYzcGY5UEpkVVVNV3FpSnlRckdyY2VLME1aK2tjaHJ3a3MyR21tWnYyODlDaFdYb0VnSXl0OFpZSnZZNi8veWt1WktmUUVSYU9tcGJSL1BqRnUzbGlnbW1UUUxzNk9uc21OeHRyVWRKUUpGSERIc1dXNFBxdVA5MEJxY011OVR0SUkwUGJMWExBbnZEeWFBVWtQaVU0bVpaRmFVaUdkekhGOXBPY1ErZlJNMGdkTUtNUWtVYnVrPXw&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Sat, 30 Apr 2022 05:50:33 GMT
expires
0
pragma
no-cache
server-processing-duration-in-ticks
1330
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
async_usersync
ib.adnxs.com/ Frame 3129 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
539755b2-8d10-431a-a8ab-d7ebde38509e
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 48AB 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
547bbd92-3e22-4163-ba71-314be566eadd
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 21B2 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:33 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
9d5f7820-0a60-4e59-953a-5cded7e20ca9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARg...
ade.googlesyndication.com/ddm/activity/ Frame 5F03 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,232,293,739%26tos%3D2086,0,0,0,0%26mtos%3D2086,2086,2086,2086,2086%26amtos%3D0,0,0,0,0%26mcvt%3D2086%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2250%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D204%26dur%3D12010%26vmtime%3D2258%26dtos%3D2086%26dtoss%3D1%26dvs%3D2086%26dfvs%3D2086%26dvpt%3D2250%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2086;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1651297832214;ecn1=1;etm1=0;eid1=200000;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 5F03 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvfq0GyxNQDOgxtzquC5eSOfgqByjd5g2p4JT1JlW8YypEyb3tL4CTHRaQE_gyQucHcx02ZoPzvPDLS-vVecHVHGkxbBEUsWSzKCewmWHo61-YwrpTGfeirqRy8&sai=AMfl-YRDpIXLNP6vJ_AXPSaLvt00h3Cn4P5O-G9G-inM6GUXjzYYCNbPUHZfNX6raokuo1vFXNoc5PGNmiMsfa-XLIfvgQ-iI77x-Glt_MHpzuu8wzY5sROCze55_nUK_g_J&sig=Cg0ArKJSzJLnRVz7fDKqEAE&cid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw&id=lidarv&acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D9%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,232,293,739%26tos%3D2086,0,0,0,0%26mtos%3D2086,2086,2086,2086,2086%26amtos%3D0,0,0,0,0%26mcvt%3D2086%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D2250%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D41%26pst%3D204%26dur%3D12010%26vmtime%3D2258%26dtos%3D2086%26dtoss%3D1%26dvs%3D2086%26dfvs%3D2086%26dvpt%3D2250%26is%3D275%26i0%3D18%26ic%3D16777473%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D7%26psv%3D6%26psfv%3D6%26psa%3D0%26pngs%3D9,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,2086&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1651297832214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:34 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 5F03 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CkTgvJs5sYtKuMP-f9u8Ph8Sw0A70uZjmaJKHxcbtD42A5LbrAhABIKqAwyJgleKQgqAHoAHc-Kq7AsgBBakCdK3SGmiwsT6oAwGqBJcCT9Bu-eTxAHC6tTdc3QvO-bnNd_HSTYAoR_xa7QeAheu5H6KD8nQc--3VvOmLEV1eRNvRBxmEAuQDBMDEJbkVLKdBP3OHYA521UQ8OZnJCcqfr9CYtXQKx7Iu42T-DK-kcBoXc7ZY8AG-jvCEk8wM-T6ip43W2nEIcQoV2glJWpJE85V1nczQsFnynD1B3Jx5AhM0dsjc5ct-fc_Ab_xrBGD19zHtQi_L8PJonA8FcX_pCQg1_2bsvJyFa4vbUESYqZEBFIMAnc7_thUqYvOcHPkbHTTeCRbt7XV8hcHnkhsPvo_EGGGbmf1ocDpgL1RCfaWuGWUqlXVR5Gn_98k0qNHQwsItw4d5_CAF3Ni_lgih3raYANI_wAS2r6rH7gPgBAOIBaiKlao9kgUGCBsQAhgBkgULCCIQAxgBSOzMqgGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQwMkdGOqO2MMB0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsBsBPNoeMOyBOvyM3fA9gTCogUBtgUAdAVAYAXAbIXHgocCAASFHB1Yi01NTEyMzkwNzA1MTM3NTA3GJLvIQ&sigh=3RJwCPyEm9c&vt=1&uach_m=[UACH]
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
async_usersync
ib.adnxs.com/ Frame 4E7A 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b147e044-ea1b-4448-a057-91b0c4fec7be
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 3129 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
5c77ac10-203d-4447-908b-19ba55152906
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 48AB 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
d78c400c-7be5-443d-82d9-63ed80c9235f
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 21B2 		0
747 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.223.38 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 30 Apr 2022 05:50:34 GMT
X-Proxy-Origin
185.213.155.176; 185.213.155.176; 400.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2c7c2db8-29e0-4d72-9ac1-1e121fe54b9b
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARg...
