imgbb.com Open in urlscan Pro
46.229.170.2 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://track.ctraxlive.com/b0cacdc1ed3a619c4aba73254c98ae07
Effective URL:
https://imgbb.com/
Submission: On January 31 via api (January 31st 2022, 4:12:56 pm UTC) from US — Scanned from DE

Summary HTTP 139 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 29 IPs in 6 countries across 32 domains to perform 139 HTTP transactions. The main IP is 46.229.170.2, located in Ashburn, United States and belongs to ADVANCEDHOSTERS-AS, NL. The main domain is imgbb.com. The Cisco Umbrella rank of the primary domain is 269156.
TLS certificate: Issued by R3 on January 13th 2022. Valid for: 3 months.

This is the only time imgbb.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.184.189.178 35.184.189.178	15169 (GOOGLE) (GOOGLE)
1	46.229.170.2 46.229.170.2	39572 (ADVANCEDH...) (ADVANCEDHOSTERS-AS)
8	2606:4700:303... 2606:4700:3032::ac43:83fb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
18	95.211.66.35 95.211.66.35	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
23	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
5 26	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1 5	2a02:26f0:12d... 2a02:26f0:12d:4a5::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
14	2606:4700:303... 2606:4700:3039::6815:c06c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2620:112:f006... 2620:112:f006:bbbb::12	6336 (TURN-US-ASN) (TURN-US-ASN)
1 2	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
1 1	2a05:d018:d29... 2a05:d018:d29:3602:1ae5:2286:b535:86e4	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.6.251 37.157.6.251	198622 (ADFORM) (ADFORM)
5 5	199.127.204.147 199.127.204.147	26120 (RHYTHMONE) (RHYTHMONE)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2606:4700:20:... 2606:4700:20::681a:71b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
1	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
1 1	145.239.193.130 145.239.193.130	16276 (OVH) (OVH)
1	88.198.250.30 88.198.250.30	24940 (HETZNER-AS) (HETZNER-AS)
1	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
2	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
1 1	54.245.1.148 54.245.1.148	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	18.157.252.145 18.157.252.145	16509 (AMAZON-02) (AMAZON-02)
1 1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2	63.251.109.130 63.251.109.130	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
139	29

1 35.184.189.178 (Council Bluffs, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 178.189.184.35.bc.googleusercontent.com

track.ctraxlive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.229.170.2 (Ashburn, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)

imgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700:3032::ac43:83fb (United States)

ASN13335 (CLOUDFLARENET, US)

simgbb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 95.211.66.35 (Laren, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: hosted-by.leaseweb.com

s.clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
clickiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.184.226 (United States) 5 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:26f0:12d:4a5::4469 (Berlin, Germany) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3039::6815:c06c (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:112:f006:bbbb::12 (United States) 2 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:36a9:ecb:e518:b308 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3602:1ae5:2286:b535:86e4 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.6.251 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 199.127.204.147 (United States) 5 redirects

ASN26120 (RHYTHMONE, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.220.240 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:71b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.134 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 145.239.193.130 (France) 1 redirects

ASN16276 (OVH, FR)

pv.medialead.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.250.30 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88-198-250-30.clients.your-server.de

pb.media01.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.239.217 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.245.1.148 (Boardman, United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-245-1-148.us-west-2.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.157.252.145 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-157-252-145.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.251.109.130 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpsc-cac.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 100 tpc.googlesyndication.com — Cisco Umbrella Rank: 124	247 KB
32	doubleclick.net 5 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 184 googleads.g.doubleclick.net — Cisco Umbrella Rank: 46 cm.g.doubleclick.net — Cisco Umbrella Rank: 197 ad.doubleclick.net — Cisco Umbrella Rank: 195 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 274	206 KB
18	clickiocdn.com s.clickiocdn.com — Cisco Umbrella Rank: 41736 clickiocdn.com — Cisco Umbrella Rank: 31095	61 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 2190 ad4m.at — Cisco Umbrella Rank: 1809 assets.ad4m.at — Cisco Umbrella Rank: 34120	594 KB
9	doubleverify.com 1 redirects cdn.doubleverify.com — Cisco Umbrella Rank: 464 rtb0.doubleverify.com — Cisco Umbrella Rank: 616 tps.doubleverify.com — Cisco Umbrella Rank: 433 tpsc-cac.doubleverify.com — Cisco Umbrella Rank: 2156 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 47993	118 KB
8	simgbb.com simgbb.com — Cisco Umbrella Rank: 202703	187 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 590	4 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 324	103 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 165	124 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 241	4 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 770 r.turn.com — Cisco Umbrella Rank: 3243	2 KB
4	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 80 www.google.com — Cisco Umbrella Rank: 13	2 KB
3	1rx.io 3 redirects sync.1rx.io — Cisco Umbrella Rank: 528	3 KB
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 327	938 B
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 808 s.tribalfusion.com — Cisco Umbrella Rank: 2305	1 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 389	942 B
2	unrulymedia.com 2 redirects sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 905	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 608	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 470 ups.analytics.yahoo.com — Cisco Umbrella Rank: 283	2 KB
2	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1255	796 B
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 113556 static-de.ad4mat.net — Cisco Umbrella Rank: 151438	4 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8028	914 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1548	351 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3397	376 B
1	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 255	70 KB
1	awin1.com www.awin1.com — Cisco Umbrella Rank: 14385	702 B
1	media01.eu pb.media01.eu — Cisco Umbrella Rank: 46801	630 B
1	medialead.de 1 redirects pv.medialead.de — Cisco Umbrella Rank: 48812	2 KB
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 19998	522 B
1	imgbb.com imgbb.com — Cisco Umbrella Rank: 269156	8 KB
1	ctraxlive.com 1 redirects track.ctraxlive.com	200 B
0	webgains.com Failed track.webgains.com Failed
139	32

	Domain	Requested by
17	cm.g.doubleclick.net	5 redirects ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com googleads.g.doubleclick.net
17	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com ad.doubleclick.net
17	clickiocdn.com	s.clickiocdn.com
13	tpc.googlesyndication.com	imgbb.com securepubads.g.doubleclick.net tpc.googlesyndication.com ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com googleads.g.doubleclick.net
9	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net imgbb.com
8	simgbb.com	imgbb.com simgbb.com
6	assets.ad4m.at	as.ad4m.at
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	cdn.doubleverify.com	1 redirects ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com cdn.doubleverify.com imgbb.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	s.clickiocdn.com ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
4	ad4m.at	as.ad4m.at ad4m.at
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	as.ad4m.at	ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com as.ad4m.at ad4m.at
3	sync.1rx.io	3 redirects
3	googleads.g.doubleclick.net	imgbb.com ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
3	ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	pixel.advertising.com	2 redirects
2	googleads4.g.doubleclick.net	ad.doubleclick.net
2	eb2.3lift.com	2 redirects
2	sync.targeting.unrulymedia.com	2 redirects
2	c1.adform.net	2 redirects
2	cms.quantserve.com	1 redirects ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
2	r.turn.com	ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
2	ad.turn.com	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	tpsc-cac.doubleverify.com	ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
1	tps.doubleverify.com	cdn.doubleverify.com
1	ups.analytics.yahoo.com	1 redirects
1	rtb.openx.net	ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
1	s.tribalfusion.com	ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	pixel.everesttech.net	1 redirects
1	s0.2mdn.net	ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
1	www.awin1.com	as.ad4m.at
1	pb.media01.eu	as.ad4m.at
1	pv.medialead.de	1 redirects
1	ad.doubleclick.net	www.googletagservices.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	static-de.ad4mat.net	as.ad4m.at
1	pr-bh.ybp.yahoo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	prod-rtb.ad4mat.net	imgbb.com
1	s.clickiocdn.com	imgbb.com
1	imgbb.com
1	track.ctraxlive.com	1 redirects
0	track.webgains.com Failed	as.ad4m.at
139	50

This site contains links to these domains. Also see Links.

Domain
clickio.com
api.imgbb.com
ar.imgbb.com
bg-bg.imgbb.com
cs.imgbb.com
da.imgbb.com
de.imgbb.com
el.imgbb.com
es.imgbb.com
et-ee.imgbb.com
fa.imgbb.com
fi.imgbb.com
fr.imgbb.com
he.imgbb.com
hu.imgbb.com
id.imgbb.com
it.imgbb.com
ja.imgbb.com
ko.imgbb.com
lt-lt.imgbb.com
nb.imgbb.com
nl.imgbb.com
pl.imgbb.com
pt.imgbb.com
pt-br.imgbb.com
ru.imgbb.com
sk.imgbb.com
sr-rs.imgbb.com
sv.imgbb.com
tr.imgbb.com
uk.imgbb.com
vi.imgbb.com
zh-cn.imgbb.com
zh-tw.imgbb.com

Subject Issuer	Validity	Valid
*.imgbb.com R3	`2022-01-13` - `2022-04-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-16` - `2022-06-15`	a year	crt.sh
s.clickiocdn.com R3	`2021-11-20` - `2022-02-18`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
adlmerge.com R3	`2022-01-05` - `2022-04-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2021-12-21` - `2022-03-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
www.awin1.com DigiCert SHA2 Secure Server CA	`2021-06-11` - `2022-06-16`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 16 frames:

Primary Page: https://imgbb.com/
Frame ID: CC93D09C63713A74B8E5AFCFD4CF661E
Requests: 42 HTTP requests in this frame

Frame: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D419062F2CBC398C53A12ED0AB2AF37C
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs
Frame ID: 74EE42114D799250DE272EC3E94ADDF6
Requests: 12 HTTP requests in this frame

Frame: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 964E61E174A6097BAD132BDFD02BFCEE
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1948CAF5EBFE9E894D8C92B625C9903C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C3729CFC08510FE9270D72E09D0DDC7
Requests: 2 HTTP requests in this frame

Frame: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 44F1E9EFC2CA2F7171989C7FF4BBF237
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNUPi6yQB9DNrmjZS-gbsBcOGZ7OgB2M3vExqGVt-6yIk-IRFtchrGPy_d2wXwW6ey4cRkxXwPTISAYV29NEdVSO9eqORFzG1IRv3i92NFGbpiF2EUmVjo4mu8JoxMdhLa55MfhdL3qrbICer6uhtgO0-bJOskzeLZwH4JH98B2OaAMXBCU
Frame ID: DABC1B731475E4FFC272DE6968F9C614
Requests: 5 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1hn0g4737mwqcrxvea79dy53qz6ac4vqde2qa5s1fhn4ryeygtp47vmr3nng2nf0zpn5vws26bntezv76skjqy7xyp9pb753dpgp45c56nnmtr2r6h2w1hpv8hegvaqg1gdrf54h41eq652hpj7cmdf8r81tk1mdq4sdnh59cpf3gpecphadjheqf2gvq85gt9921989ay2wv2qqg259emaedasa93cq6z8v3ytbntvhfvdv1p85vf4qgnb1x202171086f3yjwyy8qd5fexc9kwtrbwcf738jqh0he29xrpy3jc6jn7576my0w034s0wwv0m0b72jjjfbjk0cqsjz322s5hc5jyyt4x8rqrzfg9wvveckjn12q6kmfmm0gg8nctbktp0nnh5hh5ypa394xhyyf3n5cdcn6x0smsrx77x7p1p580s3bdckha7jcz9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%26client%3Dca-pub-3104790387792468%26adurl%3D
Frame ID: 8155840FE255F415A45BC4D9FD1F43E3
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 63EDEDEDD40F569C1BF9660C7449C57C
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E1E2AA444001876531464BEE75970E96
Requests: 3 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: D2E47F5AEB696E4A628DE0A73BD82755
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Frame ID: 0A175E4F2299970168310BD54A2C1717
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 83D06F92395C253DA9ECD914360D42E8
Requests: 3 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-measurements2105.js
Frame ID: 58847100D03E9CFFA5D7517E5CE44658
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: DD377DA778119D05BDCBE3BBA3BD5E93
Requests: 9 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ImgBB — Bild hochladen — Kostenloses Bild Hosting

Page URL History Show full URLs

https://track.ctraxlive.com/b0cacdc1ed3a619c4aba73254c98ae07 HTTP 307
https://imgbb.com/ Page URL

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Mautic (Marketing Automation) Expand

Overall confidence: 100%
Detected patterns

[^a-z]mtc.*\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

139
Requests

85 %
HTTPS

45 %
IPv6

32
Domains

50
Subdomains

29
IPs

6
Countries

1731 kB
Transfer

3795 kB
Size

29
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://clickio.com/?utm_source=imgbb.com&utm_medium=adunit_label&utm_campaign=hor_sticky_desktop
Title: Ads by

Search URL Search Domain Scan URL

URL: https://api.imgbb.com/
Title: API

Search URL Search Domain Scan URL

URL: https://ar.imgbb.com/
Title: العربية

Search URL Search Domain Scan URL

URL: https://bg-bg.imgbb.com/
Title: Български

Search URL Search Domain Scan URL

URL: https://cs.imgbb.com/
Title: Čeština

Search URL Search Domain Scan URL

URL: https://da.imgbb.com/
Title: Dansk

Search URL Search Domain Scan URL

URL: https://de.imgbb.com/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://el.imgbb.com/
Title: Ελληνικά

Search URL Search Domain Scan URL

URL: https://es.imgbb.com/
Title: Español

Search URL Search Domain Scan URL

URL: https://et-ee.imgbb.com/
Title: Eesti (Eesti)

Search URL Search Domain Scan URL

URL: https://fa.imgbb.com/
Title: فارسی

Search URL Search Domain Scan URL

URL: https://fi.imgbb.com/
Title: Suomi

Search URL Search Domain Scan URL

URL: https://fr.imgbb.com/
Title: Français

Search URL Search Domain Scan URL

URL: https://he.imgbb.com/
Title: עברית

Search URL Search Domain Scan URL

URL: https://hu.imgbb.com/
Title: Magyar

Search URL Search Domain Scan URL

URL: https://id.imgbb.com/
Title: Bahasa Indonesia

Search URL Search Domain Scan URL

URL: https://it.imgbb.com/
Title: Italiano

Search URL Search Domain Scan URL

URL: https://ja.imgbb.com/
Title: 日本語

Search URL Search Domain Scan URL

URL: https://ko.imgbb.com/
Title: 한국어

Search URL Search Domain Scan URL

URL: https://lt-lt.imgbb.com/
Title: Lietuvių (Lietuva)

Search URL Search Domain Scan URL

URL: https://nb.imgbb.com/
Title: ‪Norsk Bokmål‬

Search URL Search Domain Scan URL

URL: https://nl.imgbb.com/
Title: Nederlands

Search URL Search Domain Scan URL

URL: https://pl.imgbb.com/
Title: Polski

Search URL Search Domain Scan URL

URL: https://pt.imgbb.com/
Title: Português

Search URL Search Domain Scan URL

URL: https://pt-br.imgbb.com/
Title: Português (Brasil)

Search URL Search Domain Scan URL

URL: https://ru.imgbb.com/
Title: Русский

Search URL Search Domain Scan URL

URL: https://sk.imgbb.com/
Title: Slovenčina

Search URL Search Domain Scan URL

URL: https://sr-rs.imgbb.com/
Title: Српски

Search URL Search Domain Scan URL

URL: https://sv.imgbb.com/
Title: Svenska

Search URL Search Domain Scan URL

URL: https://tr.imgbb.com/
Title: Türkçe

Search URL Search Domain Scan URL

URL: https://uk.imgbb.com/
Title: Українська

Search URL Search Domain Scan URL

URL: https://vi.imgbb.com/
Title: Tiếng Việt

Search URL Search Domain Scan URL

URL: https://zh-cn.imgbb.com/
Title: 简体中文

Search URL Search Domain Scan URL

URL: https://zh-tw.imgbb.com/
Title: 繁體中文

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://track.ctraxlive.com/b0cacdc1ed3a619c4aba73254c98ae07 HTTP 307
https://imgbb.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 70

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1&google_push=AYg5qPJffgkuWLS798zEfES0TQCy4GC-Q6SINxZIHn6AyVrZxh2GrAyMioSHYCVbkLO-TPNNxloKudp2gpMEJ5agwnJJA_-jZawoFQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA4NDc1ODA3OTU4NjcwNzMwNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1

Request Chain 72

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGyyTU0Hy8uaha8cQgOSDXk&google_cver=1&google_push=AYg5qPJMjJ1sxn_91JzWXffb3Q_Obd0-JVtsNrpDgTHz69M7_u7st9Is-zEWTEQ7q70sneRmntGeKOtQXH6ee3VL_j1lGFCGs242EA HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qh_F-fbAQHikbVhcagRG9A2&google_push=AYg5qPJMjJ1sxn_91JzWXffb3Q_Obd0-JVtsNrpDgTHz69M7_u7st9Is-zEWTEQ7q70sneRmntGeKOtQXH6ee3VL_j1lGFCGs242EA

Request Chain 73

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENYEKUoTfkADMV-DorXq1k8&google_cver=1&google_push=AYg5qPLZeHzHsoYgrIIB1lTY0s_lBEOhiSngqbT-0GY3z1w5caSKD7tEQ-rdUab2nKOq-fiWLpabrmddsB_PVK0H1n0yKcP5at5VNg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZeHzHsoYgrIIB1lTY0s_lBEOhiSngqbT-0GY3z1w5caSKD7tEQ-rdUab2nKOq-fiWLpabrmddsB_PVK0H1n0yKcP5at5VNg&google_hm=NTAzMzg1MjM3OTkwNTU3MTMzOQ%3D%3D

Request Chain 74

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDIxpHl9fnkcF1NFI4MExiQ&google_cver=1&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_pv1cCrZ7Id20H4cn1l_T7HrNNNCA HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDIxpHl9fnkcF1NFI4MExiQ&google_cver=1&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_pv1cCrZ7Id20H4cn1l_T7HrNNNCA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ0OTQxOTg2OTA0NDMyNDEy&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_pv1cCrZ7Id20H4cn1l_T7HrNNNCA

Request Chain 75

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEESZj8g7_RzXt6EUJ8UPem8&google_cver=1&google_push=AYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g HTTP 302
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1643645572877 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0a1110c6-7aaa-495a-9bb9-7fb1725beb93-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g%26google_hm%3DBQoREMZ6qklam7l_sXJb65M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g&google_hm=BQoREMZ6qklam7l_sXJb65M

Request Chain 76

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF4xn6enia-tl1ROO70HYvI&google_cver=1&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3uyaaqaBx0MBxcVa3rom069jyKW-KCwNWXyro HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3uyaaqaBx0MBxcVa3rom069jyKW-KCwNWXyro&google_gid=CAESEF4xn6enia-tl1ROO70HYvI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MzA2ODc4NzU2NDg1NDA2NzE5&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3uyaaqaBx0MBxcVa3rom069jyKW-KCwNWXyro

Request Chain 80

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1&C=1

Request Chain 81

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfgKhMSOxdM5WPNq1tMENgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1

Request Chain 82

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOQr63DpWtYuUxsgpO4WrBc&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOQr63DpWtYuUxsgpO4WrBc%26google_cver%3D1

Request Chain 83

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwODg3NTAyMzI2NzcyMzQzNQ%3D%3D

Request Chain 109

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 301
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=

