www.dailydaily-up.com Open in urlscan Pro
2606:4700:3034::6815:af3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKkt...
Submission: On August 19 via api (August 19th 2023, 9:52:40 am UTC) from US — Scanned from DE

Summary HTTP 311 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 58 IPs in 11 countries across 43 domains to perform 311 HTTP transactions. The main IP is 2606:4700:3034::6815:af3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dailydaily-up.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 20th 2023. Valid for: a year.

This is the only time www.dailydaily-up.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 13	2606:4700:303... 2606:4700:3034::6815:af3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	2606:4700:303... 2606:4700:3034::ac43:9313	13335 (CLOUDFLAR...) (CLOUDFLARENET)
41	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	35.186.215.140 35.186.215.140	15169 (GOOGLE) (GOOGLE)
1	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	23.197.142.41 23.197.142.41	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.95.112.24 54.95.112.24	16509 (AMAZON-02) (AMAZON-02)
2	3.37.240.225 3.37.240.225	16509 (AMAZON-02) (AMAZON-02)
3 14	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	119.28.16.172 119.28.16.172	132203 (TENCENT-N...) (TENCENT-NET-AP-CN Tencent Building)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
15	2600:9000:237... 2600:9000:237d:c000:0:e06c:e940:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
2	2a02:26f0:350... 2a02:26f0:3500:c::5c7b:680f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	18.173.187.54 18.173.187.54	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	116.50.36.71 116.50.36.71	18046 (DONGFONG-...) (DONGFONG-TW DongFong Technology Co. Ltd.)
4	52.197.179.68 52.197.179.68	16509 (AMAZON-02) (AMAZON-02)
2	54.178.179.241 54.178.179.241	16509 (AMAZON-02) (AMAZON-02)
8	203.75.214.136 203.75.214.136	3462 (HINET Dat...) (HINET Data Communication Business Group)
2 4	35.201.76.93 35.201.76.93	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	34.95.67.231 34.95.67.231	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	13.230.233.218 13.230.233.218	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:e... 2600:1901:0:e207::	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1 4	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	18.178.157.43 18.178.157.43	16509 (AMAZON-02) (AMAZON-02)
1 1	23.56.202.187 23.56.202.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	23.35.229.251 23.35.229.251	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
6	2a02:2638:d::2 2a02:2638:d::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	103.132.192.30 103.132.192.30	138552 (RTBHOUSE-...) (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD.)
4	210.59.219.34 210.59.219.34	3462 (HINET Dat...) (HINET Data Communication Business Group)
4 8	35.190.36.98 35.190.36.98	15169 (GOOGLE) (GOOGLE)
4 4	172.104.70.67 172.104.70.67	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
8	2a02:2638:d::a 2a02:2638:d::a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
6 15	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
2 4	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
3 4	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.102.35.84 104.102.35.84	16625 (AKAMAI-AS) (AKAMAI-AS)
34	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
2 2	3.127.92.109 3.127.92.109	16509 (AMAZON-02) (AMAZON-02)
2 2	185.29.134.244 185.29.134.244	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2	35.156.208.169 35.156.208.169	16509 (AMAZON-02) (AMAZON-02)
2	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.3.30 37.157.3.30	198622 (ADFORM) (ADFORM)
1	185.86.139.93 185.86.139.93	201081 (SMARTADSE...) (SMARTADSERVER)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	3.71.149.231 3.71.149.231	16509 (AMAZON-02) (AMAZON-02)
2	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
311	58

13 2606:4700:3034::6815:af3 (United States) 3 redirects

ASN13335 (CLOUDFLARENET, US)

www.dailydaily-up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700:3034::ac43:9313 (United States)

ASN13335 (CLOUDFLARENET, US)

store.dailydaily-up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
popup.dailydaily-up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
count.dailydaily-up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
twstat.dailydaily-up.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.215.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.215.186.35.bc.googleusercontent.com

ad.sitemaji.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

www.scupio.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.197.142.41 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-142-41.deploy.static.akamaitechnologies.com

static.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.95.112.24 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-95-112-24.ap-northeast-1.compute.amazonaws.com

nt.compass-fit.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.37.240.225 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-37-240-225.ap-northeast-2.compute.amazonaws.com

api.dable.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany) 3 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 119.28.16.172 (Hong Kong, Hong Kong)

ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN)

count.xxxssk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:237d:c000:0:e06c:e940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3500:c::5c7b:680f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

dmp.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.187.54 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-187-54.muc50.r.cloudfront.net

l.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 116.50.36.71 (Taiwan)

ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW)

cm.lndata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.197.179.68 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com

cm-dev-poc.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.178.179.241 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-178-179-241.ap-northeast-1.compute.amazonaws.com

fcm2.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 203.75.214.136 (Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 203-75-214-136.hinet-ip.hinet.net

t.ssp.hinet.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.201.76.93 (Kansas City, United States) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 93.76.201.35.bc.googleusercontent.com

c.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.67.231 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 231.67.95.34.bc.googleusercontent.com

fcm.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.230.233.218 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-230-233-218.ap-northeast-1.compute.amazonaws.com

adcdn.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.holmesmind.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:e207:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

audiencedata.im-apps.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.178.157.43 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-178-157-43.ap-northeast-1.compute.amazonaws.com

sync.logly.co.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.56.202.187 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-56-202-187.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.229.251 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-251.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:d::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.132.192.30 (Singapore)

ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG)
PTR: ip-103-132-192-30.rtbhouse.net

prebid-asia.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 210.59.219.34 (Taichung, Taiwan)

ASN3462 (HINET Data Communication Business Group, TW)
PTR: 210-59-219-34.hinet-ip.hinet.net

prebid.scupio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.190.36.98 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 98.36.190.35.bc.googleusercontent.com

ad2.apx.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.104.70.67 (Tokyo, Japan) 4 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: li1680-67.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 172.217.16.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.46 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.102.35.84 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-102-35-84.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.127.92.109 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-92-109.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.134.244 (United Kingdom) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.208.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-208-169.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.3.30 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.93 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Bad Durrheim, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 125 tpc.googlesyndication.com — Cisco Umbrella Rank: 163 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com ade.googlesyndication.com — Cisco Umbrella Rank: 340	808 KB
48	dailydaily-up.com 3 redirects www.dailydaily-up.com store.dailydaily-up.com popup.dailydaily-up.com count.dailydaily-up.com twstat.dailydaily-up.com	3 MB
39	doubleclick.net 9 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 228 cm.g.doubleclick.net — Cisco Umbrella Rank: 261 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 371	534 KB
34	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 352	10 MB
30	holmesmind.com 2 redirects cdn.holmesmind.com — Cisco Umbrella Rank: 136868 cm-dev-poc.holmesmind.com — Cisco Umbrella Rank: 129074 fcm.holmesmind.com — Cisco Umbrella Rank: 152441 Failed fcm2.holmesmind.com — Cisco Umbrella Rank: 155847 c.holmesmind.com — Cisco Umbrella Rank: 111103 adcdn.holmesmind.com — Cisco Umbrella Rank: 136416 ad.holmesmind.com — Cisco Umbrella Rank: 109477	103 KB
12	appier.net 8 redirects ad2.apx.appier.net — Cisco Umbrella Rank: 48468 gocm.c.appier.net — Cisco Umbrella Rank: 2822	3 KB
10	criteo.com bidder.criteo.com — Cisco Umbrella Rank: 885 dis.criteo.com — Cisco Umbrella Rank: 745	2 KB
8	hinet.net t.ssp.hinet.net — Cisco Umbrella Rank: 55164	9 KB
7	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1244 www.googleadservices.com — Cisco Umbrella Rank: 157	608 B
6	criteo.net static.criteo.net — Cisco Umbrella Rank: 710	84 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 225	282 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 275	3 KB
4	casalemedia.com 2 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 760	3 KB
4	scupio.com prebid.scupio.com — Cisco Umbrella Rank: 80546	724 B
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1248 eus.rubiconproject.com — Cisco Umbrella Rank: 737 token.rubiconproject.com — Cisco Umbrella Rank: 748	11 KB
4	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 3	2 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	97 KB
3	logly.co.jp l.logly.co.jp — Cisco Umbrella Rank: 64080 sync.logly.co.jp — Cisco Umbrella Rank: 68505	1 KB
3	im-apps.net dmp.im-apps.net — Cisco Umbrella Rank: 24416 audiencedata.im-apps.net — Cisco Umbrella Rank: 27170	3 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 62 region1.google-analytics.com — Cisco Umbrella Rank: 2102	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 73 ajax.googleapis.com — Cisco Umbrella Rank: 424	36 KB
3	dable.io static.dable.io — Cisco Umbrella Rank: 25611 api.dable.io — Cisco Umbrella Rank: 23286	39 KB
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 437	949 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 720	1 KB
2	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 372	291 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 1279	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 1136	2 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1080 r.turn.com — Cisco Umbrella Rank: 4432	869 B
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1550	326 B
2	openx.net us-u.openx.net — Cisco Umbrella Rank: 605	418 B
2	creativecdn.com prebid-asia.creativecdn.com — Cisco Umbrella Rank: 17052	367 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	94 KB
2	lndata.com cm.lndata.com — Cisco Umbrella Rank: 118645	940 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 76	140 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 277	42 KB
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 356	125 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1856	586 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 396	265 B
1	smartadserver.com ssbsync.smartadserver.com — Cisco Umbrella Rank: 1027	45 B
1	xxxssk.com count.xxxssk.com — Cisco Umbrella Rank: 193834	565 B
1	compass-fit.jp nt.compass-fit.jp — Cisco Umbrella Rank: 95283	17 KB
1	scupio.net www.scupio.net — Cisco Umbrella Rank: 247419	2 KB
1	sitemaji.com ad.sitemaji.com — Cisco Umbrella Rank: 91231	13 KB
311	43