ade.googlesyndication.com/ddm/activity/ Frame 5F03 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI5Zu45Yu79wIVzOEbCh36CQ2PEAAYACCSlfxPOhoIh7-AxQEQtq-qx-4DGK_Izd8DIJKHxcbtD0ITCNLZ_eSLu_cCFf-P_QcdByIM6g;dc_rmcid=CAASKORoORV814b5FsxWyub8Weft61xWPP0SKO8OgzphV0rMiLrumavC1Cw;eps=CIjhgBAQARgd;met=1;acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,232,293,739%26tos%3D3032,0,0,0,0%26mtos%3D3032,3032,3032,3032,3032%26amtos%3D0,0,0,0,0%26mcvt%3D3032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3196%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D204%26dur%3D12010%26vmtime%3D3206%26dtos%3D946%26dtoss%3D2%26dvs%3D946%26dfvs%3D946%26dvpt%3D946%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3032,3032,3032,3032,3032%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3032;gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1651297832214;ecn1=1;etm1=0;eid1=960584;
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/interaction/ Frame 5F03 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/interaction/?ai=CU6m1Js5sYtKuMP-f9u8Ph8Sw0A70uZjmaJKHxcbtD42A5LbrAhABIKqAwyJgleKQgqAHoAHc-Kq7AsgBBakCdK3SGmiwsT6oAwHIA5sEqgSWAk_Qbvnk8QBwurU3XN0Lzvm5zXfx0k2AKEf8Wu0HgIXruR-ig_J0HPvt1bzpixFdXkTb0QcZhCLkscB6wOF7hsbX7KwvPEGkHlzLfOLAwAnKhK_QmLR0F8d7LhYnCwcvZIEZYvCyGCQCS83RBGbP-Xo-olKOI9lxCIQJ4NkJSa-TsfCVd2jPJbNY8mk-iNidi88nBRSDrtJTMC_L4M_zFVr5aLXH1VgVw_DUaYwPI3BH6ZSglP5jbIIshOe-1lDlkpSv4RKEgP0NeemSR9WXkXlHnxf5ltEe7y38lTgGd6sgrMqAiZN_FpLAXussnBxdMd6bJbBNCJV-QgBa9oRqAIrR3NZXJv6x4sgCBdLOBOIH7FUoA-4owAS2r6rH7gPgBAOQBgGgBnaAB4yH1cQBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhuoB_PRG6gHltgbqAeqm7ECqAffn7EC2AcA0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi03OTQ0NzI2NzAwNjA0NzAxgAoDyAsB4AsBgAwBsBPNoeMOyBOvyM3fA9gTCogUBtgUAdAVAfgWAYAXAQ&sigh=XfsOQlRFsjI&label=videoplaytime25&ad_mt=3207&acvw=sv%3D925%26v%3D20220418%26cb%3Dout%26e%3D1%26nas%3D1%26if%3D1%26sdk%3Dh%26p%3D8,232,293,739%26tos%3D3032,0,0,0,0%26mtos%3D3032,3032,3032,3032,3032%26amtos%3D0,0,0,0,0%26mcvt%3D3032%26ps%3D-12245933,-12245933%26scs%3D1600,1200%26bs%3D0,0%26vht%3D0%26mut%3D0%26a%3D0%26ft%3D0%26dft%3D0%26at%3D0%26dat%3D0%26as%3D0%26vpt%3D3196%26gmm%3D4%26efpf%3D2%26nio%3D1%26vmmk%3D52%26nmt%3D0%26tcm%3D1%26bt%3D43%26pst%3D204%26dur%3D12010%26vmtime%3D3206%26dtos%3D946%26dtoss%3D2%26dvs%3D946%26dfvs%3D946%26dvpt%3D946%26is%3D275%26i0%3D18%26i1%3D275%26ic%3D0%26cs%3D16777491%26c%3D1%26mc%3D1%26nc%3D0%26mv%3D0%26nv%3D0%26qmt%3D3032,3032,3032,3032,3032%26qnc%3D0%26qmv%3D0%26qnv%3D0%26lte%3D-1%26ces%26avms%3Dnio%26qi%3D590625216%26psm%3D15%26psv%3D14%26psfv%3D14%26psa%3D0%26pngs%3D9s,14,15s%26veid%3Dumt%3A1,xdi%3A0,mvp_lv%3A1%26ssb%3D0,0,0,0,0,0,0,0,0,0,3032&gv=atos%3D0,0,0,0,0%26avt%3D0%26davs%3D0%26dafvs%3D0%26dav%3D0%26ss%3D0.07%26t%3D1651297832214
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 05:50:35 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		626 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/svg+xml