Request Chain 124

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAF7KvmOFtkgefzM_CNvCsU&google_cver=1&google_push=AYg5qPI-0FAwr8OU2GCFHBOQyShP_eUAePEtItitY4iNIEE0jAP1rPcm0sK6OnprGSMQVMiX2nxA_mVk7qY-u6Dc8hwAyZ0phsg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA4NDc1ODA3OTU4NjcwNzMwNg==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1

Request Chain 125

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHMFhmpTCGXfmz0gDZlOhbs&google_cver=1&google_push=AYg5qPL6XTe3IlrPG_m6bslgx8D_FvnFqT3id1w3773HW9P8_Nv4EHlu5fWgw7UC_YWnoXlguq8Qa-rA_LbAONQYqXP2c1eT600 HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL6XTe3IlrPG_m6bslgx8D_FvnFqT3id1w3773HW9P8_Nv4EHlu5fWgw7UC_YWnoXlguq8Qa-rA_LbAONQYqXP2c1eT600&google_hm=4ebVh-a53SFDX5IAfHWCPw

Request Chain 126

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKVfobzHK0b97iN7KvgVPDxE2JHNiSWqgjqBnbEmg7k9K6nFMMKORUjF_bbOL-7-9crvPJnitJ1-kVNFqr6Dm5Sg21H5tS4&google_gid=CAESEOS_dEsp_TRUwNNFW4OCIBI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZnS2hRQUFBWkVoZFY5QQ&google_push=AYg5qPKVfobzHK0b97iN7KvgVPDxE2JHNiSWqgjqBnbEmg7k9K6nFMMKORUjF_bbOL-7-9crvPJnitJ1-kVNFqr6Dm5Sg21H5tS4

Request Chain 127

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOo6H8R7XZu8nt79QmnzDRo&google_cver=1&google_push=AYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOo6H8R7XZu8nt79QmnzDRo&google_cver=1&google_push=AYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 129

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEKBQOd4Gwq5nMQlR2exFhwo&google_cver=1&google_push=AYg5qPIjieLbJcyBSY-czwAyt8hJEwDmwe5hf5bK0qMpIHowzUTlJdsQHV1Z4zgi10dgu68KTifbttYGa5GytgOwON3vikQubn4 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-0a1110c6-7aaa-495a-9bb9-7fb1725beb93-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIjieLbJcyBSY-czwAyt8hJEwDmwe5hf5bK0qMpIHowzUTlJdsQHV1Z4zgi10dgu68KTifbttYGa5GytgOwON3vikQubn4%26google_hm%3DBQoREMZ6qklam7l_sXJb65M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIjieLbJcyBSY-czwAyt8hJEwDmwe5hf5bK0qMpIHowzUTlJdsQHV1Z4zgi10dgu68KTifbttYGa5GytgOwON3vikQubn4&google_hm=BQoREMZ6qklam7l_sXJb65M

Request Chain 130

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECqKhkQcrKdy_WtAzTIws3s&google_cver=1&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fGK0QpZzSnIfzRO66KnyO2dibLo4wQUKxD_pQHhgES7pAKmQ HTTP 302
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECqKhkQcrKdy_WtAzTIws3s&google_cver=1&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fGK0QpZzSnIfzRO66KnyO2dibLo4wQUKxD_pQHhgES7pAKmQ&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECqKhkQcrKdy_WtAzTIws3s&google_cver=1&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fGK0QpZzSnIfzRO66KnyO2dibLo4wQUKxD_pQHhgES7pAKmQ&apid=UPa4fc0f08-82b0-11ec-a2a1-06897ec577d6 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNGZjMGYwOC04MmIwLTExZWMtYTJhMS0wNjg5N2VjNTc3ZDY%3D&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fGK0QpZzSnIfzRO66KnyO2dibLo4wQUKxD_pQHhgES7pAKmQ

Request Chain 136

https://cdn.doubleverify.com/redirect/?host=tpsc-cac&param=akipv6&impid=a295bf5d4c0b4c65a6ad683ac9d000b0&cbust=1643645574552864 HTTP 302
https://tpsc-cac.doubleverify.com/event.png?impid=a295bf5d4c0b4c65a6ad683ac9d000b0&akipv6=2001:ac8:20:3a00:1011:b6d7:1fe6:a876

139 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
imgbb.com/
Redirect Chain

https://track.ctraxlive.com/b0cacdc1ed3a619c4aba73254c98ae07
https://imgbb.com/

30 KB
8 KB

438ms
143ms

Document
text/html

46.229.170.2
ADVANCEDHOSTERS-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.229.170.2 Ashburn, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),

Reverse DNS

Software

nginx /

Resource Hash

4531bc045db90bb0c84d60188dd8e9b4a253b414202a5588df84a09bf829ca66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-frame-options: DENY
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip

Redirect headers

Server: nginx
Date: Mon, 31 Jan 2022 16:12:48 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Location: https://imgbb.com/

GET
H2 200 ibb.css
simgbb.com/3524/ 122 KB
26 KB 284ms
105ms Stylesheet
text/css 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/3524/ibb.css
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a173842739bb7112058f3410f64e914aff8fd6efc15283978b402d2548e840

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2709
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 28 Jan 2022 21:30:57 GMT
server: cloudflare
etag: W/"61f46091-1e9f0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qybt2qV1cCMZWOP%2FlPjllugywom5UmGq5MSVNjH3D9TfjbO%2FCeU2m3qOOiNnFQPW1jv6KwpUqON7ucUKonVYnDkXWW4iqxSomQC37cu9%2FCLjEwDDBugj60%2BavcH921cwhy1KjW4nwnOC"}],"group":"cf-nel","max_age":604800}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6d6439497ba2d610-MXP

GET
H2 200 360_light.js Show response
s.clickiocdn.com/t/224723/ 138 KB
57 KB 203ms
25ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://s.clickiocdn.com/t/224723/360_light.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 16c44eff08ff2861faffa3aa6ab0cd92d0298c34874c1599a148f3effc915687

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
content-encoding: gzip
last-modified: Mon, 31 Jan 2022 16:11:00 GMT
server: nginx/1.16.0
etag: W/"61f80a14-229d0"
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
iseu: eu
cache-control: max-age=60
expires: Mon, 31 Jan 2022 16:13:49 GMT

GET
H2 200 logo.png
simgbb.com/images/ 938 B
1 KB 84ms
84ms Image
image/png 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simgbb.com/images/logo.png
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2039
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 938
last-modified: Tue, 27 Dec 2016 13:13:03 GMT
server: cloudflare
etag: "586268df-3aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sx6iJjIPJuK%2Bn7n9TYg0ohMXEeIKy6TYqjnvGD8nivw%2BCtZRpWEt644Wk297W2z1KlRn5evxADHZmsourJFArZeSXDZtnQBooCVNrsXIzdih6e%2FupAabrBSWCgkuC8LQSvH7qWZ2PUlj"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d64394a0cd1d610-MXP

GET
H2 200 jquery2.js Show response
simgbb.com/3524/ 113 KB
41 KB 106ms
105ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/3524/jquery2.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 838ca8f73ac18387e919098d3d04334725a1c92e5b15ad0d69baea936edb492e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6077
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 31 Oct 2020 19:48:54 GMT
server: cloudflare
etag: W/"5f9dbfa6-1c33c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bNfOG1V3HVaqzy3VLNmr2V2b%2FscupsTKbkkK4k1sUIeZo%2B9V7R8jGC0pJnjNmoJRV2Xv1cE%2FDca7fxk1mNUm4xA0jmgfx0u8EihSjESRGxFPSl0PqmQvaK8%2Bkt0bcMvGuAHA9za2%2BVKq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6d64394a3d0ed610-MXP

GET
H2 200 ibb.js Show response
simgbb.com/3524/ 223 KB
64 KB 136ms
136ms Script
application/javascript 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/3524/ibb.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ed6c2175f9baeac23e02b043a9ac02c09e07a7cba196fce75cae634315d5bd66

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2709
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 31 Oct 2020 19:48:54 GMT
server: cloudflare
etag: W/"5f9dbfa6-37c2f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1E5sSGGXbzkrNfiI8macsSidkKjWd3eBwKadRKLb9vDi8g1kM7bYOuCZB6%2BWMwwBWcvFdHcjZ5GQwUPdF2vcCEPaf7Z7SjaKSNzOsmUm8WeP9UHoHaLQiqkNTJxNo9I5b1cjuNheE4bO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
cf-ray: 6d64394a3d11d610-MXP

GET
H2 200 cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
simgbb.com/include/fonts/opensans/v13/ 15 KB
16 KB 217ms
96ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/cJZKeOuBrn4kERxqtaUH3VtXRa8TVwTICgirnJhmVJw.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 4671
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15572
last-modified: Sun, 29 Jan 2017 14:12:50 GMT
server: cloudflare
etag: "588df862-3cd4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDDfelZXbq6Uj539rE2fdR04cJm36I67t3Drqq87qlzdu5tuSHXYq39Dc3h8o4%2BL3Zhc34TnUQ2WtEsMWEz6gqz%2B%2FOvi3e%2FSYF2nS8JrCnSoApjKSVxOwzaXWXahOdAGZhrnqqEnO9mX"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d64394b2d9a08ab-CDG

GET
H2 200 icomoon.woff2
simgbb.com/include/fonts/ 7 KB
7 KB 217ms
97ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/icomoon.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b415eba27e079dcf82b5e30a282429cd69a562b5b3e14f6b91ee37b399046ca8

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6018
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7232
last-modified: Tue, 24 Apr 2018 17:34:06 GMT
server: cloudflare
etag: "5adf6a8e-1c40"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQVynVgUbWo5FHcvh4iAAa%2FXgYtih4JnT3KrlnHDoVMcwh9bCEi0dGJwHHgb3v5F9nhfVerp4EUaV5dVaz4Y9E8Zu00s02MY2WtLeHdOvMgQWGb2TlA7gyUoOZ83KbpamcVyti95T4LP"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d64394b2d9f08ab-CDG

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 79 KB
27 KB 179ms
97ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd591129d51ba1e209bfb6e4cd85bc24cac7a8cbb6bc91f7f46dbcc98e8efa00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27247
x-xss-protection: 0
server: sffe
etag: "1118 / 704 of 1000 / last-modified: 1643639060"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 31 Jan 2022 16:12:49 GMT

GET
H2 200 / Show response
clickiocdn.com/hbadx/ 46 B
169 B 173ms
76ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/hbadx/?ex=1&f=__lxG__.tmp.pol_se3iiwc5sgaldmiz&rt=556964388&site_id=224723&title=ImgBB%20%E2%80%94%20Bild%20hochladen%20%E2%80%94%20Kostenloses%20Bild%20Hosting&l=https%3A%2F%2Fimgbb.com%2F
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 3e74828a5583b971bed6d02a4e03f3be44e456b5757240c3edd4881fa106c48d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html; charset=ISO-8859-1

GET
H2 200 MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
simgbb.com/include/fonts/opensans/v13/ 16 KB
16 KB 183ms
94ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/MTP_ySUJH_bn48VBG8sNSugdm0LZdjqr5-oayXSOefg.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 6519
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16164
last-modified: Sun, 29 Jan 2017 14:12:55 GMT
server: cloudflare
etag: "588df867-3f24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tkUivPSa5Jae6tyMn7hIYnSORwfNJpZwuiZMpPNwnZmQ93lhhCzncu7p52r6%2FQfmjizWM82gIjWE0DySW6Tlmt4WQ8WjhOour6Au%2BfyOLxgg3Fd2f7MjXSwjW7eFyzhAoZCNe3mpFaVf"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d64394b2da208ab-CDG

GET
H2 200 DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
simgbb.com/include/fonts/opensans/v13/ 16 KB
16 KB 180ms
93ms Font
font/woff2 2606:4700:3032::ac43:83fb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://simgbb.com/include/fonts/opensans/v13/DXI1ORHCpsQm3Vp6mXoaTegdm0LZdjqr5-oayXSOefg.woff2
Requested by: Host: simgbb.com
URL: https://simgbb.com/3524/ibb.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:83fb , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2

Request headers

Referer: https://simgbb.com/3524/ibb.css
Origin: https://imgbb.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:49 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1938
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 16152
last-modified: Sun, 29 Jan 2017 14:12:50 GMT
server: cloudflare
etag: "588df862-3f18"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5wTikxMVitgyRIB%2B0%2F%2F9pLTr%2B6mIgzSAmLvK4hMJlSno04oX8q39QA3jsy2fKRTlDP3zwLANoSyYELMFm%2FRSDZcrpo9SpDqtIUXw3jpurWGdpVTh%2Fr%2FlzXDYwQrXPSx%2BcA2STGUheY6"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6d64394b2d9d08ab-CDG

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 110ms
75ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=n8dl0poueof6o50556963717&area_id=681339&type=base&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=556969854
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: f8ff4c5b5071f52d817cd7eb2c15d4c8a688031aaa02edfe4b791bf0cdbe2e13

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 110ms
76ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=n8dl0poueof6o50556963717&area_id=681344&type=dfp&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=556969849
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: eecbecf91d77a0d1db40bef04f807ec88979176f3e655b99d156f9ed932b56d7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
190 B 109ms
74ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=n8dl0poueof6o50556963717&area_id=681337&type=base&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=556969835
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 859242364bda2e673457798dc7acdcf7e9924101d5579b94f620d93b49ceba95

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 110ms
75ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=0&ses_id=n8dl0poueof6o50556963717&area_id=681351&type=base&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=556969852
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b99b327da5045e69c1d88c2529758a8d50cf9c720737e3783cbfdd01407f553f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 109ms
75ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=n8dl0poueof6o50556963717&area_id=681336&type=dfp&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=556969890
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: d39cf0ff821265b31a761fa7069af2aa542295c07dfce0c12571b0d49261557e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
187 B 80ms
79ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=1&ses_id=n8dl0poueof6o50556963717&area_id=681350&type=dfp&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=556969826
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 138c34afa85316de8f114fcb0806662d234bb68d976ea48b6af57441bdba3b17

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:49 GMT
content-type: text/html

GET
H2 200 pubads_impl_2022012601.js Show response
securepubads.g.doubleclick.net/gpt/ 355 KB
120 KB 203ms
65ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:01:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 669
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122255
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 09:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 16:01:41 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 84 B
715 B 210ms
73ms XHR
application/json 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=imgbb.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

288be5a2f9b7174960e30363a72e97a3b2e197ee7929b5c602fb556e90d3c03d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 79
x-xss-protection: 0
expires: Mon, 31 Jan 2022 16:12:50 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 186ms
72ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 186ms
72ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 974 B
1 KB 242ms
241ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

422b92422b67fb6b9419e32034a9c5d81034c815ed787a70bb3753381aac9519

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 532
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D419 6 KB
4 KB 612ms
428ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Mon, 31 Jan 2022 16:12:50 GMT
expires: Tue, 31 Jan 2023 16:12:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 pubads_impl_page_level_ads_2022012601.js Show response
securepubads.g.doubleclick.net/gpt/ 34 KB
13 KB 48ms
48ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022012601.js?cb=31064600

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

sffe /

Resource Hash

4acb147613215546355b164d0c0d22b09873bd655aeace6b19b4760fd0cac803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Thu, 27 Jan 2022 11:49:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 361428
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12997
x-xss-protection: 0
last-modified: Wed, 26 Jan 2022 09:34:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 27 Jan 2023 11:49:02 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 171ms
81ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 170ms
81ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=imgbb.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 42 KB
10 KB 457ms
457ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3657130054816211&correlator=3891056002361001&output=ldjh&impl=fif&eid=31061814%2C31064600%2C44757101&vrg=2022012601&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=45470634%3A22676723043%2Cclickio_area_681336_970x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C300x250%7C320x50%7C320x100%7C728x90%7C970x90&prev_scp=unit_type%3Dfixed%26ar_imp%3D0&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x300d%26adm_lazy_load_dev%3D400x300d&cookie=ID%3Da1e77a26c159340f-229385f22fcd0036%3AT%3D1643645570%3AS%3DALNI_MaVIJqIKfvZVxDkjDeih4qud4DOrQ&bc=31&abxe=1&dt=1643645570636&lmt=1643645570&dlt=1643645569303&idt=1040&frm=20&biw=1600&bih=1200&oid=2&adxs=190&adys=458&adks=2175894706&ucis=2&ifi=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=1220x0&msz=1220x0&psts=AGkb-H_KsA2pE7f1Wflo9wzFgmVGarfYLz1QbS2_dl_ZnuNc&ga_vid=569897549.1643645570&ga_sid=1643645570&ga_hid=1737667728&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

026b2bf06414770302f9627c54a98efad2a7eb4165b1e983c7f1139cb8933a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10496
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 26 KB
12 KB 828ms
827ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3657130054816211&correlator=3891056002361001&output=ldjh&impl=fif&eid=31061814%2C31064600%2C44757101&vrg=2022012601&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=45470634%3A22676723043%2Cclickio_area_681344_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&prev_scp=autorefresh%3D30_sec%26unit_type%3Dsticky%26ar_imp%3D0&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x300d%26adm_lazy_load_dev%3D400x300d&cookie=ID%3Da1e77a26c159340f-229385f22fcd0036%3AT%3D1643645570%3AS%3DALNI_MaVIJqIKfvZVxDkjDeih4qud4DOrQ&bc=31&abxe=1&dt=1643645570641&lmt=1643645570&dlt=1643645569303&idt=1040&frm=20&biw=1600&bih=1200&oid=2&adxs=453&adys=1110&adks=419035065&ucis=3&ifi=3&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=761x-1&msz=728x-1&psts=AGkb-H_KsA2pE7f1Wflo9wzFgmVGarfYLz1QbS2_dl_ZnuNc&ga_vid=569897549.1643645570&ga_sid=1643645570&ga_hid=1737667728&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

5255b7a218ae0d29321d08230ea3e43dd58948f98159d3cd1698b591bd9f19b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12048
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 25 KB
11 KB 966ms
966ms XHR
text/plain 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3657130054816211&correlator=3891056002361001&output=ldjh&impl=fif&eid=31061814%2C31064600%2C44757101&vrg=2022012601&ptt=17&sc=1&sfv=1-0-38&ecs=20220131&iu_parts=45470634%3A22676723043%2Cclickio_area_681350_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C320x50%7C728x90&prev_scp=unit_type%3Dfixed%26ar_imp%3D0&cust_params=adm_lazy_load%3D1%26adm_lazy_load_var%3D400x300d%26adm_lazy_load_dev%3D400x300d&cookie=ID%3Da1e77a26c159340f-229385f22fcd0036%3AT%3D1643645570%3AS%3DALNI_MaVIJqIKfvZVxDkjDeih4qud4DOrQ&bc=31&abxe=1&dt=1643645570645&lmt=1643645570&dlt=1643645569303&idt=1040&frm=20&biw=1600&bih=1200&oid=2&adxs=160&adys=85&adks=589635166&ucis=4&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fimgbb.com%2F&vis=1&scr_x=0&scr_y=0&psz=1280x0&msz=1280x0&psts=AGkb-H_KsA2pE7f1Wflo9wzFgmVGarfYLz1QbS2_dl_ZnuNc&ga_vid=569897549.1643645570&ga_sid=1643645570&ga_hid=1737667728&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

1c986e26c37b744d9c6e7e20d576b46ca1fbfb5ccf49f970319f6d18910fb55a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11191
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://imgbb.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 100ms
100ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=n8dl0poueof6o50556963717&area_id=681344&policy=ok&sub_id=1&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=557064769
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 596111789f5ec0bf86bb3701343cda0cdff3fadc31bea5b5a93ff6529256f281

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:50 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 338ms
338ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=n8dl0poueof6o50556963717&area_id=681336&policy=ok&sub_id=1&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=557064799
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 8912754cdac220a701c6d0e16a55b03af7b894cfb91df9068c1571f80092cafe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:50 GMT
content-type: text/html

GET
H2 200 / Show response
clickiocdn.com/clickiotag_log/ 83 B
189 B 339ms
338ms Script
text/html 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/clickiotag_log/?step=2&ses_id=n8dl0poueof6o50556963717&area_id=681350&policy=ok&sub_id=1&f=__lxG__.tmp.rot_pajhby8odcc3crz7&rt=557064719
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b93f465c229b49b4aadeb0b744da01d5f6d05b613229064c70d91c83ded46d5c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

iseu: eu
content-encoding: gzip
server: nginx/1.16.0
date: Mon, 31 Jan 2022 16:12:50 GMT
content-type: text/html

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 169ms
69ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022012601&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c155146596c14218be2107cd95b29a32a3e1b1dee93e2f061bb273422e43f106

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9008
x-xss-protection: 0

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/022111152338000/ Frame 74EE 190 KB
54 KB 232ms
77ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55512
x-xss-protection: 0
server: sffe
date: Mon, 31 Jan 2022 11:25:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "211febc96caa9486"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Jan 2023 11:25:35 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 74EE 13 KB
5 KB 226ms
71ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4994
x-xss-protection: 0
server: sffe
date: Mon, 31 Jan 2022 11:25:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "b314c3eb801664ba"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Jan 2023 11:25:35 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 74EE 89 KB
28 KB 349ms
195ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28443
x-xss-protection: 0
server: sffe
date: Mon, 31 Jan 2022 11:25:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "976e6f5df80f4e35"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Jan 2023 11:25:35 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 74EE 5 KB
3 KB 225ms
70ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 508382
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1727
x-xss-protection: 0
server: sffe
date: Tue, 25 Jan 2022 18:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "423ab13fb6ff63c9"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Wed, 25 Jan 2023 18:59:49 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/022111152338000/v0/ Frame 74EE 40 KB
13 KB 456ms
301ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/022111152338000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 17236
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12843
x-xss-protection: 0
server: sffe
date: Mon, 31 Jan 2022 11:25:35 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "08cf721d9e54e414"
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 31 Jan 2023 11:25:35 GMT

GET
DATA 200
OK truncated
/ Frame 74EE 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ed04d389a7b4a9deb1e0decdc831e2bddff537fa739c34127d0339c10663e04

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2760626515885066123
tpc.googlesyndication.com/simgad/ Frame 74EE 106 KB
106 KB 204ms
66ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2760626515885066123?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qm4gq6uYkIlCmLk-dYNfHCs6GAPbg

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b79200304f02c4220f9ab0105b0d334405732dc6b5f8dae20b41f36f48e48fe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 06:56:12 GMT
x-content-type-options: nosniff
age: 551799
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108535
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 11:43:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 25 Jan 2023 06:56:12 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 74EE 2 KB
3 KB 200ms
63ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:41:38 GMT
x-content-type-options: nosniff
server: cafe
age: 23473
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 14819457070020093239
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Tue, 01 Feb 2022 09:41:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 74EE 295 B
757 B 199ms
62ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 09:53:05 GMT
x-content-type-options: nosniff
server: cafe
age: 22786
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 426692510519060060
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 01 Feb 2022 09:53:05 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 74EE 0
0 105ms
105ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CEZ9Kggr4YZvxK4nngAetzYHQAavN6eBnxpjgsKsP2tkeEAEgouKjJmCVypuCrAegAZyv-6gCyAEC4AIAqAMByAMIqgTbAU_QSexpoaU4bI8gjEMNNHgiht4L4QYADQAEKVFbMjhPgwW1c7iMaa9AS12EfJNzErOgxpkoIAnJqgGkTwWEYHaVsAOEpaKVtRIb1oqscoLYDXKMb1mWyYEpss1CgFRti5qUyARfvFDgQYh9ngwfEFU0PRTICtHN0BNmuXgJr8Podmr5H3UNeDdWasFepfFxfENgBqxcR6qYJaavArwWhyknK9ug9NwMYrrpFYV0zKN6XDVBJAKOfD-hL_G9e3TIqeJVUvRm4eKe6ZVnW1HvVzGio1Cl2zFnIhVFOcAE3JPH_O4D4AQBkgUECAQYAZIFBAgFGASgBgKAB8zQhNcBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQ9_ge0ggJCIDhgBAQARgdgAoDyAsB2BMN0BUBmBYBgBcBshceChwIABIUcHViLTMxMDQ3OTAzODc3OTI0NjgYuqoZ&sigh=FmtDMHNcxso&uach_m=[UACH]&uap=UACH(platform)&uapv=UACH(platformVersion)&uaa=UACH(architecture)&uam=UACH(model)&uafv=UACH(uaFullVersion)&uab=UACH(bitness)
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMjV+NjgxMzI0fjY4MTM2NH42ODEzNDN+NjgxMzQyfjY4MTM0MX42ODEzNDB+NjgxMzQ1fjY4MTMzOX42ODEzNTF+NjgxMzM3fjY4MTMzMH42ODEzNDR+NjgxMzM2fjY4MTM1MH42ODEzNDh+NjgxMzQ0fjY4M... 38 B
206 B 83ms
82ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMjV+NjgxMzI0fjY4MTM2NH42ODEzNDN+NjgxMzQyfjY4MTM0MX42ODEzNDB+NjgxMzQ1fjY4MTMzOX42ODEzNTF+NjgxMzM3fjY4MTMzMH42ODEzNDR+NjgxMzM2fjY4MTM1MH42ODEzNDh+NjgxMzQ0fjY4MTMzNn42ODEzNDR+LX42ODEzMzl+NjgxMzM3fjY4MTM1MX42ODEzNDR+LSZzc2lkPX4xJmFjdD1kZXZfdGFyZ19yZW1+LX4tfi1+LX4tfi1+LX5mbmRfb25fcGd+LX4tfnJ0cl92YXJfY2hzbn4tfi1+LX4tfnJ0cl92YXJfaW5zdGFsbH4tfnNsb3RfaGJfZW5kfnNsb3RfaW5fcGd+dGdsX3NfMH4tfi1+dGdsX3NfMV9kZnB+dW5pdF9oYl9lbmQmdXJsPX5pbWdiYi5jb20mdmNudD0yNSZfZj1fX2x4R19fLnRtcC5sb2dzdF9ndWR5bGRtdm40cHFodm9s/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 98891d9a746c732d3351d872cfa8743c99e9eda18706df2e39a98b81340e25c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:51 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzNTB+NjgxMzQ0fjY4MTMzNn42ODEzNTB+NjgxMzQ0fjY4MTMzNn4tfjY4MTM1MH42ODEzMzZ+NjgxMzUwfjY4MTM0NH42ODEzMzZ+NjgxMzQ0fjY4MTMzNn42ODEzNTB+NjgxMzM2fjY4MTM1MH42ODEzNDR+N... 38 B
206 B 82ms
81ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzNTB+NjgxMzQ0fjY4MTMzNn42ODEzNTB+NjgxMzQ0fjY4MTMzNn4tfjY4MTM1MH42ODEzMzZ+NjgxMzUwfjY4MTM0NH42ODEzMzZ+NjgxMzQ0fjY4MTMzNn42ODEzNTB+NjgxMzM2fjY4MTM1MH42ODEzNDR+NjgxMzM2fjY4MTM1MH42ODEzNDR+NjgxMzM2fjY4MTM1MH42ODEzMzZ+NjgxMzUwJnNzaWQ9fjEmYWN0PXJ0cl92YXJfaW5zdGFsbH5zbG90X2NhbGxfYWRtfi1+LX5zbG90X2NhbGxfYWRtX2xsdl80MDB4MzAwZH4tfnNsb3RfaGJfZW5kfi1+c2xvdF9pbl9wZ34tfnNsb3RfbGxfdmFyXzQwMHgzMDBkfi1+c2xvdF9ybmRyX2NsbH4tfi1+dGdsX3NfMV9kZnB+LX50Z2xfc18yX29rfi1+LX50Z2xfc18yX29rX29rfi1+LX51bml0X2hiX2VuZH4tJnVybD1+aW1nYmIuY29tJnZjbnQ9MjUmX2Y9X19seEdfXy50bXAubG9nc3RfN3J2dmI1YXE0Z3Q2Z3k1eQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 221fcc058ceb3b61003bad87f22deaa01f077d1bd8924cb3bf604e254993fa37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:51 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+LX4tfi1+LX42ODEzNDR+NjgxMzUwfjY4MTMzNn42ODEzNDR+NjgxMzUwfjY4MTMzNn4tfi1+LX42ODEzNTB+LX42ODEzMzYmc3NpZD1+MSZhY3Q9Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2xsdl80MDB4M... 38 B
206 B 77ms
77ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+LX4tfi1+LX42ODEzNDR+NjgxMzUwfjY4MTMzNn42ODEzNDR+NjgxMzUwfjY4MTMzNn4tfi1+LX42ODEzNTB+LX42ODEzMzYmc3NpZD1+MSZhY3Q9Z19ldl9zcmVuZH5nX2V2X3NyZW5kX2xsdl80MDB4MzAwZH5nX2V2X3NyZW5kX25lfmdfZXZfc3JlbmRfbmVfbGx2XzQwMHgzMDBkfmdfZXZfc3JlcX4tfi1+Z19ldl9zcmVxX2xsdl80MDB4MzAwZH4tfi1+Z19ldl9zcmVzcH5nX2V2X3NyZXNwX2xsdl80MDB4MzAwZH5zbG90X2FkbV9yZXBseX5zbG90X2FkbV9yZXBseV9sbHZfNDAweDMwMGR+c2xvdF9jYWxsX2FkbV9sbHZfNDAweDMwMGR+c2xvdF9sbF92YXJfNDAweDMwMGR+c2xvdF9ybmRyZF9jb250ZW50JnVybD1+aW1nYmIuY29tJnZjbnQ9MTcmX2Y9X19seEdfXy50bXAubG9nc3RfcXhjd3NtZWY0MGx1N3Z0bQ/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: b7b718208dab2de280fce41bc41f470788afc91d4599686a66209c069ba635bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:51 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 392ms
313ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:12:51 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 74EE
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

258ms
163ms

Image
text/html

2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Server: 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Redirect headers

date: Mon, 31 Jan 2022 16:12:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 964E 6 KB
3 KB 218ms
63ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:12:50 GMT
expires: Tue, 31 Jan 2023 16:12:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1948 13 KB
5 KB 131ms
54ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:12:16 GMT
expires: Tue, 31 Jan 2023 16:12:16 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
content-type: text/html
age: 35
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5C37 783 B
1 KB 155ms
70ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

238b540e785e80cc476b387f2bb9bd12b314d289a67365e5d22b51dd5e62d588

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ma9qtHGrtG8hINkkISU5Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Mon, 31 Jan 2022 16:12:51 GMT
date: Mon, 31 Jan 2022 16:12:51 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Ma9qtHGrtG8hINkkISU5Yw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 container.html Show response
ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 44F1 6 KB
3 KB 138ms
68ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022012601.js?31064600

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 31 Jan 2022 16:12:50 GMT
expires: Tue, 31 Jan 2023 16:12:50 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
content-type: text/html
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame 1948 35 KB
13 KB 133ms
64ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:03:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4162
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 15:03:29 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5C37 0
0 161ms
113ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022012601&jk=3657130054816211&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame DABC 624 B
733 B 232ms
88ms Document
text/html 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNUPi6yQB9DNrmjZS-gbsBcOGZ7OgB2M3vExqGVt-6yIk-IRFtchrGPy_d2wXwW6ey4cRkxXwPTISAYV29NEdVSO9eqORFzG1IRv3i92NFGbpiF2EUmVjo4mu8JoxMdhLa55MfhdL3qrbICer6uhtgO0-bJOskzeLZwH4JH98B2OaAMXBCU

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Mon, 31 Jan 2022 16:12:51 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 964E 24 KB
14 KB 249ms
107ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2B-L71uo-SqWzedOD0_VZdYCcTA_pzDxbbu5brzi6wevVVkcl89Skg5aS9JyCY6KwivcX0Xp99SmKqi_dEUueOlR5Rn9Pq_anFTrAp55H4YCBK3lh1AhzGo7MxR_YaG340M4Z1yRBcgDL1MpjY8Ci5GfJPw&cry=1&dbm_d=AKAmf-AaKIp5rStkKC6I1T8IjwH4rOIlHm-7LbntwU1APCBnHsFU6CtRsLaQq2XdR9Dt3G9-Mq1PwfG7b3tsUElgq7lbOqIJEssvDY5N8MlqjB7p5_4uLiOOM_5Tsz0Uytwv8AjTj_sFt-g5xihjsnAZxfK15wD4rwaldi0Sr7M94KTNB0l-J_Dr5Sjk0BRwzJC06Tr2dI91nVbNCHv5mf9x73kJuz8PFpsXvzmDU049Eiqo9dt6sv3fwZnK2ReCCLbiAwTNe-j_sFUzUeoKFcmUbUL0X_o_0du2J49DyglTH7lhw9xlcRt09ZnzsFUrsnut8f-WJbs9EySPqK0lGgDFp4LXfZXiUX5zQXW96qxWrxxQjy0dCacGqilbOhIj04DR9wkOIQ-mYS3G8v1iI-NOZGJY9w-USddRvkEbYjrhA90Pf5RRd9bHnnVDtiiGFQgWdx2HlmYHGp5tGqjxFQPdiGt504cGBjQ0acScnFOE2Pvpc7il9Igaj2KaHMnbb61SIU7gZHYS_ev8Eq7dsEzlXB5i3y3hfijGCNGXNPr9nUhY6nRAllGY6Y5icE4F3YyQ68sisSFEPCnR5l8f4bIxJxDTOkQPpIODmZPP_rxTzE7IUPaxCzdAAge9pQcQlb3IQBs_t0MTitJMc2Oq7aJ2Wv7E7EqCKVUAZofRsH0zwHiUqlX4Ng2Xh-4s-gQKNOoHFcsuiacTOyVGwifor-9lbJW7blFPJHZPMiUA8vPWZE4hy2zVerYDHVtRTizhz8qqJQ3HeHwfBL9g_VNRPhMRgV6xCMFmLg4V5cTbPzoiuIc921nM-UnWKXpFtpsc9jrqDGwPYiEsH0o2ry2sAebAX4Xk5SITFzhAVY83r8-PZjXwhJp8JWkB-K44FVgWipXMEd6xX4CoBWlvO_Hyi1QedAM162c-S_Vx65_WOTKj87I9_jsKPx1OSyC1FWUA4jyKetYFBQkWD_Cr2NSCmRY2isDZtxXsn1sFNoAN-grj22DgQv_wkKnQk8G2xwOtrB9FlKhaYsQvhorPbKcL4zH1KwVJgFaGc5MHPIUsviyLc5eZJ1ik5HkQR2h-H40y7kQOFPcn4aOeH7jN8lqDHTlsJ-DJ622b13r4nLGd6dAGKVJ9FEhcRnyDVUuVmskharAPL4bOtzmLgw0L35y9RucqVj360NbbfSNky7gavnfWWctZ5vFlLj79ZxOeFly0Q0g9Ci1L1ZJ03yO3QR57WD3Zl-4T1hGfBF-4YuDK9eG0D7qbtcsrdTSpZbM6erVYHcs0uajj51VSjeJlDdcoI7d5VJ2U6vQ7AvNZ4P0Jz1NcWjG61f7kS90Y-3f14SBJJMVnoosBP5OCRizoZ3lPdjcghdFYeRTiZFVtPxkBnoLkdX7Y3UYBdJqfb3U6eLHU9ce-WC6BLUBbqRv6ZQrwXXZcqP95ghh8adIzTCwOIfb2EHCjTgkuYJQmBCxFeM-56nuk1OWY9l4XOZVDDxyo17ydTFRsPDruj_bIcJaamYMr5NvjQAFEMFjw4-KpCGX6l3UbnMhRgei8jIm4dbozQm9M3mzIpZnGB_Aqgb-j5_kwmD5Halw9L6qcQa_ONRWnRBg1isLr7fBMAomavXmm0XYw-C_2xAJo6BJFQ1oWgEyU3yK7wUMazTcPw0Cc7ecVN0jGMI4heGpi7pQvR9Nel_qmz-3oRRaNXeXRB2Zq06kkzNqbU9M9JrH_7wO3HPF7Wj-RwDDmJxrCtSb9tsNHy6P6sjKhhscExvb0os-9ro2bLroBzFlnBBeH3xZMmD6vSWbcyPvRaG4cB2TBEKAvGcoTrHGOQ9E25tzSKdRWred52PmeECpb_nqRVl80tD8B0KJWg2LBMCbTJ4gwm1_18AXCx4aTbQVlDDrlmlxnpvLZZ9LW87czqOFL_CdV9BbbugaaDEpLvzP_EjNC2Dl2WgSm10LNLvE0ZvkPtafIIxacjWFSfK_BmCQfHuGppAqL3iVg2MecK4oJEWmxO2HSZtJ3y8AbNIfaEFoX9vcrbD7RKoTAHy5k2k_KjNX_JOO0AjX97cBcFqg-icBaf0VNGjy0RcmsehKl48KWucyRG4hb_EUXQ2yMJ1JKTnh3HM5XVwDno_Bt2c3RA71PI4GSHUkLL9DFcYqy23Lq0dtyl8f8KB7-3m5v7R4PKpsA8on5L2Hw14YPNz8-9O4iwn9jEIfQajsyy0cgpceVbGLnJ52jTzABMyifSa_3CQFopmFrLCfi27OeEII0gaQeBYmZ2Fhn_G23JWKzyHip8uZjnm-MVU2e27MWOtY2RX_uNKhAI4BdJaG1acztkVeWclZp8g4wqn4v9dfSlueaJirG1Y6afXRjuGYltZCwwTe1xfRW0epE_vHLO3_eV7YXvFmkzEmjwVD0VNKN56A2XfnvSNDxtN9JW87VWUjx-P0e_xTvNAgm4NzAI9d6Ks0m71Yx_bz6LdJxAk0_Xf77F8VdttjIjBf7P8M71RMqMdkF8c89NolStrQhO9d0FEojskbisy6usIR5mP68eJ-hjsKMwrbyv7ZDu_7gEhWEiJGkbqBiO7a0Z-vI8HZ8j1AxkF4GQKImPME3IN9j-xO4UsecmWWZgNbVil7CDg-i7YZ-Dsk84q7WQ6tA-PfIFTEFQzTedIZOgCE_DjDPwU4e9fut9ATE0fw7smeKQv7XT7jzkfnQ2tsxHlnAgPwa2ZdnppUQXXmdfVf8rPawl7Dv70gispxV_mIRJrtTQ2u4nJz4NhE9KU8KDl7qDdTq7GlAglbtULuCvg7VQzuIDRExRDH7R7FWh_9C0Q_7NJryOk0CkKz9YGmH4zc4izde-qXrjZJMHel0T3n96-_f4t4oXyvuSrh2ciN-Z3Jkn7C1l9HTwG6n-0U-gamaJQzAPbCon9GMzmFGQcZZGFpFDA&cid=CAASEuRomKKRDUZ9lG5nos3v1ptyCg&rfl=1%2Chttps%253A%252F%252Fimgbb.com%252F%240