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cm-ob.pt
URL
https://cm-ob.pt/template/fonts/icomoon/icomoon.ttf?6tt51o
Domain
fp.metricswpsh.com
URL
https://fp.metricswpsh.com/fp?tag_id=5166
Domain
cm-ob.pt
URL
https://cm-ob.pt/template/fonts/icomoon/icomoon.woff?6tt51o
Domain
banner.congstar.de
URL
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1651297832_72b4c4a0-c849-11ec-8f9a-2230a0859272
Domain
sync.srv.stackadapt.com
URL
https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESECKFXnrl2UJyyjN1wDF8zAA&google_cver=1&google_push=AYg5qPJPnLm34E4zigC2L3hBcvBLOfOSHV46Xi-u6lvXUqWaTQ4HDHGDx6jqCK7lKoVpIEgvgFOIuxz8VOG-cE7I3VIiL1K5lgoq

Verdicts & Comments Add Verdict or Comment

111 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails object| __adFormats object| __formatsGetters object| AdManager object| a3klsam object| AdSlotCollection object| WebComponents function| __CE_installPolyfill object| ShadyCSS object| regeneratorRuntime function| setCookie function| getCookie function| createGeoRestrictionCookie object| Sk boolean| __isGoogleAllowed object| googletag object| pbjs325474 function| $ function| jQuery function| Popper object| bootstrap function| Waypoint function| Stellar object| AOS function| onYouTubeIframeAPIReady function| uncamel function| setUnit function| setFilter function| isTouchSupported object| ytp function| getYTPVideoID string| nAgt function| getOS undefined| nameOffset number| verOffset number| ix undefined| start undefined| end function| Scrollax string| waypointContextKey function| get_real_link object| __SKIM_JS_GLOBAL__ object| skimlinksAPI object| __twttrll object| twttr object| __twttr object| __s object| instgrm function| pbjs325474Chunk object| _pbjsGlobals object| ADAGIO object| ggeac object| google_tag_data object| google_js_reporting_queue function| tcpusher undefined| google_measure_js_timing object| urls number| atr boolean| busy function| AdPlayerPro object| sas object| apntag object| _ADAGIO object| DMVAST function| playerPro object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| gaGlobal object| GoogleGcLKhOms object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator number| google_srt function| mb function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| ampInaboxIframes object| ampInaboxPendingMessages object| google_image_requests

30 Cookies

Domain/Path Name / Value
.mos3.biz/ Name: uuid
Value: 132d4b1b-6978-4663-97d4-7c1d1f59153f
ko.cm-ob.pt/ Name: __oagr
Value: true
.youtube.com/ Name: YSC
Value: yHO63s59nkw
.youtube.com/ Name: VISITOR_INFO1_LIVE
Value: HEpytNdQBTE
ko.cm-ob.pt/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.adnxs.com/ Name: uuid2
Value: 7410222734696658611
.adnxs.com/ Name: icu
Value: ChgI8Jt7EAoYAiACKAIwppyzkwY4AkACSAIQppyzkwYYAQ..