Requested by

Host: imgbb.com
URL: https://imgbb.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

542f577e7b3bfcee8b15189537e30ba87b78e1ae7dca8ace5ff3313c0bfb7585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:51 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14337
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 964E 42 B
63 B 117ms
100ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkItYs-kSyZ876tpx4tNs_C8OX7Yn30r2Hx1yRFN09IYpcjqkiOYlgv6ceKBtRwzm7M9tzqwcS8-dfZnWTccUGZMtYgvuSuj9UlgWkAEo0pAMZvnE

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 964E 2 KB
1 KB 782ms
527ms Script
application/javascript 2a02:26f0:12d:4a5::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229118&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hiHurftZq9kYpu_qiIfkQ-&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:4a5::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:12:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:31 GMT
Server: Microsoft-IIS/10.0
ETag: "8f6388f116ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1163

GET
H/1.1 200
OK dvtp_src.js Show response
cdn.doubleverify.com/ Frame 964E 8 KB
4 KB 781ms
526ms Script
application/javascript 2a02:26f0:12d:4a5::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvtp_src.js?ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&advid=3398311&adsrv=0&btreg=&btadsrv=&tagtype=&dvtagver=6.1.src&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hiHurftZq9kYpu_qiIfkQ-&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Requested by: Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:4a5::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 153aaeee7047ca29fe9975c724d3462366e42695067cdda7d36bed217fd69022

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:12:52 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Jan 2022 16:26:48 GMT
Server: Microsoft-IIS/10.0
ETag: "0d4ae2df615d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3290

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 964E 2 KB
1 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:10:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 964E 123 KB
37 KB 331ms
260ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:12:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 964E 14 KB
6 KB 63ms
62ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 15:57:49 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 44F1 0
0 113ms
112ms Fetch
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CTJRVgwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE4QFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0_CsCBK6svDKvuegSzGG9GrSIFl72344KfzpLW1rQQ-bJxqeMVYngBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTMxMDQ3OTAzODc3OTI0NjgYuqoZ&sigh=vWAaJ__S1Pw&uach_m=[UACH]&cid=CAQSPACNIrLM2LrYXmfgkhEeyUaK3YUw3ECLwB5c6jSWqYIENfiBRL15__a7o0UWn9_ubxjW7wr5WkDaFlOAtBgB
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.184.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s12-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 44F1 0
0 241ms
91ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1j40qvb8a53hjvnhpq2kjhd5nx7xngenpyex1j4s9twge1h7rj8gb1tscsgs3t10c8fr8fqkhkgtfmb8trjw776r91rx33sq3hf450ezgkb58ns659684vqccj3ddb3h7by7td838n2gymgms9jdh3v8q34xtxzycymsrqpqqcp1kxg17avw3x8ns5gnm276cvm466eyc5e6nqzb31jjk981bvsfhc3ewnaets4s68vz2arbyqh67kh7mhk6hczqr8kw76qpabt429nnp2dempf8psfcrgqe5emg5am1zdrxx8x1md8df2p26phmvr68zybbc4hgjwz778tm73qx1vx2cpmhnn3zza8x6b9npm61wjy1p2egv13ansjgbzze6y2axdhjj5haqdcsvgxxg09h4c2gtjds14&b=YfgKgwAGcmAK4DQMAAPgCv6Y63o2rj1sGzj-vw
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:51 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 8155 2 KB
3 KB 626ms
169ms Document
text/html 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1hn0g4737mwqcrxvea79dy53qz6ac4vqde2qa5s1fhn4ryeygtp47vmr3nng2nf0zpn5vws26bntezv76skjqy7xyp9pb753dpgp45c56nnmtr2r6h2w1hpv8hegvaqg1gdrf54h41eq652hpj7cmdf8r81tk1mdq4sdnh59cpf3gpecphadjheqf2gvq85gt9921989ay2wv2qqg259emaedasa93cq6z8v3ytbntvhfvdv1p85vf4qgnb1x202171086f3yjwyy8qd5fexc9kwtrbwcf738jqh0he29xrpy3jc6jn7576my0w034s0wwv0m0b72jjjfbjk0cqsjz322s5hc5jyyt4x8rqrzfg9wvveckjn12q6kmfmm0gg8nctbktp0nnh5hh5ypa394xhyyf3n5cdcn6x0smsrx77x7p1p580s3bdckha7jcz9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%26client%3Dca-pub-3104790387792468%26adurl%3D

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a460a968023118ac323a8793c5ed58ee7d5f8ae796cb4106af60062031d0ba87

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/

Response headers

date: Mon, 31 Jan 2022 16:12:52 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d64395ab9775a3d-MXP
content-encoding: br

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 44F1 2 KB
1 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/window_focus_fy2019.js

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:10:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1205
x-xss-protection: 0
server: cafe
etag: 18074202747124231361
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:10:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 63ED 1 KB
749 B 67ms
60ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 13:26:12 GMT
expires: Tue, 01 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 9999
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 44F1 123 KB
37 KB 298ms
235ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38288
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1643200382015849"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 31 Jan 2022 16:12:52 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/ Frame 44F1 14 KB
6 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220126/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:57:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6123
x-xss-protection: 0
server: cafe
etag: 15358646999216992880
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 15:57:49 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 44F1 22 KB
7 KB 64ms
63ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 10:18:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 21255
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 31 Jan 2023 10:18:36 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 63ED
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1&google_push=AYg5qPJffgkuWLS798zEfES0TQCy4GC-Q6SINxZIHn6AyVrZxh2GrAyMioSHYCVbkLO-TPNNxloKudp2gpMEJ5agwnJJA_-jZawoFQ
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA4NDc1ODA3OTU4NjcwNzMwNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1

43 B
407 B

352ms
224ms

Image
image/gif

2620:112:f006:bbbb::12
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1
Requested by: Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 63ED 35 B
463 B 239ms
79ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENJjFVzyJtooxqCXnJdKQCQ&google_cver=1&google_push=AYg5qPLOc3eS7W0Dnav8VN3E8-2e7XCYZBhjViKxsLZ6UaX_ZkmSbn1EJKBV_YCPlSjQ6hiBveVhko6NNcCSVtsKXaS6k8A-mCf5Dw

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63ED
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEGyyTU0Hy8uaha8cQgOSDXk&google_cver=1&google_push=AYg5qPJMjJ1sxn_91JzWXffb3Q_Obd0-JVtsNrpDgTHz69M7_u7st9Is-zEWTEQ7q70sneRmntGeKOtQXH6ee3VL...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qh_F-fbAQHikbVhcagRG9A2&google_push=AYg5qPJMjJ1sxn_91JzWXffb3Q_Obd0-JVtsNrpDgTHz69M7_u7st9Is-zEWTEQ7q70sneRmntGeKOtQXH6ee3VL_j1lGFCGs242EA

170 B
188 B

67ms
67ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qh_F-fbAQHikbVhcagRG9A2&google_push=AYg5qPJMjJ1sxn_91JzWXffb3Q_Obd0-JVtsNrpDgTHz69M7_u7st9Is-zEWTEQ7q70sneRmntGeKOtQXH6ee3VL_j1lGFCGs242EA

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Jan 2022 16:12:52 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.15.12
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=qh_F-fbAQHikbVhcagRG9A2&google_push=AYg5qPJMjJ1sxn_91JzWXffb3Q_Obd0-JVtsNrpDgTHz69M7_u7st9Is-zEWTEQ7q70sneRmntGeKOtQXH6ee3VL_j1lGFCGs242EA
x-host: tde-deliveryengine-production-655df8fcc8-54w6j
alt-svc: clear
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63ED
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENYEKUoTfkADMV-DorXq1k8&google_cver=1&google_push=AYg5qPLZeHzHsoYgrIIB1lTY0s_lBEOhiSngqbT-0GY3z1w5caSKD7tEQ-rdUab2nKOq-fiWLpabrmddsB_PVK0H1n0yKcP...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZeHzHsoYgrIIB1lTY0s_lBEOhiSngqbT-0GY3z1w5caSKD7tEQ-rdUab2nKOq-fiWLpabrmddsB_PVK0H1n0yKcP5at5VNg&google_hm=NTAzMzg1MjM3OTkwNTU3...

170 B
188 B

70ms
70ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZeHzHsoYgrIIB1lTY0s_lBEOhiSngqbT-0GY3z1w5caSKD7tEQ-rdUab2nKOq-fiWLpabrmddsB_PVK0H1n0yKcP5at5VNg&google_hm=NTAzMzg1MjM3OTkwNTU3MTMzOQ%3D%3D

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Mon, 31 Jan 2022 16:12:52 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AYg5qPLZeHzHsoYgrIIB1lTY0s_lBEOhiSngqbT-0GY3z1w5caSKD7tEQ-rdUab2nKOq-fiWLpabrmddsB_PVK0H1n0yKcP5at5VNg&google_hm=NTAzMzg1MjM3OTkwNTU3MTMzOQ%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63ED
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEDIxpHl9fnkcF1NFI4MExiQ&google_cver=1&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_pv1cCr...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEDIxpHl9fnkcF1NFI4MExiQ&google_cver=1&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_p...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ0OTQxOTg2OTA0NDMyNDEy&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_pv1cCr...

170 B
188 B

61ms
60ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ0OTQxOTg2OTA0NDMyNDEy&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_pv1cCrZ7Id20H4cn1l_T7HrNNNCA

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MjQ0OTQxOTg2OTA0NDMyNDEy&google_push=AYg5qPLPJ5MulLEJnZYrw-eJFelfrhibVd51VElKLUayGxKgtvGIrL5Tnm8CWqTbLI30R7tEX_pv1cCrZ7Id20H4cn1l_T7HrNNNCA
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63ED
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=AYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g&redir=https%3A%2F%2Fcm.g.dou...
https://sync.targeting.unrulymedia.com/csync/RX-0a1110c6-7aaa-495a-9bb9-7fb1725beb93-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPKd1EqIUEkpbaGM3hCXu...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g&google_hm=BQoREMZ6qklam7l_sXJb65M

170 B
188 B

91ms
90ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g&google_hm=BQoREMZ6qklam7l_sXJb65M

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 31 Jan 2022 16:12:53 GMT
Server: Tengine
ETag: RX0a1110c67aaa495a9bb97fb1725beb93005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPKd1EqIUEkpbaGM3hCXuD-vrvegA82kpTT73FB_hCLJoSk0nStHJeIakDUvnX_RwXEF9c43VDo2Jzr5VlcxZZwwXNQQGw6A1g&google_hm=BQoREMZ6qklam7l_sXJb65M
Connection: keep-alive
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 63ED
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEF4xn6enia-tl1ROO70HYvI&google_cver=1&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3uyaaqaBx0MBxcVa3rom069jyKW-KCwNWXyro
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3uyaaqaBx0MBxcVa3rom069jyKW-KCwNWXyro&goog...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MzA2ODc4NzU2NDg1NDA2NzE5&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3...

170 B
188 B

52ms
52ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MzA2ODc4NzU2NDg1NDA2NzE5&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3uyaaqaBx0MBxcVa3rom069jyKW-KCwNWXyro

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDU5MzA2ODc4NzU2NDg1NDA2NzE5&google_push=AYg5qPJTEQBWu41560tbogoj9mqFY1Jd-bxYJfvHejNWaloDLy3SG-G5HjbfCNy3uyaaqaBx0MBxcVa3rom069jyKW-KCwNWXyro
date: Mon, 31 Jan 2022 16:12:52 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 63ED 0
69 B 81ms
80ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13K5XOJelFb3USWaFbBT6SEGliyXBZk0LEQ8znUzS6wslGzXEKo1J7KhIUT8rHSZxqScEDa0

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:51 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET generate_204
tpc.googlesyndication.com/ Frame 1948 0
0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 176ms
175ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022012601&jk=3657130054816211&bg=!dXaldjLNAAY6OBv_Ojg7ACkAdvg8WpNAu7ripEiEg46QZMeIBg_GXQ9AWaFQFxJ7QlDTD93rIs_BxwIAAABaUgAAAANoAQcKAJe2us8tkLdxolpqE7QpPxyzycaZgTFSXn4DrKUjBMLmAsqG3KhD9izBMZd4AgqhIp8Q-C-0AHIJGOf3gE8eTSUddPIU0szhgqX25UjH6-SmyChx3VYrjCKIMYRE5RAaBdMi953ML7BYm6ITcRs6R4LmzXM5lr5cNIgIaFgiloe_5vNNQqv2ZtKZoaUbs1iL1LSoPICIkKMlmQLKVU-_e6y5CMAEgXc48MvV7YK6yp1Ps0FngKyO7su0iYKWzyr_CioCIdelhuhsNOfR6zqxpA6ZUq14TqXSSIMZDJBnLC4WZi4tpbfbH-nnhsCA0ZSd0AxJCm2eLvutOJPyT27RFVSacF7kJYDDe7Fbmifk8bD3Imd2iqyagTAVZgxzFNzS8x4YRwJxtiwSHRSTNPYySzQoezEQQhoWdJa2F99nGrJTrfuPEgQnYRhn9qGZTPEHLn9RPMilGkxXrLGXOrGWBdKheB9FyeMalAFKshl4mt9UEu7evoStR-HP8-3-xm5Y8T6b3R1lGz7K00VMjJVNyd98EveiNsv2Eb_QVqWLHNyLfVZfj9EoGWb-85q59TvsAJ9YoexpU9iZRbuWplIzxo1pJNGTwfOKniFOqAiq92QwlTeR6y71YARikmgKdSPEak4R8nh0yOsNdQnIjBVtapcC2_8lXup5k2r-tOl9oE3S-3fZ9PeQDev7GbhH5KaQ_ZXDQzBU9ONMpKphAIDrXWzKfiqV832S95Rst28z17-J2H3Rso0VVq06UAUp_829c7jd6gk_0aJTfI4NaJNjj4sGvNXvRehKIxjknZ_6qGFZZzPo8bHpO3xyNrRAHHx84YlTBq_Erd5RWqVYDN5Nla6PZeFzjmVyOfMt3mjb5cd8wdOfzpC2wstTnsEat99EOuEeHWNCtvTMVzkcat4bV8ODugZkbX7Nnx9jesqkrXEScZV9HPERtagK5vIc2dt-3IPOBCJkmBVGI1YoJo9x5Zt_A9fLcj78Vlw_53_NQxPLkb8fV42ls0ZxSB2PKY2IX4NfhkEelxBo7xHrXu8wWhDrt9vKqNTPiupcUUeDhPUNitkGPqCz6Ntc_nc8uhIHbXMzpaNHCqZCq5dh3RZfn1WvSQr4w94xjL0OpkJO1gnC0rlxIEXLJzxOOp2es-BcrUTL3HgE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DABC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1&C=1

43 B
1014 B

79ms
79ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNUPi6yQB9DNrmjZS-gbsBcOGZ7OgB2M3vExqGVt-6yIk-IRFtchrGPy_d2wXwW6ey4cRkxXwPTISAYV29NEdVSO9eqORFzG1IRv3i92NFGbpiF2EUmVjo4mu8JoxMdhLa55MfhdL3qrbICer6uhtgO0-bJOskzeLZwH4JH98B2OaAMXBCU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 16:12:52 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:52 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Mon, 31 Jan 2022 16:12:52 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame DABC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YfgKhMSOxdM5WPNq1tMENgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1

43 B
894 B

81ms
81ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNUPi6yQB9DNrmjZS-gbsBcOGZ7OgB2M3vExqGVt-6yIk-IRFtchrGPy_d2wXwW6ey4cRkxXwPTISAYV29NEdVSO9eqORFzG1IRv3i92NFGbpiF2EUmVjo4mu8JoxMdhLa55MfhdL3qrbICer6uhtgO0-bJOskzeLZwH4JH98B2OaAMXBCU
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:52 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Mon, 31 Jan 2022 16:12:52 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKl7InNIWc84leqNeUu0vao&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame DABC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOQr63DpWtYuUxsgpO4WrBc&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOQr63DpWtYuUxsgpO4WrBc%26google_cver%3D1

43 B
1 KB

60ms
60ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOQr63DpWtYuUxsgpO4WrBc%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfnugEQw7j0ARin186ZATAB&v=APEucNUPi6yQB9DNrmjZS-gbsBcOGZ7OgB2M3vExqGVt-6yIk-IRFtchrGPy_d2wXwW6ey4cRkxXwPTISAYV29NEdVSO9eqORFzG1IRv3i92NFGbpiF2EUmVjo4mu8JoxMdhLa55MfhdL3qrbICer6uhtgO0-bJOskzeLZwH4JH98B2OaAMXBCU

Protocol

HTTP/1.1

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:52 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d550fb48-abc6-4a5b-bd52-9829c81948e1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:52 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d83da3a8-0134-443e-8af8-86af91ae806f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEOQr63DpWtYuUxsgpO4WrBc%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DABC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwODg3NTAyMzI2NzcyMzQzNQ%3D%3D

170 B
188 B

74ms
74ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwODg3NTAyMzI2NzcyMzQzNQ%3D%3D

Requested by

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:52 GMT
X-Proxy-Origin: 217.64.151.31; 217.64.151.31; 717.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 38c4e94c-644b-4e36-873c-824211289e19
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTgwODg3NTAyMzI2NzcyMzQzNQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/ Frame 964E 23 KB
9 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A2B-L71uo-SqWzedOD0_VZdYCcTA_pzDxbbu5brzi6wevVVkcl89Skg5aS9JyCY6KwivcX0Xp99SmKqi_dEUueOlR5Rn9Pq_anFTrAp55H4YCBK3lh1AhzGo7MxR_YaG340M4Z1yRBcgDL1MpjY8Ci5GfJPw&cry=1&dbm_d=AKAmf-AaKIp5rStkKC6I1T8IjwH4rOIlHm-7LbntwU1APCBnHsFU6CtRsLaQq2XdR9Dt3G9-Mq1PwfG7b3tsUElgq7lbOqIJEssvDY5N8MlqjB7p5_4uLiOOM_5Tsz0Uytwv8AjTj_sFt-g5xihjsnAZxfK15wD4rwaldi0Sr7M94KTNB0l-J_Dr5Sjk0BRwzJC06Tr2dI91nVbNCHv5mf9x73kJuz8PFpsXvzmDU049Eiqo9dt6sv3fwZnK2ReCCLbiAwTNe-j_sFUzUeoKFcmUbUL0X_o_0du2J49DyglTH7lhw9xlcRt09ZnzsFUrsnut8f-WJbs9EySPqK0lGgDFp4LXfZXiUX5zQXW96qxWrxxQjy0dCacGqilbOhIj04DR9wkOIQ-mYS3G8v1iI-NOZGJY9w-USddRvkEbYjrhA90Pf5RRd9bHnnVDtiiGFQgWdx2HlmYHGp5tGqjxFQPdiGt504cGBjQ0acScnFOE2Pvpc7il9Igaj2KaHMnbb61SIU7gZHYS_ev8Eq7dsEzlXB5i3y3hfijGCNGXNPr9nUhY6nRAllGY6Y5icE4F3YyQ68sisSFEPCnR5l8f4bIxJxDTOkQPpIODmZPP_rxTzE7IUPaxCzdAAge9pQcQlb3IQBs_t0MTitJMc2Oq7aJ2Wv7E7EqCKVUAZofRsH0zwHiUqlX4Ng2Xh-4s-gQKNOoHFcsuiacTOyVGwifor-9lbJW7blFPJHZPMiUA8vPWZE4hy2zVerYDHVtRTizhz8qqJQ3HeHwfBL9g_VNRPhMRgV6xCMFmLg4V5cTbPzoiuIc921nM-UnWKXpFtpsc9jrqDGwPYiEsH0o2ry2sAebAX4Xk5SITFzhAVY83r8-PZjXwhJp8JWkB-K44FVgWipXMEd6xX4CoBWlvO_Hyi1QedAM162c-S_Vx65_WOTKj87I9_jsKPx1OSyC1FWUA4jyKetYFBQkWD_Cr2NSCmRY2isDZtxXsn1sFNoAN-grj22DgQv_wkKnQk8G2xwOtrB9FlKhaYsQvhorPbKcL4zH1KwVJgFaGc5MHPIUsviyLc5eZJ1ik5HkQR2h-H40y7kQOFPcn4aOeH7jN8lqDHTlsJ-DJ622b13r4nLGd6dAGKVJ9FEhcRnyDVUuVmskharAPL4bOtzmLgw0L35y9RucqVj360NbbfSNky7gavnfWWctZ5vFlLj79ZxOeFly0Q0g9Ci1L1ZJ03yO3QR57WD3Zl-4T1hGfBF-4YuDK9eG0D7qbtcsrdTSpZbM6erVYHcs0uajj51VSjeJlDdcoI7d5VJ2U6vQ7AvNZ4P0Jz1NcWjG61f7kS90Y-3f14SBJJMVnoosBP5OCRizoZ3lPdjcghdFYeRTiZFVtPxkBnoLkdX7Y3UYBdJqfb3U6eLHU9ce-WC6BLUBbqRv6ZQrwXXZcqP95ghh8adIzTCwOIfb2EHCjTgkuYJQmBCxFeM-56nuk1OWY9l4XOZVDDxyo17ydTFRsPDruj_bIcJaamYMr5NvjQAFEMFjw4-KpCGX6l3UbnMhRgei8jIm4dbozQm9M3mzIpZnGB_Aqgb-j5_kwmD5Halw9L6qcQa_ONRWnRBg1isLr7fBMAomavXmm0XYw-C_2xAJo6BJFQ1oWgEyU3yK7wUMazTcPw0Cc7ecVN0jGMI4heGpi7pQvR9Nel_qmz-3oRRaNXeXRB2Zq06kkzNqbU9M9JrH_7wO3HPF7Wj-RwDDmJxrCtSb9tsNHy6P6sjKhhscExvb0os-9ro2bLroBzFlnBBeH3xZMmD6vSWbcyPvRaG4cB2TBEKAvGcoTrHGOQ9E25tzSKdRWred52PmeECpb_nqRVl80tD8B0KJWg2LBMCbTJ4gwm1_18AXCx4aTbQVlDDrlmlxnpvLZZ9LW87czqOFL_CdV9BbbugaaDEpLvzP_EjNC2Dl2WgSm10LNLvE0ZvkPtafIIxacjWFSfK_BmCQfHuGppAqL3iVg2MecK4oJEWmxO2HSZtJ3y8AbNIfaEFoX9vcrbD7RKoTAHy5k2k_KjNX_JOO0AjX97cBcFqg-icBaf0VNGjy0RcmsehKl48KWucyRG4hb_EUXQ2yMJ1JKTnh3HM5XVwDno_Bt2c3RA71PI4GSHUkLL9DFcYqy23Lq0dtyl8f8KB7-3m5v7R4PKpsA8on5L2Hw14YPNz8-9O4iwn9jEIfQajsyy0cgpceVbGLnJ52jTzABMyifSa_3CQFopmFrLCfi27OeEII0gaQeBYmZ2Fhn_G23JWKzyHip8uZjnm-MVU2e27MWOtY2RX_uNKhAI4BdJaG1acztkVeWclZp8g4wqn4v9dfSlueaJirG1Y6afXRjuGYltZCwwTe1xfRW0epE_vHLO3_eV7YXvFmkzEmjwVD0VNKN56A2XfnvSNDxtN9JW87VWUjx-P0e_xTvNAgm4NzAI9d6Ks0m71Yx_bz6LdJxAk0_Xf77F8VdttjIjBf7P8M71RMqMdkF8c89NolStrQhO9d0FEojskbisy6usIR5mP68eJ-hjsKMwrbyv7ZDu_7gEhWEiJGkbqBiO7a0Z-vI8HZ8j1AxkF4GQKImPME3IN9j-xO4UsecmWWZgNbVil7CDg-i7YZ-Dsk84q7WQ6tA-PfIFTEFQzTedIZOgCE_DjDPwU4e9fut9ATE0fw7smeKQv7XT7jzkfnQ2tsxHlnAgPwa2ZdnppUQXXmdfVf8rPawl7Dv70gispxV_mIRJrtTQ2u4nJz4NhE9KU8KDl7qDdTq7GlAglbtULuCvg7VQzuIDRExRDH7R7FWh_9C0Q_7NJryOk0CkKz9YGmH4zc4izde-qXrjZJMHel0T3n96-_f4t4oXyvuSrh2ciN-Z3Jkn7C1l9HTwG6n-0U-gamaJQzAPbCon9GMzmFGQcZZGFpFDA&cid=CAASEuRomKKRDUZ9lG5nos3v1ptyCg&rfl=1%2Chttps%253A%252F%252Fimgbb.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 88
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9288
x-xss-protection: 0
server: cafe
etag: 5602277676122011250
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:11:24 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 964E 41 KB
15 KB 84ms
84ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 30 Jan 2022 21:45:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66453
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 30 Jan 2023 21:45:19 GMT

GET
DATA 200
OK truncated
/ Frame 44F1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b9413e8593842cbb3661c1a0f9709429c8c2892eafd8fa286f752860192719be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E1E2 22 KB
8 KB 42ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 168058
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js Show response
pagead2.googlesyndication.com/bg/ Frame E1E2 35 KB
13 KB 58ms
58ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/qgJV3VdNHF0UKJqll0M35s3ByNUeqPDUArL6SI-1xSU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 15:03:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4163
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13761
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 15:03:29 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 8155 81 KB
11 KB 187ms
89ms Stylesheet
text/css 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hn0g4737mwqcrxvea79dy53qz6ac4vqde2qa5s1fhn4ryeygtp47vmr3nng2nf0zpn5vws26bntezv76skjqy7xyp9pb753dpgp45c56nnmtr2r6h2w1hpv8hegvaqg1gdrf54h41eq652hpj7cmdf8r81tk1mdq4sdnh59cpf3gpecphadjheqf2gvq85gt9921989ay2wv2qqg259emaedasa93cq6z8v3ytbntvhfvdv1p85vf4qgnb1x202171086f3yjwyy8qd5fexc9kwtrbwcf738jqh0he29xrpy3jc6jn7576my0w034s0wwv0m0b72jjjfbjk0cqsjz322s5hc5jyyt4x8rqrzfg9wvveckjn12q6kmfmm0gg8nctbktp0nnh5hh5ypa394xhyyf3n5cdcn6x0smsrx77x7p1p580s3bdckha7jcz9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%26client%3Dca-pub-3104790387792468%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hn0g4737mwqcrxvea79dy53qz6ac4vqde2qa5s1fhn4ryeygtp47vmr3nng2nf0zpn5vws26bntezv76skjqy7xyp9pb753dpgp45c56nnmtr2r6h2w1hpv8hegvaqg1gdrf54h41eq652hpj7cmdf8r81tk1mdq4sdnh59cpf3gpecphadjheqf2gvq85gt9921989ay2wv2qqg259emaedasa93cq6z8v3ytbntvhfvdv1p85vf4qgnb1x202171086f3yjwyy8qd5fexc9kwtrbwcf738jqh0he29xrpy3jc6jn7576my0w034s0wwv0m0b72jjjfbjk0cqsjz322s5hc5jyyt4x8rqrzfg9wvveckjn12q6kmfmm0gg8nctbktp0nnh5hh5ypa394xhyyf3n5cdcn6x0smsrx77x7p1p580s3bdckha7jcz9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%26client%3Dca-pub-3104790387792468%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:52 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 431266
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 26 Jan 2022 16:25:06 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d64395cab30072e-LHR
cf-bgj: minify

GET
H2 200 r62eglto.js Show response
ad4m.at/ Frame 8155 35 KB
13 KB 162ms
151ms Script
application/javascript 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/r62eglto.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1hn0g4737mwqcrxvea79dy53qz6ac4vqde2qa5s1fhn4ryeygtp47vmr3nng2nf0zpn5vws26bntezv76skjqy7xyp9pb753dpgp45c56nnmtr2r6h2w1hpv8hegvaqg1gdrf54h41eq652hpj7cmdf8r81tk1mdq4sdnh59cpf3gpecphadjheqf2gvq85gt9921989ay2wv2qqg259emaedasa93cq6z8v3ytbntvhfvdv1p85vf4qgnb1x202171086f3yjwyy8qd5fexc9kwtrbwcf738jqh0he29xrpy3jc6jn7576my0w034s0wwv0m0b72jjjfbjk0cqsjz322s5hc5jyyt4x8rqrzfg9wvveckjn12q6kmfmm0gg8nctbktp0nnh5hh5ypa394xhyyf3n5cdcn6x0smsrx77x7p1p580s3bdckha7jcz9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%26client%3Dca-pub-3104790387792468%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=tEZe3A==, md5=Jdq10Kok9oEWJwphx1gWLw==
date: Mon, 31 Jan 2022 16:12:52 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18706
x-guploader-uploadid: ADPycdsoLgx8n7jiyPdzdqiZQ5pie9d6qWkEeBXSxQHaDB9ri_PQZAsJo6gOrp8p0Ozux54M8eJ7NVBSc4Ny9jpqepI
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 11:00:45 GMT
server: cloudflare
etag: W/"25dab5d0aa24f68116270a61c758162f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TQ4siVC%2FmFy52zHoQh%2FZSbRgoKquaiqdvok8BL%2FtBSej0BxjO5vs1FWD9%2BhE9mIcXfvYhbjYsbh8%2FhOpT9liIepTc6yzg%2Bd%2FdY2yA0A5Hvdnr9ZRiMqChDWAZb7LC71hEB68E%2Bc%3D"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1643194845770575
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
x-goog-stored-content-length: 11870
cf-ray: 6d64395c0c815a3d-MXP
expires: Mon, 31 Jan 2022 11:01:06 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E1E2 0
20 B 85ms
84ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BawWkgwr4YdbIO5Xa3wPX7JPgBQAAAAA4AeAEAg&bg=!8_Cl8LTNAAY6OBv_Ojg7ACkAdvg8WmCJck98u4CNtCJ_R4h7g4Jl3mpq3RjUgPjUzGlxZipoDrgcZAIAAABzUgAAAANoAQeZAwHmnZdfd8CvBUVkc2DAOIRY7WAZJUfWdi6QBNdKij3h0M9rYohNKMksiWkOrDBzFZ-CoztFK48GU0gWQOpETXUgwq00VD387_sBIODct3qaZbM9SLSOZ26dLrl5C2jCKa7PCnfSBi_JjeX6K7ey_xHb-YwxPMcYnat-Kiu6F_AcIkGvjyhVe1L7i_9UrM4E2COF1t9lWOuGenX67YUoCa0GrFW7nuMFDWtGODZZhJxhT6nsUVJ67hrX6fzNCRYwO7QX2VNmcXxe35YkeNfR5agQbzNqveXyveeHJpgfbGlT_-U3OVLXTww3A1ZOjmk-cgGe_PLftFZ6F0lhXqj6Zr6-IALJVbLx7UM69ncwUbcMp4ABqJ6MpFD6tyuZL5-TG0nwJ1Fd3oMScGm74ze0Pdp7Byo3JV4-uKGfiOy_zYFlrOyJePtvMsoWppL-vXRxAfGb1WUf9XJLx-W5fi9VNNgua8z-7cIG_t7HPah5k5sBN4upb9kJyDvAQl9q6s0LeJMxeXHY2bOX-FT-SBrBq89qWmSRsbBBSpdjAgLil5C6eRrtBJztrnfxmu_DhthPdlKpqFSnZKR8YZ9B7WB7nEVg-9FlB2gP0NMRTVIk1afKpYDuNJ7S7KeiEJcYeCBcAFwayxsaFAoKYk-mwUXRkYxfO8N4PoYPeUU16jyqENmfH9VZfO9ZOjA-E4s6-IMg8pggwZxwyL3IiSNVF9RNfSL2LVc1BlR0bTlFbtU3rG4TSFXWSIvAnDmwmESiLkWfXraAWvj6qUmW5wQmbd9lKWxAccmrYVKbXhrYRvGaHYIhK_vhr1Z9I1IW4Wb1zB73OKbMojcbSLiDYGYqni_uCcypSvN5A0JJEQeqdq5Pxeaj07flSiLFZ6NVMPSslw5jFWFJuHfajJuSxC9k90pur4VgMeJKQoBeRach4KruN1arDmDPKquIi5wtPZ_OXYlQVImr22_nWou4wHPiUZDFL5309q-12K3wO0qGHoT3swTlAAByAcgORX-vzu8CmrjKxlwp

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src_internal101.js Show response
cdn.doubleverify.com/ Frame 964E 55 KB
18 KB 67ms
66ms Script
application/javascript 2a02:26f0:12d:4a5::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=1828362&cmp=115845&plc=4229118&sid=18330&dvregion=0&unit=728x90&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&prr=1&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hiHurftZq9kYpu_qiIfkQ-&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&turl=https://imgbb.com/&DVP_PP_BUNDLE_ID=
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:4a5::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:12:52 GMT
Content-Encoding: gzip
Last-Modified: Wed, 08 Dec 2021 09:35:46 GMT
Server: Microsoft-IIS/10.0
ETag: "08517fa16ecd71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18088

GET
H3 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 74EE 42 B
64 B 103ms
103ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssM0f748az3i5SARq-aTWxL_E1EyMa489zZRUdrG5nee5EyMqCwgdMAsWoAErlCi5ZjfWcS4amFpiPEiqSSi3XHuXGZem7LNChZaIK_pPo55CqDJpa1Iw&sai=AMfl-YSed49gaR5WeapruORfu2QqbcRtu0aQxPWjEcNH_J-4lkbAm8OFhIpCYKlknYjmp1StCsnHAzXRJPkXarbRUAl51opvVy48ZzgKxB-awLbZ0odY-Gm2j_5lz2Ht&sig=Cg0ArKJSzO0-KdJh_Ng_EAE&cid=CAASF-RozqxlPTFODc7HRQtlDDNIdQxNdzeP&id=ampim&o=315,458&d=970,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,0,1000,1000&tos=0,0,0,1000,0&tfs=504&tls=1504&g=100&h=100&tt=1505&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&adk=2175894706

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 8155 3 KB
4 KB 367ms
152ms Image
image/png 2606:4700:20::681a:71b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:71b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
date: Mon, 31 Jan 2022 16:12:52 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5147886
x-guploader-uploadid: ADPycds9UegxUXswK4RzZzF6mXDfQy_y0GHXQmo_7EYAAHyEQ16keq-zOTSqb6YP04oikMtdLFTYNybr6iTpruHRyi30S7TEFw
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hRSPDn6FVLbJG4gDPfKyBhxYs%2FObF%2Bn40Nyjiylxw%2F9xsbKDlZqJr8MXVzQElEuhNNFhOWHx29J4sJkKalha64LA4VQa%2F4JIXGK3lbpELkYEGKRllRzPoNRYb2I9nCLFp9Hk8el8%2B8NUIKvTW8K9cZRi"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1623242114099744
content-type: image/png
cache-control: public, max-age=31536000, immutable
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 6d64395e7dca3744-MXP
expires: Sat, 03 Dec 2022 02:14:46 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame D2E4 2 KB
2 KB 72ms
72ms Document
text/html 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Mon, 31 Jan 2022 16:12:52 GMT
content-type: text/html; charset=utf-8
x-guploader-uploadid: ABg5-UyU28B2efLnalLRJpp1c98cvyZKzhwanAq9kVA0wrp9DwnzPDrTmei-CKOE5AaTSC-WvgX_eUP8wMH2DdM5rYKGETrUOQ
expires: Mon, 31 Jan 2022 17:12:52 GMT
last-modified: Wed, 06 May 2020 15:09:30 GMT
x-goog-generation: 1588777770164783
x-goog-metageneration: 3
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 1681
x-goog-meta-
x-goog-custom-time: 1970-01-01T00:00:00Z
content-language: en
x-goog-hash: crc32c=iTDHew== md5=c2ZaqCqAXxKd4MgeeQDU8g==
x-goog-storage-class: MULTI_REGIONAL
age: 409053
cache-control: public, max-age=3600
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NO6Z%2FQpBdBUPhvnZodAS4QSh7VKy99rS05EqDuuiMjnQtLmrSQevqCbJ6iBRrrP0sEWVoOpWC6EKpceB1bg2d71bFL5XOiqAE8y6uGJ8%2BrMx6fRPxei7KA1PKjuOWt5xA4jLopo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 6d64395d2c1c072e-LHR
content-encoding: br

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+LX42ODEzNDR+NjgxMzUwfjY4MTM0NH42ODEzNTB+NjgxMzQ0fjY4MTM1MH42ODEzNDR+NjgxMzUwfjY4MTM0NH42ODEzNTB+NjgxMzQ0fjY4MTM1MH42ODEzNDR+NjgxMzUwfjY4MTM0NH42ODEzNTB+N... 38 B
206 B 40ms
39ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+LX42ODEzNDR+NjgxMzUwfjY4MTM0NH42ODEzNTB+NjgxMzQ0fjY4MTM1MH42ODEzNDR+NjgxMzUwfjY4MTM0NH42ODEzNTB+NjgxMzQ0fjY4MTM1MH42ODEzNDR+NjgxMzUwfjY4MTM0NH42ODEzNTB+NjgxMzQ0fjY4MTM1MCZzc2lkPX4xJmFjdD1nX2V2X3Nsb2FkfmdfZXZfc2xvYWRfbGx2XzQwMHgzMDBkfmdfZXZfc3JlbmR+LX5nX2V2X3NyZW5kX2xsdl80MDB4MzAwZH4tfmdfZXZfc3JlbmRfbmV+LX5nX2V2X3NyZW5kX25lX2xsdl80MDB4MzAwZH4tfmdfZXZfc3Jlc3B+LX5nX2V2X3NyZXNwX2xsdl80MDB4MzAwZH4tfnNsb3RfYWRtX3JlcGx5fi1+c2xvdF9hZG1fcmVwbHlfbGx2XzQwMHgzMDBkfi1+c2xvdF9ybmRyZF9jb250ZW50fi0mdXJsPX5pbWdiYi5jb20mdmNudD0yMCZfZj1fX2x4R19fLnRtcC5sb2dzdF96YThjcnhhdzFzeWMxZXVo/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: 8a0068588e9b99045fc430bbabbb7309e240ce84c7506da207f2dedc12eb99fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:52 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 964E 2 KB
1 KB 180ms
46ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_703114101954&jsTagObjCallback=__tagObject_callback_703114101954&num=6&ctx=1828362&cmp=115845&plc=4229118&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=703114101954&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dvp_strhd=0.60&dvpx_strhd=0.60&brid=3&brver=97&bridua=3&dup=null&turl=https://imgbb.com/&srcurlD=0&ssl=1&refD=1&htmlmsging=1&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVP_PP_IMP_ID=ABAjH0hiHurftZq9kYpu_qiIfkQ-&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&DVP_PP_BUNDLE_ID=&prr=1&m1=13&noc=4&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=149&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3E833%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3E833%5D4%40%3ETar9EEADTbpTauTau46hhh3ab77d%60gahh2f3c2d_3eh%60g%60h27%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.10&callbackName=__verify_callback_703114101954
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 986a8c765df813c6654289a55588e026591e1efe90bd94ebb48c252db56713a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:52 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 01/30/2022 16:12:52