prebid.a-mo.net/ Name: __amc
Value: 2_1651297830_1651297830
.doubleclick.net/ Name: IDE
Value: AHWqTUl-rAJumggaMxQJWso6gGHdE0tsBVUl0hHw5dCNx3OGhik1j1mghLQTTq5OiZg
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: YmzOJ-RHwBmGHqiSmhktTwAA
.casalemedia.com/ Name: CMPS
Value: 3276
.casalemedia.com/ Name: CMPRO
Value: 1209
.casalemedia.com/ Name: CMST
Value: YmzOJ2JszicA
.cm-ob.pt/ Name: __gads
Value: ID=ad8318f160aaf3b3:T=1651297830:S=ALNI_Maz_VI-5U9UggoRUsnF2VPPSjAFBg
.casalemedia.com/ Name: CMRUM3
Value: 2d626cce272760CAESEI6NSQTPLR-YQzXL2arBVy4
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2E>?f3XBB!]tbPl1M>e)ZlrFUfJ+tGXvX+^/WrOIK<3dbWk>.@Ms^#Tj3jbYZUJaVo^S93If)y3KL9D3I?+K'n1/+
.sharethrough.com/ Name: stx_user_id
Value: a24abe8b-456a-478c-808c-91936c2eeefa
.yahoo.com/ Name: A3
Value: d=AQABBCjObGICEFQglrRO6C38itcRU-YgfJwFEgEBAQEfbmJ2YgAAAAAA_eMAAA&S=AQAAAuWkk1O0epiPgiPJWk0jc4M
.tidaltv.com/ Name: tidal_ttid
Value: 10954764-31bd-4606-b4e7-58f1880e6145
.blau.de/ Name: nscT486
Value: v01MTQyMTExMzExMTExMTExMTEwMTQyMTU0MDAwMDAwMDA2MTY1MTI5NzgzMnZsZWExZGUyMDIyMDQzMDA3NTAzMjY3ODc5NjIxNjQ1WDExMzc1MlYxMjI1MTMxMTA2TVNvbmVpZEplUEN6ZjVmcVA5dEJINkg3dHB0cHBWZnhTZ1RKcHVYb25laWRfX2FzdWlkek1Wb3I2RC0wRkJfMVZHUFZDdTJCNndNUXZuQlIwZnlhc3VpZF9fZGJtX05ldG1peF9SZWFjaDA1X0RDMTEzNzUy
.blau.de/ Name: nscQ486
Value: V
.blau.de/ Name: webShopPV
Value: ?partnerId=BLU_AFF_POV_EXA_35008&mediacode=AFF_la_113752_-HTLP&utm_term=AFF_la_113752_-HTLP&utm_content=BLU_AFF_POV_EXA_35008&spid=2022043007503267879621645X113752V1225131106MSoneidJePCzf5fqP9tBH6H7tptppVfxSgTJpuXoneid__asuidzMVor6D-0FB_1VGPVCu2B6wMQvnBR0fyasuid__dbm_Netmix_Reach05_DC&wfid=113752
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjQwtjI0sgAAMYSjRwkAAAA="
.awin1.com/ Name: awpv11938
Value: 412871|1651297832|72b4c4a0-c849-11ec-8f9a-2230a0859272
.awin1.com/ Name: AWSESS
Value: 367022:2542680
.c.appier.net/ Name: _auid
Value: teDv04aTDp6PcZ28KM5sYg
.c.appier.net/ Name: _gu
Value: CAESEKqx4q4tvwHQdSvQmDAAZj0
ko.cm-ob.pt/ Name: cto_bundle
Value: LY5fjV9LdXlNdzNzRXVDNXJIaEo3eEw1bW55T0RONGhHRmZkdlBQd3draGRJa2ZKUVd1NmVWZXYwdDA5TG1vdE9qTDNwQSUyQlNlMmF5JTJGTmk2NlJCZXJ3amZseEs0QWl6dVJQcXlpNE94aXBNUTVUeHpFRnpOME5nUmhrbVdYRUJSUUlTdlA
ko.cm-ob.pt/ Name: cto_bidid
Value: -LmXkV93b3NZbk1uUnB0YzU1V21CUGV5ZlV3ZnRXUzQ1NnFQcWpYUldWJTJGa0klMkJSaU5PUEJHYyUyQlpLZlVnWGNONDRzUmpGMXdQdW9EaG42MUFKc1l6QTJQWGQ2dyUzRCUzRA

8 Console Messages

Source Level URL
Text
javascript error URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Message:
Access to font at 'https://cm-ob.pt/template/fonts/icomoon/icomoon.ttf?6tt51o' from origin 'https://ko.cm-ob.pt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm-ob.pt/template/fonts/icomoon/icomoon.ttf?6tt51o
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Message:
Access to XMLHttpRequest at 'https://fp.metricswpsh.com/fp?tag_id=5166' from origin 'https://ko.cm-ob.pt' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values 'https://ko.cm-ob.pt, *', but only one is allowed.
network error URL: https://fp.metricswpsh.com/fp?tag_id=5166
Message:
Failed to load resource: net::ERR_FAILED
network error
Message:
A bad HTTP response code (404) was received when fetching the script.