GET
H2 200 /
clickiocdn.com/utr/scmps/ 42 B
158 B 43ms
43ms Image
image/gif 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://clickiocdn.com/utr/scmps/?rt=557267198&cmp=-1&api=-1&sid=224723&req=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:52 GMT
cache-control: no-cache
server: nginx/1.16.0
content-length: 42
iseu: eu
content-type: image/gif

POST
H3 200 rs Show response
ad4m.at/ Frame 8155 2 KB
2 KB 172ms
171ms XHR
text/plain 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/r62eglto.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 61d2be3d3dd5869dd3d232f545821ff974139967efaf28341b4738c5bfea2859

Request headers

Referer
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: application/json

Response headers

cf-ray: 6d64395efa180732-LHR
date: Mon, 31 Jan 2022 16:12:53 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wypBU3CObUl436%2FV%2BKuVrPXDMSMVOQ9o9j0WDrwmjtEwiRkVGHSzZONhKJtwlqyIDDvCOtXvMb0SVsBnWU%2BhWN0yB0bwDQL%2BwAzlOSQGjNASKGKXhSyUR4Glgx%2BD1buU3ecpbC4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-credentials: true
content-encoding: br
x-backend-server: aa-reachservice-group-europe-west1-143p

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 175ms
115ms Preflight
text/plain 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://as.ad4m.at
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 31 Jan 2022 16:12:52 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
access-control-max-age: 1800
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-headers: content-type
allow: HEAD,POST,GET,OPTIONS
x-backend-server: aa-reachservice-group-europe-west1-143p
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uTGjCE59sYgVtYDdELmsaDOBYbsDne8wOD8xn%2BY0xIgmVuheduWDsjE51JfiDXDKaG9pW3OSEzh98yn5Ao59QWIP5suEYaqWu9oYJ8h5SqbKZPme%2B1Vvr4W%2B6Yp2YYR%2Fhn9scwI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6d64395e284c0732-LHR

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 964E 10 KB
5 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 191
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4819
x-xss-protection: 0
last-modified: Fri, 28 Jan 2022 14:44:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 31 Jan 2022 17:09:41 GMT

GET
H3 200 impl_v84.js Show response
www.googletagservices.com/dcm/ Frame 964E 41 KB
17 KB 77ms
77ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v84.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 14:58:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4440
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17214
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:39:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 14:58:52 GMT

GET
H2 200 B9689862.280630144;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2923430898;ord=2q61zb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 964E 42 KB
21 KB 262ms
96ms Script
text/javascript 142.250.185.134
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2923430898;ord=2q61zb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fimgbb.com%2F$0;xdt=1;crlt=6vhdp_xv8q;sttr=87;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v84.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.134 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f6.1e100.net

Software

cafe /

Resource Hash

33da4a30542f590385e3abc5817e2971f247a2cb9208fb8dfb0aafb8152dfd6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 0A17 7 KB
4 KB 112ms
111ms Document
text/html 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/r62eglto.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ec7e984d40a2f285830cb597bdd7420f06d3e1bbbb3712521746069521f9b3ef

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1hn0g4737mwqcrxvea79dy53qz6ac4vqde2qa5s1fhn4ryeygtp47vmr3nng2nf0zpn5vws26bntezv76skjqy7xyp9pb753dpgp45c56nnmtr2r6h2w1hpv8hegvaqg1gdrf54h41eq652hpj7cmdf8r81tk1mdq4sdnh59cpf3gpecphadjheqf2gvq85gt9921989ay2wv2qqg259emaedasa93cq6z8v3ytbntvhfvdv1p85vf4qgnb1x202171086f3yjwyy8qd5fexc9kwtrbwcf738jqh0he29xrpy3jc6jn7576my0w034s0wwv0m0b72jjjfbjk0cqsjz322s5hc5jyyt4x8rqrzfg9wvveckjn12q6kmfmm0gg8nctbktp0nnh5hh5ypa394xhyyf3n5cdcn6x0smsrx77x7p1p580s3bdckha7jcz9r&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%26client%3Dca-pub-3104790387792468%26adurl%3D

Response headers

date: Mon, 31 Jan 2022 16:12:53 GMT
content-type: text/html; charset=utf-8
strict-transport-security: max-age=86400; includeSubDomains; preload
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
x-download-options: noopen
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
x-xss-protection: 1; mode=block
cross-origin-embedder-policy: unsafe-none
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
referrer-policy: same-origin
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
expires: 0
surrogate-control: no-store
pragma: no-cache
cross-origin-opener-policy: unsafe-none
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6d64396009d9072e-LHR
content-encoding: br

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 44F1 42 B
64 B 162ms
98ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstWhtqxHjsBK_1m5g1FFTefC2lIjq2_oq87h6wJZ2MCjtV5zgSpieD1M-dC-X3pogrrUwgnczmFjlEWeMADe6Y5TA&sig=Cg0ArKJSzMzQ5xOzroW6EAE&cid=CAASF-Ro8NMgWyADumXY7AnXb9OOj6I0tCnd&id=lidar2&mcvt=1003&p=85,436,175,1164&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=589635166&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643645571633&rpt=556&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.18/one-ad/ Frame 0A17 81 KB
11 KB 95ms
92ms Stylesheet
text/css 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.18/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:53 GMT
via: 1.1 google
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
age: 431267
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=83581
surrogate-control: no-store
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=86400; includeSubDomains; preload
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
expires: 0
last-modified: Wed, 26 Jan 2022 16:25:06 GMT
server: cloudflare
cross-origin-opener-policy: unsafe-none
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-download-options: noopen
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 6d643960cb68072e-LHR
cf-bgj: minify

GET
H2 200 A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
assets.ad4m.at/logo/ Frame 0A17 15 KB
16 KB 159ms
139ms Image
image/webp 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/A936526A7BBD1A3667304FF9801CD69D64491F536141498A04EE917B95C4F41805FB0684491C85587102A447B68BEB66A82BA2BA68F7C41066BBF7DD19871BB8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=i1Ff/Q==, md5=AYpfNzYzK/oFCZjsj3K+tA==
date: Mon, 31 Jan 2022 16:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 387179
cf-polished: origFmt=png, origSize=26777
x-guploader-uploadid: ADPycdt1hPWfal4eQDcS9NHgNZAMQTQscuKtP4hs6q2daNutJArM5OMbmsRTOF_AXiXEMGfiywDdMxq1pPo4r-5QlkfO8pGJEw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15238
last-modified: Tue, 07 Jul 2020 09:20:40 GMT
server: cloudflare
etag: "018a5f3736332bfa050998ec8f72beb4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EmTjQW4iTifqPQvZFyR%2FVYy0O1%2FKq3y5l1S7mkq85uqtkY5esbRWRqAmzTaT5TiowiJa3Fa9fZddO7AV%2B%2BwnF2hRMyrrRztwFZKjIRi2k3C%2BkI3m50KXl1h56LvgjHn8PP9Z29Kjq155jWbO"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1594113640078278
content-type: image/webp
expires: Tue, 01 Feb 2022 16:12:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 26777
accept-ranges: bytes
cf-ray: 6d643960da415a3d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
assets.ad4m.at/product_image/ Frame 0A17 382 KB
383 KB 296ms
277ms Image
image/webp 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/CD344C7198208A9A5F740F476AC3F2335508D7627FCE5B0F39A1436D67E60AB1E86775C9CFAD06EEACFED0D65DCA993D91C20CCA09713249CF6834EEECD25F41
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=d5mymQ==, md5=bWiWSMa0+LV8pKw7Fyjaew==
date: Mon, 31 Jan 2022 16:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1192397
cf-polished: origFmt=png, origSize=588465
x-guploader-uploadid: ADPycdtVR8GjgxF57rmiDYl8S_IQQhRQS260bpnm_1NfPjZBkB1995piMJ0iPO2l0CurHBScA0Jy9KYJZnHNCoYPX7M
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 391402
last-modified: Fri, 22 Oct 2021 09:31:50 GMT
server: cloudflare
etag: "6d689648c6b4f8b57ca4ac3b1728da7b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Moy8hbaCmeB8tRBCITRHFHSZf1mhfd0t0IrrN7CyTGbTkLvZBK1kwhHLLuZZnSp%2B8rA8I1fMBOD249Kmv9NCwCpyecbVhHAbsoLQVOqweY7N1BnSszE2Z0iJV0Gh1AxCkBEq%2Fsbr0woi9VnT"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1634895110632642
content-type: image/webp
expires: Tue, 01 Feb 2022 16:12:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 588465
accept-ranges: bytes
cf-ray: 6d643960da485a3d-MXP
cf-bgj: imgq:85,h2pri

GET
H2

200

view.aspx
pb.media01.eu/ Frame 0A17
Redirect Chain

https://pv.medialead.de/trck/epv/2aed39855b5f46b7d90f959867be60f8?t=htlp&subid=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATK...
https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Ne...

0
630 B

306ms
186ms

Image
text/html

88.198.250.30
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=

Requested by

Protocol

Server

88.198.250.30 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.88-198-250-30.clients.your-server.de

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:52 GMT
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
p3p: policyref="https://pb.media01.eu/pb.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
content-length: 0
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Mon, 31 Jan 2022 05:12:53 GMT
server: Microsoft-IIS/10.0
access-control-allow-methods: GET,POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Mon, 31 Jan 2022 16:12:53 GMT
Server: nginx/1.17.5
X-IPLB-Request-ID: D940971F:AEA6_91EFC182:01BB_61F80A85_13847124:4416
X-Powered-By: PHP/7.2.21
X-IPLB-Instance: 40027
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
Content-Type: text/html; charset=UTF-8
Location: https://pb.media01.eu/view.aspx?trackid=529D4F146E3238B0FD87AE72E1190AD4&dt_subid1=57372&dt_subid2=oneidRA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9xoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATKREDIT&actionid=879111&produktid=ratenkredit&dt_url=
Cache-control: private
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=63072000;includeSubdomains;preload, max-age=15768000
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Range, Content-Disposition, Content-Type, Authorization
Keep-Alive: timeout=20

GET
H2 200 B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
assets.ad4m.at/logo/ Frame 0A17 18 KB
19 KB 296ms
277ms Image
image/webp 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/B4CB880477BA810028D7D7613EE7E9E1448DC35AF48781E4B95EC6ECB7049A9AA27B107B317198EC504A03E948F7EC5A02BC2426A27879C893669BA93941B528
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=GT8dCw==, md5=4YyWNM3TGeacJ2VHXynNEw==
date: Mon, 31 Jan 2022 16:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 387074
cf-polished: origFmt=png, origSize=35453
x-guploader-uploadid: ADPycdsI3DOzmLbod25Jop33YR_zuyUPqn1MM4D4h_S3EBCdGxpFZEZAvPitn0WaaA2xHjjDy2JVwuGiGJ8gOWUiS7hER0HpBQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 18872
last-modified: Mon, 18 May 2020 12:30:29 GMT
server: cloudflare
etag: "e18c9634cdd319e69c2765475f29cd13"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PwFi7LMvP9Kj%2BngcLjXQKR%2F%2Bfo0D%2Fmyxet8tSdnvR8eKdeQqDUl6vP8%2FhqQSkpvRXh6%2FxtO6zyqzdV6zJ7adix34dAldHRCs%2Bu46h3evBp8j49knnzsb1Pw9xhg1W6o2KL6ZU1SvZmcfb3yW"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1589805029334103
content-type: image/webp
expires: Tue, 01 Feb 2022 16:12:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 35453
accept-ranges: bytes
cf-ray: 6d643960da435a3d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
assets.ad4m.at/product_image/ Frame 0A17 9 KB
10 KB 296ms
277ms Image
image/webp 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/285DE9FE17F697DA1B3C600D8F320A9D948FC7BBE696D077F9175DFE5ECD143923061A8E9DA395B492694AC69B9D920D397618A0BB22BBF5834FED5EDAA72A95
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=FPfkEg==, md5=cNeMaybSTgOMvyODLhu1OA==
date: Mon, 31 Jan 2022 16:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 940079
cf-polished: qual=85, origFmt=jpeg, origSize=83479
x-guploader-uploadid: ADPycdvv_sBwz-hzAU-P_TdSG_refXSwXCo8zoSHfo_GnqycZUA5yqQJjSgL4VeMsxEQLTf70829PdhdSj8oIJ-JrdY
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 9260
last-modified: Mon, 29 Nov 2021 15:03:15 GMT
server: cloudflare
etag: "70d78c6b26d24e038cbf23832e1bb538"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I5NLsAVFDfw392C3MC%2BDoaT3f3kM0ocu9il%2FYhKRQZ9PlkeNenoc%2Fyvtr%2FHjlFKp2UTL%2FvFMinYlzFc7J2OnmNpSxFbUTX3RDPS7x%2Fr%2BCPjpJyh0p%2FUOQm1zpSrzI7eskJavKg2b44cy7TiS"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1638198195167024
content-type: image/webp
expires: Tue, 01 Feb 2022 16:12:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 83479
accept-ranges: bytes
cf-ray: 6d643960da3c5a3d-MXP
cf-bgj: imgq:85,h2pri

GET
H/1.1 200
OK cshow.php
www.awin1.com/ Frame 0A17 43 B
702 B 236ms
85ms Image
image/gif 104.111.239.217
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.awin1.com/cshow.php?s=2519498&v=14098&q=368694&r=412871&pv=1&pref3=oneideYET3fVfxBVcjHZHet1teW3swSQT81s7Ewoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATKREDIT&gdpr_consent=&gdpr=0&gdpr_pd=0

Requested by

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

104.111.239.217 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-111-239-217.deploy.static.akamaitechnologies.com

Software

Resource Hash

2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:53 GMT
Strict-Transport-Security: max-age=86400
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control: no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set: default
Node: Helix
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 0A17 38 KB
38 KB 294ms
276ms Image
image/webp 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=RkBJ3g==, md5=Kw4C6d3nfjHTjXjXPcaeTw==
date: Mon, 31 Jan 2022 16:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 398695
cf-polished: origFmt=png, origSize=77267
x-guploader-uploadid: ADPycdtvLNIgT-SzwZMZjlNQjfebBuw04ARLmgBUkn-k9BF1NRUoHzSJDkgKeLg56sTGYBVOq5LNFQO2wLGrYIsQf1hrXsAdlQ
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W2lNp7bP%2BF6Anleu4u31vVjJcB82A9rnxncOUkXAoNZnpneIBLSL0PFycd%2BYm8DfA0ocnHL8Wc%2FHW4aermLSjgzZJsKAD4YxadSlku1WQTLFTmi%2BuMfQlNY%2BlDtvk4Dwqx9XNnsE4KnIQSQd"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1579698708801217
content-type: image/webp
expires: Tue, 01 Feb 2022 16:12:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 77267
accept-ranges: bytes
cf-ray: 6d643960da385a3d-MXP
cf-bgj: imgq:85,h2pri

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 0A17 84 KB
84 KB 160ms
142ms Image
image/jpeg 2606:4700:3039::6815:c06c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=15579%2C14044%2C24673&b=RA2hgfQfD4pTkHwH3tQtJgDS9SzTqxTG9x%2CeYET3fVfxBVcjHZHet1teW3swSQT81s7Ew%2CrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4R&f=QM4U4fjf4gRHxH5HYt9CXkWc6S4TqjTj9Y%2CDXEH3fwfbqPS3HmH9twCwAmFxSmT8jsRQE%2CP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73A&c=728&d=90&e=E-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQ&g=dc74e75d69a9d6b3cc53339840541645%2F14159309122644037287&i=26474%2C25007%2C20430&j=41%2C16%2C21&k=0&l=0&m=0&n=&p=&q=&o=suite_Netmix_Reach09_PRIVATKREDIT&r=1643645573014&h=%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1jqvr87bcgwx2thjrjg7xx6dvq1g52ypw5qdbv0vprccaxraqa8e5aa8yb21jq61adfa8d64hm3qygkqy67ja5f47p1k7zjaj4rbx9awfa8edh86dp2gvt4w67q62q5ejtn7xybk1japyjjnfbkdkszcxeq10tz3fnr0yfsmshd9m0sj4fzgkr1s94h8qda5ht30ca0f736aa5p31eey98syz8h5q5x6xbxyz603sd6fjh3mm5cskazx26y7scr1m2e7ncy64tmvr8q46q1c6rrk%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCkE-5gwr4YeDkGYzogAeKwI_gCJDhgYRctqjCivACwI23ARABIABglcqbgqwHggEXY2EtcHViLTMxMDQ3OTAzODc3OTI0NjigAcKu6N0DyAEJqQI-zVGS9LiyPuACAKgDAaoE5AFP0CbcON9rZbJL3Gx42yHVQEQkI-5vLXbyZxuiddQGJiEtZQ_vwCYZAtGhjPzWYU9qwo499m1RipvKzZmN9Zh73G_Nm5Ele3XxtxAq0f6dgnhU1Pb_wDDP9ws7ecEatK_f96IsnCKEvDlXsSVTmd5d-E4CG9145-yDpti5-xeZ8IQKa6alAeFWQQhzTqH0Sl6J1hu8E2ECZhGUuCF8KYH8wuybeoFeVclc8-Rd25UzAjiJ4dR1HvU-k-u0vikjlnlVO3JnPqCEFigv6I2cHPP88ZbX__gCyaJEXcrRE3sTFUFuWNTgBAGABpmr2p2-gM3fP6AGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_2Chci3782TLjVYCC-qTyZxa9zksQ%252526client%25253Dca-pub-3104790387792468%252526adurl%25253D&y=1&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3039::6815:c06c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-goog-hash: crc32c=e08Zuw==, md5=psibsHmVB2WUau7aQuE9AQ==
date: Mon, 31 Jan 2022 16:12:53 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 1034596
cf-polished: origSize=90165, status=webp_bigger
x-guploader-uploadid: ADPycdsptdp2JHMudyhma4_tRan-1sTXAWuZeU75iOPGSiSi3VWFAgWEo44SxaKV6Y1BqyBrraPCApnQwJCEnDNAE14
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u9jXw%2BGnZ7C67mI6CPZbS2QVpgE4zlgXRqkzYr8ZwrGFVaWK2Mk0GdneCU44T0Aj4sPrjMU2hpTV79fNmxoKcxuaoM6a6AqGXAAvbBhLXlJIV6bf6diz22X%2FyV1NLsOtDak3trU%2BX7NLXNv5"}],"group":"cf-nel","max_age":604800}
x-goog-generation: 1570637213281727
content-type: image/jpeg
expires: Tue, 01 Feb 2022 16:12:53 GMT
cache-control: public, max-age=86400
x-goog-stored-content-length: 90165
accept-ranges: bytes
cf-ray: 6d643960da375a3d-MXP
cf-bgj: imgq:85,h2pri