javascript error URL: https://ko.cm-ob.pt/will-there-be-sicario-3
Message:
Access to font at 'https://cm-ob.pt/template/fonts/icomoon/icomoon.woff?6tt51o' from origin 'https://ko.cm-ob.pt' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://cm-ob.pt/template/fonts/icomoon/icomoon.woff?6tt51o
Message:
Failed to load resource: net::ERR_FAILED
other warning URL: https://cdn.ampproject.org/rtv/012203150226000/v0/amp-ad-exit-0.1.mjs(Line 1)
Message:
Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1fef406a24614262cbbf4c3ef990e1f1.safeframe.googlesyndication.com
a.c.appier.net
aa48423cd0.6374870abd.com
acdn.adnxs.com
ad4m.at
ade.googlesyndication.com
adservice.google.com
adservice.google.de
adx.adform.net
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
bid.g.doubleclick.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm-ob.pt
cm.g.doubleclick.net
cmp.optad360.io
csi.gstatic.com
dsp.adkernel.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fp.metricswpsh.com
gcdn.2mdn.net
get.optad360.io
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
i.ytimg.com
ib.adnxs.com
imasdk.googleapis.com
jnn-pa.googleapis.com
js.wpadmngr.com
js.wpshsdk.com
js.wpushsdk.com
ko.cm-ob.pt
match.sharethrough.com
mos3.biz
mug.criteo.com
na.nawpush.com
notification.tubecup.net
p.skimresources.com
pagead2.googlesyndication.com
partner.blau.de
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-eu.creativecdn.com
prebid.a-mo.net
r.skimresources.com
r1---sn-5hnekn7l.c.2mdn.net
r3---sn-5hnekn7l.c.2mdn.net
s.skimresources.com
s0.2mdn.net
script.4dex.io
securepubads.g.doubleclick.net
serving.stat-rock.com
ssp.adriver.ru
static.doubleclick.net
sync.srv.stackadapt.com
sync.teads.tv
sync.tidaltv.com
syndication.twitter.com
t.skimresources.com
tpc.googlesyndication.com
track.webgains.com
us-u.openx.net
www.google.com
www.googletagservices.com
www.gstatic.com
www.instagram.com
www.lead-alliance.net
www.telefonica-partner.de
www.youtube.com
yt3.ggpht.com
banner.congstar.de
cm-ob.pt
fp.metricswpsh.com
sync.srv.stackadapt.com
104.244.42.72
139.162.84.221
142.250.185.98
142.250.186.130
142.251.5.155
144.76.120.254
145.40.89.200
151.139.128.11
159.69.161.138
161.35.86.105
172.217.16.130
174.137.133.49
178.250.0.157
18.66.248.120
185.184.8.90
185.33.223.38
188.166.135.13
23.35.236.188
23.35.236.247
23.35.237.56
2404:6800:4015:801::2003
2600:9000:206f:800:11:a4de:2580:93a1
2600:9000:223c:de00:6:b871:4f00:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700:20::681a:9a9
2606:4700:20::681a:ad1
2606:4700:3033::6815:2f7c
2606:4700::6810:5714
2606:4700::6811:190e
2a00:1450:4001:800::2001
2a00:1450:4001:801::200e
2a00:1450:4001:802::2001
2a00:1450:4001:802::2002
2a00:1450:4001:808::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::200a
2a00:1450:4001:80f::200a
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2006
2a00:1450:4001:810::200a
2a00:1450:4001:810::2016
2a00:1450:4001:811::2002
2a00:1450:4001:812::2003
2a00:1450:4001:813::2002
2a00:1450:4001:828::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2006
2a00:1450:400e:a::6
2a00:1450:400e:a::8
2a02:2638::1c
2a03:2880:f22d:1e6:face:b00c:0:4420
2a05:d018:24:b001:736:16ab:a44d:3496
2a05:d018:d29:3601:cf48:bf87:67aa:ca6e
3.127.173.196
34.98.64.218
35.190.59.101
35.190.91.160
35.201.67.47
37.157.2.234
45.133.44.24
46.236.13.147
54.76.212.160
81.222.128.213
84.200.5.215
88.99.63.132
03a17600280b4d4894f4d0f00e905773caa38ee4667161d9beeba24b68051310
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
0521f51eafc20f3c9fe88c29186358b8e53ade4dda9e0611bb22f6ac36acb540
072214cac2642148ff8266b18c82fdc64428932369da84dec0562cf01ca58d32
0722a78a7564b24fe7d3796803dab12ac321c9e1b20ed3de80fed97b0f289b2c
073517305a0733b07e3c478d7b09562faa4fc17f469dcbd68ecb45961cc709c8
08b5e4857b51f51f8c9793a0b76d9d42524bfeea16fd692e62964d8d35a84a1d
0a3c2618b25badf3965912144424d8b551ffaa90ed61ede336fa89c203f3cf3f
0b43999f77e447254a78e068f55a6cc9075071b252277337b901e095e607e474
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca10549df770ab6790046799e5a9e920c286453ebbb2afb0d3055339245339
0d1ff32dcb6cc66dd2e38cde136e6718c33441e628e8f2959ae341e9d2e2e9e4
0d860e352529bca1f3289abf6b57ad8fff69032e2c4d98cf09e4ad3d6650f3b5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0ecc736da7b03b41727b6dc4cacaefdd11c377a4cc52e43dabe676221c614f8a
114484b6bcaa6c2e7ac8301929d6bcda18a7f71924a835c2e6c01fdbd6421f5b
11b4c308f296c85e0d4ae027ae331c944370dfcc17bdd2cc4ca88c10ae8a8638
11c19392554c9b78c15771afa8f9fbfc78e0e46ca9527831f90ae41f95da73b8
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1530691d7096753c4a33ff3d11be983fbec896774cffe9a3555c2c81e6f18906
1568d5636cf03f95cecd4e55b424fe76fd611b4a6524ef19beaccdb958a334ec
16d34ed66cab6c42375ce83930577fc8bcfcf6128ebdec127770c6fb7ccd2f54
1743b54e611ae08f0ddb89d8d1bc9ae7d78feacbd672c86a5f5bb3c1a582e05e
18201e44a097144b4b4d9fa01b548222bb46918ab5cd98cc5e48fe5d414d26aa
1aecddb211dfa6f1d6e3d55316e51779b6a8819e630b35d8e1003f2ffe9597c5
1b6f88717e97441718b9fbd436b0aa65d4753c36c9901535eb81b7ce4b760bc4
1cd58a827318c4a29b32a0db15c8c39d5651b42d8cad227519ad81bce4adb944
1dd583c8ff8eaeeb2f5622845527acbf0e4a875e335b4b706b305590d5a7b456
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1e5402292beed4ded5e764e05d4a0aaf2c0d152b148121485de91d8c685df113
1e64b2e7bfaa97b035c4f71b1d3b62bdd9d51793c15d45aa2db501c0cbe9e6e3
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
213738a8de7a1e55874dcbc92825c84599256579b64f60f19c2514e61844e6bb
229e46dacf0660ed1687a853b0b9568e1410c92164579337336c83fc591bd4d2
2509fe7526a049b1f538f3e12f57aeba33b64acd4ed219adb5b5f61ef3f1d83d
2568dfa814d345c7da73ffb7e75197c7604a32f1550e55cccc63b0e1dc9d7a57
271b921a0fb65bc7f2499ea31c12b14c255e415b726579d36a9e8d88cac32412
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2a04fa46b4ebc4bb2c93126695f45b0acf711870e1f169bb95247592c28c24a8
2b37b00f9400fedda05e3feb73c40b2a19af5fbd2d2d327c39e9476cff3dd9c8
2d385da55b86dff0c7514007841a085f9623f644ad2aae6b6149caaf5f2898cd
2eb2a641ec9143273f4f5ba4f1526364fd4b1a040b628b4be54b77dbe362690f
2f499c632d806f66b96dda6cbd4cac0363d331885476a8ac1d9e8ac60954d720
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32bc7c1c64fd1b755d48d6025b86b7e7a28ad35d1f420cf85cdc1123aa7dfcd7
35652aad571df0e1e44b47da8a656ef45fd0050fd5c95047d69adab4bb60753f
36998456859e35cf76812894575b0203d48ad8ac11d3165c5449d1fa73f19800
377c0cb3b48ac432df1bb1e16b7de569b4fc031b0d2de657b09a88901fb0a209
38907d193d2087aa60642f147785834c9637a38b5ec8c3dada871723f8654b54
3900c8b5b423944473f2b5735300291c473881985b2e64318b01fd3d7eefcbd2
3b5b1ae65b8c4bff67063af77d9186e254923c375d6b5994abf2d5d539ab62cd
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3d17abe6a44fe8b727a8282982c49a6defe969b90941f868c7191aa9b59f2f81
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4f55f1f4c55feb061ad43d3d466a984ed1ac04bd14af61009047ba2ac0163b
3fd498cc0ae566423ac60276950b945aec0f2dbd65e99e9fe5ebc0e1d525885a
3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4
449e6e7f9fab5eb4229af721f7742dbbed6ab11228f6367dcef5e59f5b085a89
4813ba420f7b7768cb3823c7ca434801cea7db0be70611d01de16ce2a155c3e9