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/ Frame 964E 8 KB
3 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220126/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=84.245;dc_eid=40004000;sz=728x90;u_sd=1;dc_adk=2923430898;ord=2q61zb;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%2Cnull%2Cnull%2C%22%22%2C%5B%5D%5D;dc_rfl=1,https%3A%2F%2Fimgbb.com%2F$0;xdt=1;crlt=6vhdp_xv8q;sttr=87;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:11:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 14 Feb 2022 16:11:48 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 964E 0
524 B 233ms
97ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu4EvCPOjvGnev6vEj-mZunQX-rzFEteMDz7f4_hFVDVsW3ZCUiIU5uqKh7QONuCsgspptRxAC69qprsgHkrM4YrXqKJMNOcJRRrsJaZ0CRYCFUY15GqgCar6R-kw6a62XuXHY-ZWiZ42yB&sig=Cg0ArKJSzKwljuCPWiMtEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220126.03193&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 17721130591974731406
s0.2mdn.net/simgad/ Frame 964E 69 KB
70 KB 218ms
62ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/17721130591974731406

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Tue, 25 Jan 2022 16:56:51 GMT
x-content-type-options: nosniff
age: 515762
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 71148
x-xss-protection: 0
last-modified: Tue, 07 Sep 2021 22:07:40 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 25 Jan 2023 16:56:51 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 83D0 22 KB
8 KB 70ms
70ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 29 Jan 2022 17:31:54 GMT
expires: Sun, 29 Jan 2023 17:31:54 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 168059
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK dv-measurements2105.js Show response
cdn.doubleverify.com/ Frame 5884 501 KB
92 KB 118ms
118ms Script
application/javascript 2a02:26f0:12d:4a5::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-measurements2105.js
Requested by: Host: imgbb.com
URL: https://imgbb.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:12d:4a5::4469 Berlin, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 7f5da66516cf7931e640bda551914bc45ac2e42da640dfa067f2c260b830e7f2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Mon, 31 Jan 2022 16:12:53 GMT
Content-Encoding: gzip
Last-Modified: Sun, 30 Jan 2022 14:22:12 GMT
Server: Microsoft-IIS/10.0
ETag: "0c2a3c5e415d81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080900
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 94006

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame DD37 1 KB
752 B 66ms
66ms Document
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
date: Mon, 31 Jan 2022 13:26:12 GMT
expires: Tue, 01 Feb 2022 13:26:12 GMT
cache-control: public, max-age=86400
age: 10001
etag: 48472445140208031
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 964E 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5b365538a1448471ce09e1ca02a41c7ce591d15573567f5be9041e173dab196e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Content-Type: image/png

GET link.html
track.webgains.com/ Frame 0A17 0
0

GET
H3 200 mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js Show response
pagead2.googlesyndication.com/bg/ Frame 83D0 35 KB
13 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/mfFJ-W--rqivV8WG4WyPQ8vKEq2pdH_2ou3EKTspk_8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 13:15:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13575
x-xss-protection: 0
last-modified: Mon, 24 Jan 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 31 Jan 2023 13:15:40 GMT

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame DD37
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEAF7KvmOFtkgefzM_CNvCsU&google_cver=1&google_push=AYg5qPI-0FAwr8OU2GCFHBOQyShP_eUAePEtItitY4iNIEE0jAP1rPcm0sK6OnprGSMQVMiX2nxA_mVk7qY-u6Dc8hwAyZ0phsg
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA4NDc1ODA3OTU4NjcwNzMwNg==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1

43 B
407 B

214ms
213ms

Image
image/gif

2620:112:f006:bbbb::12
TURN-US-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1
Requested by: Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2620:112:f006:bbbb::12 , United States, ASN6336 (TURN-US-ASN, US),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESELV54w1Ha5tN3jMouT4eeCU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD37
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEHMFhmpTCGXfmz0gDZlOhbs&google_cver=1&google_push=AYg5qPL6XTe3IlrPG_m6bslgx8D_FvnFqT3id1w3773HW9P8_Nv4EHlu5f...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL6XTe3IlrPG_m6bslgx8D_FvnFqT3id1w3773HW9P8_Nv4EHlu5fWgw7UC_YWnoXlguq8Qa-rA_LbAONQYqXP2c1eT600&google_hm=4ebVh-a...

170 B
188 B

49ms
49ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL6XTe3IlrPG_m6bslgx8D_FvnFqT3id1w3773HW9P8_Nv4EHlu5fWgw7UC_YWnoXlguq8Qa-rA_LbAONQYqXP2c1eT600&google_hm=4ebVh-a53SFDX5IAfHWCPw

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPL6XTe3IlrPG_m6bslgx8D_FvnFqT3id1w3773HW9P8_Nv4EHlu5fWgw7UC_YWnoXlguq8Qa-rA_LbAONQYqXP2c1eT600&google_hm=4ebVh-a53SFDX5IAfHWCPw
pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD37
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPKVfobzHK0b97iN7KvgVPDxE2JHNiSWqgjqBnb...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZnS2hRQUFBWkVoZFY5QQ&google_push=AYg5qPKVfobzHK0b97iN7KvgVPDxE2JHNiSWqgjqBnbEmg7k9K6nFMMKORUjF_bbOL-7-9crvPJnitJ1-kVNFqr6Dm5Sg21H5tS4

170 B
188 B

84ms
83ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZnS2hRQUFBWkVoZFY5QQ&google_push=AYg5qPKVfobzHK0b97iN7KvgVPDxE2JHNiSWqgjqBnbEmg7k9K6nFMMKORUjF_bbOL-7-9crvPJnitJ1-kVNFqr6Dm5Sg21H5tS4

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WWZnS2hRQUFBWkVoZFY5QQ&google_push=AYg5qPKVfobzHK0b97iN7KvgVPDxE2JHNiSWqgjqBnbEmg7k9K6nFMMKORUjF_bbOL-7-9crvPJnitJ1-kVNFqr6Dm5Sg21H5tS4
Date: Mon, 31 Jan 2022 16:12:53 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame DD37
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEOo6H8R7XZu8nt79QmnzDRo&google_cver=1&google_push=AYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOo6H8R7XZu8nt79QmnzDRo&google_cver=1&google_push=AYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReE...

43 B
441 B

313ms
304ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOo6H8R7XZu8nt79QmnzDRo&google_cver=1&google_push=AYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:54 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6439656b615a1f-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 3233
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 6d6439637d815a1f-MXP
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEOo6H8R7XZu8nt79QmnzDRo&google_cver=1&google_push=AYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPJfpfb3f5bStJwJQyRbn4MzJwuKe1LlIzL59KCr2IekvxqWaSFLPDShQ9gXSbkjmFeJFh1FdS0kYsCEM08eWNg0tG6IReEr%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame DD37 43 B
351 B 161ms
37ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEHYygVMbESFNqpdqlhQfvvA&google_cver=1&google_push=AYg5qPIobTCsNbuzgbR7Yqc2LjuBZJd_4eLsIVZE8D27U0WbklUpq6g2F5hL-Wi7Dbj5U00ocMe_HQ9lCFSbUsm6cD-rvJiwKtU
Requested by: Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: mred4t7b7bhmsopgg5v4rnnttmnnrstb

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD37
Redirect Chain

https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEK...
https://sync.targeting.unrulymedia.com/csync/RX-0a1110c6-7aaa-495a-9bb9-7fb1725beb93-005?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAYg5qPIjieLbJcyBSY-czwAyt...
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIjieLbJcyBSY-czwAyt8hJEwDmwe5hf5bK0qMpIHowzUTlJdsQHV1Z4zgi10dgu68KTifbttYGa5GytgOwON3vikQubn4&google_hm=BQoREMZ6qklam7l_sXJb65M

170 B
188 B

79ms
79ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIjieLbJcyBSY-czwAyt8hJEwDmwe5hf5bK0qMpIHowzUTlJdsQHV1Z4zgi10dgu68KTifbttYGa5GytgOwON3vikQubn4&google_hm=BQoREMZ6qklam7l_sXJb65M

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:54 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 31 Jan 2022 16:12:54 GMT
Server: Tengine
ETag: RX0a1110c67aaa495a9bb97fb1725beb93005
Transfer-Encoding: chunked
P3P: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
Location: https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=AYg5qPIjieLbJcyBSY-czwAyt8hJEwDmwe5hf5bK0qMpIHowzUTlJdsQHV1Z4zgi10dgu68KTifbttYGa5GytgOwON3vikQubn4&google_hm=BQoREMZ6qklam7l_sXJb65M
Connection: keep-alive
Content-Type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame DD37
Redirect Chain

https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECqKhkQcrKdy_WtAzTIws3s&google_cver=1&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fG...
https://pixel.advertising.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECqKhkQcrKdy_WtAzTIws3s&google_cver=1&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fG...
https://ups.analytics.yahoo.com/ups/58202/sync?gdpr=&gdpr_consent=&redir=true&google_gid=CAESECqKhkQcrKdy_WtAzTIws3s&google_cver=1&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2...
https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNGZjMGYwOC04MmIwLTExZWMtYTJhMS0wNjg5N2VjNTc3ZDY%3D&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fGK0QpZzSnIf...

170 B
188 B

48ms
48ms

Image
image/png

142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNGZjMGYwOC04MmIwLTExZWMtYTJhMS0wNjg5N2VjNTc3ZDY%3D&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fGK0QpZzSnIfzRO66KnyO2dibLo4wQUKxD_pQHhgES7pAKmQ

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_eb&google_hm=VVBhNGZjMGYwOC04MmIwLTExZWMtYTJhMS0wNjg5N2VjNTc3ZDY%3D&google_push=AYg5qPKGaFbN-Mux1Wye9ZnjKJ7mHpEhO6NCAL0tInkA_2B6wMSPh2fGK0QpZzSnIfzRO66KnyO2dibLo4wQUKxD_pQHhgES7pAKmQ
date: Mon, 31 Jan 2022 16:12:53 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame DD37 0
12 B 75ms
74ms Image
text/html 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LHWb6Gr6HXjHWdtCJgUZ0zNqfqs-nXvDgvSsBs7h7R21HdnYTHLMZqbXKx24126aGKjKpWLg

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Mon, 31 Jan 2022 16:12:53 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 964E 0
23 B 117ms
77ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 31 Jan 2022 16:12:53 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK visit.js Show response
tps.doubleverify.com/ Frame 5884 2 KB
1 KB 903ms
220ms Script
text/javascript 63.251.109.130
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://tps.doubleverify.com/visit.js?gdpr=&gdpr_consent=&ttmms=286&ttfrms=27&brid=3&brver=97.0.4692.71&bridua=3&bds=1&tstype=128&eparams=DC4FC%3Dl9EEADTbpTauTau%3A%3E833%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3A%3E833%5D4%40%3ETar9EEADTbpTauTau46hhh3ab77d%60gahh2f3c2d_3eh%60g%60h27%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&srcurlD=0&aUrlD=0&ssl=https:&uid=1643645573643959&jsCallback=dvCallback_1643645573643350&dvtagver=6.1.src&navUa=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F97.0.4692.71%20Safari%2F537.36&htmlmsging=1&chro=1&hist=2&winh=90&winw=728&wouh=1200&wouw=1600&scah=1200&scaw=1600&jsver=2105&tgjsver=2105&lvvn=28&m1=13&refD=1&referrer=https%3A%2F%2Fce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&fcifrms=5&brh=2&sdf=2&dvp_epl=209&noc=4&ctx=3397726&cmp=3398513&sid=pp3&plc=33985131&adsrv=0&advid=3398311&turl=https://imgbb.com/&errorURL=https://tps.doubleverify.com/visit.jpg&mib=0&DVP_PROG_REP=1&DVP_DV_TT=1&DVP_PP_ID=3&DVP_DV_CT=1&DVPX_PP_IMP_ID=ABAjH0hiHurftZq9kYpu_qiIfkQ-&DVP_DBM_1=3060631&DVP_DBM_2=11817075&DVP_DBM_3=32228384&DVP_DBM_4=322153383&DVP_DBM_5=1&DVP_DBM_6=1&DVP_DBM_7=322133713372&dvp_rcp=2&dvp_htec=2&dvp_seem=2&dvp_tuk=1&dvp_sukv=51305785660.39033&dvp_tukv=20822393685.65484&dvp_uuid=294031848.11077464&dvp_strhd=0.7000007629394531&dvpx_strhd=0.7000007629394531&dvp_tuid=1419405796693
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dv-measurements2105.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 63.251.109.130 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: 49236ee5f544a37773de3fdacab7cea5d9f58b54869f1dedc134ab46f9b50679

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:54 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
Expires: 01/30/2022 16:12:54

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 83D0 0
24 B 84ms
84ms Image
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Ba0jIhQr4YZCEDJLa7_UPjvS4iAkAAAAAOAHgBAI&bg=!pKelp-PNAAY6OBv_Ojg7ACkAdvg8Ws14m6DjJ3yYJXiVAPLFBtorqxgCKZr4lWBxlSAUygcgnDRnWwIAAAB3UgAAAAJoAQeZAyHkVUOw5GeUZ0DPoUTyW0jg5a7Ltpep1122efJJDoe3Djkad4P9GwTsGARupwUkZ0QI0wdkcWAiyZGrcFLe8zvAFW0J5q_UTjr2mVWipV6jtklS9MirZOLi4UogOq8_GhFrizt0o3-yxqAFIle-bGTuJF6PSCooYaSI3geatmeR_Cr35G1cgeRWe4xUxMxdJCNPdUw3JpQX_0355BMdc8UPcPvrfhsEdmDhFSqgDxZXvszouRRXYZ3MSuMkCWvpqfn4ecYa6FZqyY0Z-L8Imzp0SpKOby1ZPntc2XiUtcC9CuSGynsMxy3cuHXeyHEgQQaTj4XJLAn5Hd-1g_7DDg2CxNchbDXiE0Yl0b3_ckf1xmwaREedjUchlY1ZZJzjCwsH5cM8xP3IOAwWscHQSI3n1CBuyMTbwSY5c6q9ksM5zDQLN5RAJMz2vyAvzXqBbSha5B3N6Hn90lSQmBgYxuT7d58qlgLYHZAKezEBmcrIPlehdC0KWPh0cfOsjGUsBpTmPO3-qsB03PvFp5331HoG9TkegvXIM4B8U8dke-NBDtzhFI8ko3B1lkBrFF1g5B1eZaX9e-WYjuPjY8JT29j_biyS8D2IfSNhxbGLm6QwjuUwqSZO0-mkOdyaduYk9-rV-ymY8pHOnFdQtvaLslbxtLorkEJ3qkuZ0_nFJx1Q_fwVexs80cTCLwcJsi7ns-loydyXGTL0EJq8YxQECraBMKiHS1GjqqCOGi9ZwO7AwYyPNLzl0_ij4UdegWAWKT1TDPSVgjQATemX5C10t1PwlU1ILH8L4A6QuJRzZH0jZ7ddu2kRGQFOMTzpCgst-xQPX5WMBBbr21UeI7TpJr3YrThlHaJ0t0LHCirkKywa3Z3_19b6PKohQqMwwHLeY-qqZjQqm8E47GMf5MOlmy60iN3zEd7lM7cQENY7-tchis0hAaRtumz4tyMeukUdSWcGcmFrqMkY0R2W4wrS9jz7pc_K_Amq1Yd7b8Rrg3NtG_U451Rbaq3Knyy0peNDkKYmR8cUaFE2ro_NhWWmICHuSPN5UymLcXuE-20Ysa3mqm0

Requested by

Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:53 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+NjgxMzUwfjY4MTMzNn42ODEzNTB+LX4tfjY4MTMzNn42ODEzNTB+NjgxMzM2fjY4MTM1MCZzc2lkPX4xJmFjdD1nX2V2X2ltcHZ+LX5nX2V2X2ltcHZfbGx2XzQwMHgzMDBkfi1+Z19ldl9zbG9hZH5nX... 38 B
206 B 338ms
338ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD02ODEzMzZ+NjgxMzUwfjY4MTMzNn42ODEzNTB+LX4tfjY4MTMzNn42ODEzNTB+NjgxMzM2fjY4MTM1MCZzc2lkPX4xJmFjdD1nX2V2X2ltcHZ+LX5nX2V2X2ltcHZfbGx2XzQwMHgzMDBkfi1+Z19ldl9zbG9hZH5nX2V2X3Nsb2FkX2xsdl80MDB4MzAwZH5zbG90X2ltcF92d2Jsfi1+c2xvdF9pbXBfdndibF9sbHZfNDAweDMwMGR+LSZ1cmw9fmltZ2JiLmNvbSZ2Y250PTEwJl9mPV9fbHhHX18udG1wLmxvZ3N0XzNiYnU4dzdsajRnY2thd28/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: bf9dd9bbd05c3f2ed1899584017d5745fb1463875482641b6cb071d0281db187

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:54 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

GET
H/1.1

204
No Content

event.png
tpsc-cac.doubleverify.com/ Frame 5884
Redirect Chain

https://cdn.doubleverify.com/redirect/?host=tpsc-cac&param=akipv6&impid=a295bf5d4c0b4c65a6ad683ac9d000b0&cbust=1643645574552864
https://tpsc-cac.doubleverify.com/event.png?impid=a295bf5d4c0b4c65a6ad683ac9d000b0&akipv6=2001:ac8:20:3a00:1011:b6d7:1fe6:a876

0
138 B

678ms
217ms

Image
text/plain

63.251.109.130
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpsc-cac.doubleverify.com/event.png?impid=a295bf5d4c0b4c65a6ad683ac9d000b0&akipv6=2001:ac8:20:3a00:1011:b6d7:1fe6:a876
Requested by: Host: ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
URL: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Server: 63.251.109.130 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:55 GMT
Cache-Control: max-age=0
Expires: 01/30/2022 16:12:55

Redirect headers

Location: https://tpsc-cac.doubleverify.com/event.png?impid=a295bf5d4c0b4c65a6ad683ac9d000b0&akipv6=2001:ac8:20:3a00:1011:b6d7:1fe6:a876
Date: Mon, 31 Jan 2022 16:12:54 GMT
Server: AkamaiGHost
Connection: keep-alive
Content-Length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 964E 42 B
64 B 135ms
135ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssjXhyAHo1hWa7voX878KzEe6Z3QvomN_rcou0Gnpfa_x9PVZRJs4X7VloC-RCVYIVTA1sX0cEnlMVirzBuqaW0qyjL37tQHqsyJc2NnwbAistMiSdrCg&sai=AMfl-YRS9ozP2kB0S0PA8qMM0Qr86VPFDXBl_mCgtO3WwbRZLwTuuuRYQmqk9ENUFEksgBMJEC0Uj5okfxUJ5D63tFg4lvwVp6sZXLqVnAgc9BCria_IGXv6aX1QoP_Q&sig=Cg0ArKJSzL0b9csy1O6aEAE&cid=CAASEuRomKKRDUZ9lG5nos3v1ptyCg&id=lidar2&mcvt=1000&p=1110,453,1204,1181&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&app=0&itpl=20&adk=419035065&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643645571547&rpt=2040&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 964E 42 B
64 B 104ms
104ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssE41mOw-WhMCJugZB2waxUHNDeXR2ptoC4h72IEw6U0YUgEZHOAesOVq7n0lCsmed8wSzcKB_y6mCiqeYsZficl_CSscih&sig=Cg0ArKJSzIRspBjbFr5iEAE&id=lidar2&mcvt=1002&p=0,0,90,728&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20220126&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2923430898&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1643645571547&rpt=2044&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 31 Jan 2022 16:12:54 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 964E 0
305 B 214ms
72ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?impid=adad0db23e694a74a035c9f1722e3c7c&nav_pltfrm=Linux%20x86_64&cbust=1643645574842873
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal101.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
Pragma: no-cache
Date: Mon, 31 Jan 2022 16:12:55 GMT
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 01/30/2022 16:12:55

GET
H2 200 / Show response
clickiocdn.com/utr/logst_sa/c2FpZD1+NjgxMzQ0JnNzaWQ9fjEmYWN0PWdfZXZfc2xvYWR+Z19ldl9zbG9hZF9sbHZfNDAweDMwMGQmdXJsPX5pbWdiYi5jb20mdmNudD0yJl9mPV9fbHhHX18udG1wLmxvZ3N0X29wMTlqeXdkZ2d6ZHlqMWY/ 38 B
206 B 57ms
56ms Script
application/javascript 95.211.66.35
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://clickiocdn.com/utr/logst_sa/c2FpZD1+NjgxMzQ0JnNzaWQ9fjEmYWN0PWdfZXZfc2xvYWR+Z19ldl9zbG9hZF9sbHZfNDAweDMwMGQmdXJsPX5pbWdiYi5jb20mdmNudD0yJl9mPV9fbHhHX18udG1wLmxvZ3N0X29wMTlqeXdkZ2d6ZHlqMWY/
Requested by: Host: s.clickiocdn.com
URL: https://s.clickiocdn.com/t/224723/360_light.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 95.211.66.35 Laren, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: hosted-by.leaseweb.com
Software: nginx/1.16.0 /
Resource Hash: bf482cca40fc30fe73df76cc7aa9a3af5d761420b4cb3966841565ad2c3aa027

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imgbb.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 31 Jan 2022 16:12:55 GMT
cache-control: no-cache
server: nginx/1.16.0
content-encoding: gzip
iseu: eu
content-type: application/javascript; charset=utf-8

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/generate_204?gj0i9g

Domain: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1h0ch20j0pz0yd9rvg748dksggsh682bbqqwdgv1tbfs8x0bqy7t9h3jv367nm36bega2wp69djgm8ayny80vftbzaf1af5wtxx81b9fg18z6znvazh80q93rchq1cmbb6z5108gb21shb5q7ykhygjj88f2ghqp34d0zndrkspashsyayp3hfzyavktqq5xc0x1vbvg7zx5feag31mfmc48wr58e76yppmrey09a6nzm6gsb3q6m2yxm7mqxm1y6vwzwf7k2xfnxa5yar3de2d7bt3sq9srcqfktmg0byqy53872w71j%26a%3D&clickref=oneidP6rTBfbfRbzh9HjHbtgCPzEHJS9TMYH73Aoneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATKREDIT&viewref=oneidrW4FQf9fd3jTAH7HjtqtBwxuYS8TxmhX4Roneid__asuidE-pBlCjpJz3zmCJkVlFeen9Yh7oybuEQasuid__suite_Netmix_Reach09_PRIVATKREDIT

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.imgbb.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: 7es1geml4brif4e874g9uo24vn
.imgbb.com/	1970-01-20 09:55:41	Name: __gads Value: ID=a1e77a26c159340f:T=1643645570:S=ALNI_Mb_iLkH58G-8DSGC4wZ_aVyp-_9tw
.doubleclick.net/	1970-01-20 09:55:41	Name: IDE Value: AHWqTUkd_Nl3sEsbclTc1tEUMetF-9wEBl4p96nF6ElfYWkfInZyKmaHzChuXtLjr6k
.doubleclick.net/	1970-01-20 00:34:09	Name: DSID Value: NO_DATA
.quantserve.com/	1970-01-20 02:43:41	Name: d Value: EBcBCQGqJYEA
.quantserve.com/	1970-01-20 10:04:19	Name: mc Value: 61f80a84-14088-0ee4a-6c72f
.travelaudience.com/	1970-01-20 10:04:19	Name: _tracker Value: %7B%22UUID%22%3A%22AA1FC5F9-F6C0-4078-A46D-585C6A0446F4%22%7D
.3lift.com/	1970-01-20 02:43:41	Name: tluid Value: 459306878756485406719
.adform.net/	1970-01-20 01:14:24	Name: C Value: 1
.adform.net/	1970-01-20 02:00:29	Name: uid Value: 244941986904432412
.casalemedia.com/	1970-01-20 02:43:41	Name: CMPS Value: 5202
.yahoo.com/	1970-01-20 09:20:03	Name: A3 Value: d=AQABBIQK-GECEP1aja59uUuJOTJVCJm5SisFEgEBAQFc-WEBYgAAAAAA_eMAAA&S=AQAAAuV4qbm3U8qaAUaXkxh-cO0
.adnxs.com/	1970-01-20 02:43:41	Name: anj Value: dTM7k!M41.D>6NRF']wIg2Hb7qK1hl!@wnfH8K6pQK`!5=E<*L5?%KH^kT(DZ)-Hw_<Evd68-/g/jZ5MAjOCpO:8bgP(hw9P-HC_#ttN3)usy%
.casalemedia.com/	1970-01-20 00:35:31	Name: CMST Value: YfgKhGH4CoQA
.adnxs.com/	1970-01-20 02:43:41	Name: uuid2 Value: 5808875023267723435
.casalemedia.com/	1970-01-20 09:19:41	Name: CMID Value: YfgKhH78Hq225wtAJ7M3MwAA
.casalemedia.com/	1970-01-20 02:43:41	Name: CMPRO Value: 1168
.casalemedia.com/	1970-01-20 09:19:41	Name: CMRUM3 Value: 2d61f80a842760CAESEKl7InNIWc84leqNeUu0vao
.turn.com/	1970-01-20 04:53:17	Name: uid Value: 3084758079586707306
.1rx.io/	1970-01-20 09:19:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0a1110c6-7aaa-495a-9bb9-7fb1725beb93-005%22%7D
.awin1.com/	1970-01-20 00:44:10	Name: awpv14098 Value: 412871\|1643645573\|a4e52b60-82b0-11ec-b037-22389adc0a30
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 379097:2519498
.advertising.com/	1970-01-20 09:21:07	Name: APID Value: UPa4fc0f08-82b0-11ec-a2a1-06897ec577d6
.medialead.de/	1970-01-20 09:19:41	Name: trscj Value: MTY0MzY0NTU3M3xMM1J5WTJzdlpYQjJMekpoWldRek9UZzFOV0kxWmpRMllqZGtPVEJtT1RVNU9EWTNZbVUyTUdZNFAzUTlhSFJzY0NaemRXSnBaRDF2Ym1WcFpGSkJNbWhuWmxGbVJEUndWR3RJZDBnemRGRjBTbWRFVXpsVGVsUnhlRlJIT1hodmJtVnBaRjlmWVhOMWFXUkZMWEJDYkVOcWNFcDZNM3B0UTBwclZteEdaV1Z1T1Zsb04yOTVZblZGVVdGemRXbGtYMTl6ZFdsMFpWOU9aWFJ0YVhoZlVtVmhZMmd3T1Y5UVVrbFdRVlJMVWtWRVNWUW1aMlJ3Y2w5amIyNXpaVzUwUFNablpIQnlQVEFtWjJSd2NsOXdaRDB3fFRrOU9SUT09
.analytics.yahoo.com/	1970-01-20 09:21:07	Name: IDSYNC Value: 18wq~22z4
pb.media01.eu/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: 25ybwxlmxs2d1rnosfju0dtw
pb.media01.eu/	1970-01-20 18:05:17	Name: DTU Value: 9E5E53D05CDC8DA83CEC13600DD6CC8A
.targeting.unrulymedia.com/	1970-01-20 09:19:41	Name: _rxuuid Value: %7B%22rx_uuid%22%3A%22RX-0a1110c6-7aaa-495a-9bb9-7fb1725beb93-005%22%7D
.tribalfusion.com/	1970-01-20 02:43:41	Name: ANON_ID Value: aNnsIHyg6AarA7u8QGkntbwiTFnU2fAMiETrYApUCLQ2BF1ZaeGT4nlbxh0ZdafrDnF3qb1d5UJvDRiKCqMWgcgFuw

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/022111152338000/v0/amp-ad-exit-0.1.mjs(Line 2) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.tribalfusion.com
ad.doubleclick.net
ad.turn.com
ad4m.at
ads.travelaudience.com
adservice.google.com
adservice.google.de
as.ad4m.at
assets.ad4m.at
c1.adform.net
cdn.ampproject.org
cdn.doubleverify.com
ce999b23ff518299a7b4a50b691819af.safeframe.googlesyndication.com
clickiocdn.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
eb2.3lift.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
imgbb.com
pagead2.googlesyndication.com
pb.media01.eu
pixel.advertising.com
pixel.everesttech.net
pr-bh.ybp.yahoo.com
prod-rtb.ad4mat.net
pv.medialead.de
r.turn.com
rtb.openx.net
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.clickiocdn.com
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
simgbb.com
static-de.ad4mat.net
sync.1rx.io
sync.targeting.unrulymedia.com
tpc.googlesyndication.com
tps.doubleverify.com
tpsc-cac.doubleverify.com
track.ctraxlive.com
track.webgains.com
ups.analytics.yahoo.com
www.awin1.com
www.google.com
www.googletagservices.com
tpc.googlesyndication.com
track.webgains.com
104.111.239.217
142.250.184.226
142.250.185.134
142.250.186.130
145.239.193.130
18.157.252.145
185.33.220.240
199.127.204.147
2.18.234.21
2600:1901:0:76b9::
2606:4700:20::681a:71b
2606:4700:3032::ac43:83fb
2606:4700:3039::6815:c06c
2606:4700::6812:d05
2620:112:f006:bbbb::12
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1450:4001:800::2001
2a00:1450:4001:80e::2001
2a00:1450:4001:827::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:830::2006
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a02:26f0:12d:4a5::4469
2a05:d018:d29:3602:1ae5:2286:b535:86e4
3.126.56.137
34.149.12.213
35.184.189.178
35.186.253.211
35.190.0.66
37.157.6.251
46.229.170.2
54.245.1.148
63.251.109.130
76.223.111.18
88.198.250.30
95.211.66.35
026b2bf06414770302f9627c54a98efad2a7eb4165b1e983c7f1139cb8933a5a
0442de55e3838ce2b8cfca9a7ad2a6bcecfd94844453c13b38d7a9f1d31944b9
097f27605ca0d079486d606eb3ab573a5685710b4f6d9d906327bcbffa45bec5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
138c34afa85316de8f114fcb0806662d234bb68d976ea48b6af57441bdba3b17
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
14a173842739bb7112058f3410f64e914aff8fd6efc15283978b402d2548e840
153aaeee7047ca29fe9975c724d3462366e42695067cdda7d36bed217fd69022
16c44eff08ff2861faffa3aa6ab0cd92d0298c34874c1599a148f3effc915687
1c986e26c37b744d9c6e7e20d576b46ca1fbfb5ccf49f970319f6d18910fb55a
1cfa97d4c5c4cf2854e01ce2046be1c05e6bc76519d644aad6aa4f1d959efbe4
1f1ab7f1b22c02d93e5bd37b04e7e848afd14337697f652c1454d14e801676f2
2179464a9b593de05ea2a423d14236645d400b267ee7d81acb50b39c06db3763
221fcc058ceb3b61003bad87f22deaa01f077d1bd8924cb3bf604e254993fa37
238b540e785e80cc476b387f2bb9bd12b314d289a67365e5d22b51dd5e62d588
25cbb0598f62d55b16729065a0955ce9efcdfb096c7f11fec31e731dcfa11e8a
279249ed963fcd87e6321b024c0194248dd1b44af5353e134071cdfff953967b
288be5a2f9b7174960e30363a72e97a3b2e197ee7929b5c602fb556e90d3c03d
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
319dc60c796946da643a880fec740453dfa1308266841c576d1c577a4c9bac44
33da4a30542f590385e3abc5817e2971f247a2cb9208fb8dfb0aafb8152dfd6d
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
3e74828a5583b971bed6d02a4e03f3be44e456b5757240c3edd4881fa106c48d
422b92422b67fb6b9419e32034a9c5d81034c815ed787a70bb3753381aac9519
4531bc045db90bb0c84d60188dd8e9b4a253b414202a5588df84a09bf829ca66
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48f67a152acf6ef2df67acd63779bee22382effa8a37b241811e04b683e312b1
49236ee5f544a37773de3fdacab7cea5d9f58b54869f1dedc134ab46f9b50679
4acb147613215546355b164d0c0d22b09873bd655aeace6b19b4760fd0cac803
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e46e56dce46d21c527e164d6749fb5ff0101f400aede06a8711196da9e5c619
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5255b7a218ae0d29321d08230ea3e43dd58948f98159d3cd1698b591bd9f19b6
533e8ab00e73a9a61f550b956a872f9091fe48b79b4072d87bdb07348af7f4bc
542f577e7b3bfcee8b15189537e30ba87b78e1ae7dca8ace5ff3313c0bfb7585
54d35e66675f9cc2ab471d0c389573b5ab0902937b397914a177712b27678a46
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
596111789f5ec0bf86bb3701343cda0cdff3fadc31bea5b5a93ff6529256f281
5b365538a1448471ce09e1ca02a41c7ce591d15573567f5be9041e173dab196e
5ed04d389a7b4a9deb1e0decdc831e2bddff537fa739c34127d0339c10663e04
60f9b5203842a4fe2d52f7c96f3c57b755bbf8f347535469739bcc6f95a9c4b5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61d2be3d3dd5869dd3d232f545821ff974139967efaf28341b4738c5bfea2859
63697d88ab7b6e34e76e5990b867c706cb4346c27ec1c5a034c4d91dfb136778
7691c90790c6550f595de4b7425e5f63fe9ac7ba27d35f0d9e81a3ef944e35a9
7f5da66516cf7931e640bda551914bc45ac2e42da640dfa067f2c260b830e7f2
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
80329d457bd68a89b53ca393d3ba5f1c7b4f944c3c60ef8244a6969e10647c55
838ca8f73ac18387e919098d3d04334725a1c92e5b15ad0d69baea936edb492e
84bf5ffcfd8b3a1240721c90836f1167532b716566165a51ca920c9e657a75d4
859242364bda2e673457798dc7acdcf7e9924101d5579b94f620d93b49ceba95
86c9bc6e94cf6e6929e61f1f50ea415ebad2b900498f56e23d2e76876bd67474
8912754cdac220a701c6d0e16a55b03af7b894cfb91df9068c1571f80092cafe
8a0068588e9b99045fc430bbabbb7309e240ce84c7506da207f2dedc12eb99fb
92af9e53d768cc3fb6c9675d0d2eafba403f527fc761b29679953c71d3c588e1
986a8c765df813c6654289a55588e026591e1efe90bd94ebb48c252db56713a8
98891d9a746c732d3351d872cfa8743c99e9eda18706df2e39a98b81340e25c5
99f149f96fbeaea8af57c586e16c8f43cbca12ada9747ff6a2edc4293b2993ff
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e123a11c5b411021d5bd8ab3926fe6d726b29ca2bb83e6066dae93a9ba326a
a460a968023118ac323a8793c5ed58ee7d5f8ae796cb4106af60062031d0ba87
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
aa0255dd574d1c5d14289aa5974337e6cdc1c8d51ea8f0d402b2fa488fb5c525
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b415eba27e079dcf82b5e30a282429cd69a562b5b3e14f6b91ee37b399046ca8
b79200304f02c4220f9ab0105b0d334405732dc6b5f8dae20b41f36f48e48fe4
b7b718208dab2de280fce41bc41f470788afc91d4599686a66209c069ba635bc
b93f465c229b49b4aadeb0b744da01d5f6d05b613229064c70d91c83ded46d5c
b9413e8593842cbb3661c1a0f9709429c8c2892eafd8fa286f752860192719be
b99b327da5045e69c1d88c2529758a8d50cf9c720737e3783cbfdd01407f553f
bf482cca40fc30fe73df76cc7aa9a3af5d761420b4cb3966841565ad2c3aa027
bf9dd9bbd05c3f2ed1899584017d5745fb1463875482641b6cb071d0281db187
c155146596c14218be2107cd95b29a32a3e1b1dee93e2f061bb273422e43f106
c1e12130de1af0a08256debddf188cd3a6d0de24ae929bcaa2bb6be433fa6c99
cd591129d51ba1e209bfb6e4cd85bc24cac7a8cbb6bc91f7f46dbcc98e8efa00
d12a71cd626ac8f0fc91e6f1b98280cfb49fd724f2dcc118d192adff9a0154b4
d39cf0ff821265b31a761fa7069af2aa542295c07dfce0c12571b0d49261557e
d5661858a1ac96084163595f8a5da3f9c0208037dbe609d6a8bbe48ada46c3b5
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
ec7e984d40a2f285830cb597bdd7420f06d3e1bbbb3712521746069521f9b3ef
ed6c2175f9baeac23e02b043a9ac02c09e07a7cba196fce75cae634315d5bd66
eecbecf91d77a0d1db40bef04f807ec88979176f3e655b99d156f9ed932b56d7
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc029e0546f49ed87c043e09393a995468c2ab1a139332b3aca0fdbe93fe51e
f8ff4c5b5071f52d817cd7eb2c15d4c8a688031aaa02edfe4b791bf0cdbe2e13
ffd015b1bb0125d07c39cbfcdee6a8e2b604b55ea1936cf550fe1f9fbdbf2ae4

imgbb.com Open in urlscan Pro 46.229.170.2 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

139 Requests

85 %HTTPS

45 %IPv6

32 Domains

50 Subdomains

29 IPs

6 Countries

1731 kBTransfer

3795 kBSize

29 Cookies

34 Outgoing links

Page URL History

Redirected requests

139 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

imgbb.com Open in urlscan Pro
46.229.170.2 Public Scan

Screenshot
Live screenshot

Full Image

139
Requests

85 %
HTTPS

45 %
IPv6

32
Domains

50
Subdomains

29
IPs

6
Countries

1731 kB
Transfer

3795 kB
Size

29
Cookies

139 HTTP transactions
3 data transactions