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
49f1f1227656f341460fd8a3ab951a497d7295c49c4b64b637f3462d8f80254c
4acdbae0e000825a6749106785f89dc8663e1d64db491268d10274f8f28ce314
4adb034a054dde11edc5355bd37728733d992007b5d8e5e4c924042861a95ffd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d841724e5f355abec9cbf6eb3369b68a948b1b3a663828af811cea0a42bce90
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e94e02a490d304d30d6c8cccced4fe7505419817aae8318ddaa094c92a6a2a2
500bfc62d016cf183c412c5936594c609064cbc5865c1065353af9ad09aa46a4
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
526da676becebe7aea7903c8e06210f3c1c5a2eaa0128a8b29ef7f9b485ab580
53a898adf0c79c80fb29476e1c9fa463a5305fc846d6e88a40dcf40b0c47e0d7
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56b7af801ad31f3b1ae7456fff07ba0f0104b12976fa8c2f258b7cc9ec4680bf
594acca386d7d531c89141478e5f5581941c99ea5d78e1b4f937c70385ebb829
5eeedf9055f9efab9127642b4c44135be9f404caa7ce08e51a5ea734dfd28828
5fb632c62adcad83f185acd132e9fb170152147fda0f3d0f8eac8a4f0652c9db
615053da1726a3683c563a417429720fb3abd0b01a80592d84e0684066b94083
61b2100a8748346132ab227b5cbb6710c66aa8ed5c6caf241e1d85e7bcc049bf
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6463f5ce6c129584d88f0aa721bf8d30577b87bcff6e03d8d77c8912438da749
654e2be4aec552ec151183d2b672f207c4a6cff3f39d12112f84f931ffb6f9b0
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
69c03c6486a9c6cc180ecd78f66fb696c2cc648e53186f981fdacad1f3acfdde
6dbe9c2e13cf06c6633ea3fcf6d7bd30452561202a205c75a035cd1d8b93368f
6e040f861722deee40ea47ce05231fff57895321f15c7cd9bfe3414212e09546
6ee816398ac59bd1a1fddcb80037e7fd618f481fe467ad65e73afb4daff29095
6f69d70bf8ce1e473f3659ee6c746035ae11ebbe9383c1857783e300458667e0
7109518959a6958168f639860050324f4f063fd1697f32677cf9d0180ab02453
7282ef3935430cad842681d478a23c343dd14548adbff41c5ed1c8128503c3be
74de70e8e800d2b01d4ee91c90c18be0b14248c3b76078196821612faffe4338
74fc4449cbf97e82ee242d553e2fad5c51c48eaf2e0a5fed9c815ccd680f19c9
769996a987ead923de78ded8af9ebbc0125bfdca436dfadfdc9755fd54270371
78ead048534a43b075e7c5d48dfa9308fe736b38c42c8c1cc6374558f85c0e13
794dcd29f05c2aad386c6de8e9415a30ab4391c261a86660e22c437e4cff4f73
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7d210f7d18b1a67c12052541793c3fc63a9175ec1809b7988b9b9a13a4b50e16
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7ddc424649b256e50ebbde6522b13a627359b25c299b3ffa32a2896866e277c1
7de3a0f29d77ab3a4225b0c3dd67b7e3bdd1c2b1948512ea06e0951e1dc4510d
7f3f0bcae6e5d7f81ad1868d5a61d1538dc460c9efc955931eec63ed7b02febc
800585df7428f9c9f0c87748295ca2208eb2b07018d0b031c317b894cfeee151
803bf029d75bae3f48acbe6e731a032354808114464cb96ea4b61cd8622fc5cc
82d512d9de66d372be99b9169ce37787faaf6253487f07527aef39ce9651f11e
8343d0ecd56d9582e636490e0d910cf6700079e5ce839960e44f6e8535d085d0
8393b0f49cbaac879bc0a89a8d6fc918081a21fd4b13e5ae4416d2c1afbcca92
8638f3568cf35b04429b02b36b4f4e37baa12bf47b618e530dfa728022c1d41c
866e136465f8d394fb467dd65bbcd0b78d050ab6ee4ae8eba39ab5f681820064
88f8bcaca18dc7b224a9976749d0c3f8b95e9fd5a46bd41fb8480aee94a3a240
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8acb04628394993656dad11f23029fc6ad13cf90cfaa1f5df89150b2727684a9
8bcaa8c0d09d1f5a8df244a020efad7e5c0c3074958381e1052a44af5abcaee5
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8f03c1a2805c2d799bb9633282859ff375d9a277921447284f6e614520348d26
8f27a42793517467e388f55e78f2177ed300838e422a7904a6a6a679565e8812
907f4eb06d710eed09e15829248419e4c51a87c76c342270af3a674fb7a4a41b
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
9a2ab405de7aa2cd1e79976942cbf6df8278e9d8e451d68689fe6b64c731817e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b3ecd04d5760a0fed3f47a8f1efe42a0f08e5222ece3517f8c978d357cd3c27
9d1f8e40383d96d85c3afd250539874afe095b2f9e45ca120f787217bb7e94fb
9e7bbc13b468fe5b17e5121d0d7f2f50ff9a3dda100cc2f5986f612795996630
9f349ec1fe35c25d81549930c5557fedae873bc9d50976f33a77981ff5de7a59
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
a1c7f2401a055447a3b5c064547a1849fda64595d148a40311797ad02ae55752
a34b5fcade85366776a2c6bddf24a58ceaff7d2eb8ba4bf4496df1adb31d2ce1
a44e537eb0dfe0dfdb3a7ab134b25790c6f99e33436bf603e879598ec164a9fd
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a77319d6ab3cf3a1c4a4a5ba4e6c5b3ccf689c5269ddb896b93b2393b93d319c
a88ee13d2e82bd99ff8c5ac3c2cd52d3a4175f9121e48e30b1683bb80684b711
a8afc9750b1f64409bc5d48267ef6f6db04f88553e826bf19b90c4c2d5fe5435
aec5ee5147fdc283bcb601dc6231c234d9bec077d32756aef2a75eeedf78038f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b66b3852ff6dbd325b0ba68ff6e6a86419269ac0a8d0f3f339feba3d9123fac2
b83149463619a5f4bbee21909e8a99a085f15713e48d6522d0a3173b94a20e1e
b8d5737f90ef11347330f34aa3207d511a9629e75eda72dbf35cbc62be32e7d6
b94ed570e00f5bba0eaed65da67bf6f2fc5e107446a682eb045f20dbd12ab0e8
b98d68dfcac900dd387f517a3e8e5d84bc1c3b775222660221c780a73d729fb7
ba2b65836b472334c8abe1133ccdd57f61ccc6ae8c64dfad891735b080475611
bc0ddf69f98e325bbefb9ba9daa8c8d69b8541c0defc28f2059bafccc6915bcc
bccf1cb1deb66d46da34cf50ae212bd505ff2fadd0f1aabaef0ed86819f4a480
bd7680f0d4768bf17b38b5834d7671e6e456d9655b4ae3cb39186d1fcd93f5c2
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c0021329e45246893648b3713a3d50b924242b1d6b1aa45a4cff5b183ff75fba
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c842fa8019eafc4beae4bd989e2c486d3ecd7a407edb21804c35a1726a90fec7
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
ce7fbd5167d309fe01011c8e9d705efbaf23f8737d71b2ef405d11e5cda09989
cec4bfedfcd69924155e358164108dac7f9dd1483429ce2dc7f03d8170da489e
cefc41c47c649d1a3c2bb3ae103ddaa7863903ff7e449c1f168d05a66ba40ab3
cfcdd352bb06fcc5c0e6f3f9b96e0c9a7d42f99b94473534d5131dcb4a104ec9
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d3b13b7b63697035f84b586a90c637d0636daf8c5eab9856a52b1b2c69172e2e
d5c5e731b8c995ac40ce247ab42366d7df4cea7522f743480afb9be0a93ad2a7
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
d7f2a53ec64c3613054b8aca405af6eeb1e8dc1bf371d4676f5dbe917e3986d8
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da20c0065fd6912a4faecf7819b851adc016f3b19b66d4b0f8e80d80ac0bb847
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
e0c4174e61491bcca41b0035a78384a41275762a80217fde843045a58defff6e
e2a09b303a06eaba3727ad39559840b0902862900d939e44e323d58989d1ea2b
e2be1f759c5bacca5d958516dc0c71de5102924805793e909770358fc1ad81d9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e035bcb8f27d80d63a5962408ce875be99358ef3f4031c4d728c76a13bbfa4
e4259e2810a17934b15b752d5f631e23cc29c114ee5ebcb17e59a917e5a136fa
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3aa28e2cd3a21e157e7f48d3ef2be9bfd1b4b9ceda1cf9edae91d6d3f814470
f3ce311a88c449a4103d3d88e1d4e6a55a5a8418fb2b9b5fa6b0895e7ac6e967
f47d2e856e15811898277d3a1f455ab9b15d50920b1f351ada165287518bce68
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
f7236018adee6435646b8affbcd4392237716caf04db52641859e35435331905
fcc83a5b6aef86420c1ad553167106df96bd0ff4192ffe52b1647599948edbcf
fec72f3f90fae7965be18e0a4280cd821eb630c970afc04f7a8339e8b818ccf2
ffd9c6013049611b535ec72c8366993287a318935c9df51a8f3710c5c6b77b51