	Domain	Requested by
40	pagead2.googlesyndication.com	www.dailydaily-up.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com s0.2mdn.net
34	s0.2mdn.net	www.dailydaily-up.com s0.2mdn.net
32	store.dailydaily-up.com	www.dailydaily-up.com
31	tpc.googlesyndication.com	googleads.g.doubleclick.net securepubads.g.doubleclick.net tpc.googlesyndication.com www.dailydaily-up.com 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com s0.2mdn.net
15	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
15	cdn.holmesmind.com	ad.sitemaji.com cdn.holmesmind.com ad.holmesmind.com
14	googleads.g.doubleclick.net	3 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
13	www.dailydaily-up.com	3 redirects www.dailydaily-up.com
8	bidder.criteo.com	static.criteo.net
8	ad2.apx.appier.net	4 redirects www.dailydaily-up.com
8	t.ssp.hinet.net	cdn.holmesmind.com t.ssp.hinet.net
6	securepubads.g.doubleclick.net	www.dailydaily-up.com securepubads.g.doubleclick.net
6	static.criteo.net	cdn.holmesmind.com www.dailydaily-up.com static.criteo.net
6	www.googleadservices.com	www.dailydaily-up.com googleads.g.doubleclick.net
5	www.googletagservices.com	googleads.g.doubleclick.net 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	www.dailydaily-up.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
4	gocm.c.appier.net	4 redirects
4	prebid.scupio.com	cdn.holmesmind.com
4	www.google.com	1 redirects tpc.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
4	c.holmesmind.com	2 redirects cdn.holmesmind.com
4	cm-dev-poc.holmesmind.com	cdn.holmesmind.com
2	ade.googlesyndication.com	www.dailydaily-up.com
2	eb2.3lift.com	2 redirects
2	c1.adform.net	2 redirects
2	dis.criteo.com	615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
2	x.bidswitch.net	615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
2	sync.mathtag.com	2 redirects
2	pm.w55c.net	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	prebid-asia.creativecdn.com	cdn.holmesmind.com
2	ad.holmesmind.com	cdn.holmesmind.com
2	connect.facebook.net	fcm2.holmesmind.com
2	eus.rubiconproject.com	nt.compass-fit.jp eus.rubiconproject.com
2	sync.logly.co.jp	nt.compass-fit.jp sync.logly.co.jp
2	fonts.gstatic.com	fonts.googleapis.com
2	adcdn.holmesmind.com	cdn.holmesmind.com
2	fcm2.holmesmind.com	cdn.holmesmind.com
2	cm.lndata.com	cdn.holmesmind.com
2	dmp.im-apps.net	nt.compass-fit.jp dmp.im-apps.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.googletagmanager.com	www.scupio.net www.googletagmanager.com
2	api.dable.io	static.dable.io
2	cdnjs.cloudflare.com	www.dailydaily-up.com
1	ups.analytics.yahoo.com	269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	match.adsrvr.org	269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
1	ssbsync.smartadserver.com	615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
1	r.turn.com	www.dailydaily-up.com
1	ad.turn.com	1 redirects
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	audiencedata.im-apps.net	dmp.im-apps.net
1	ajax.googleapis.com	api.dable.io
1	fcm.holmesmind.com	cdn.holmesmind.com
1	region1.google-analytics.com	www.googletagmanager.com
1	l.logly.co.jp	nt.compass-fit.jp
1	count.xxxssk.com	www.dailydaily-up.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	nt.compass-fit.jp	www.dailydaily-up.com
1	static.dable.io	www.dailydaily-up.com
1	www.scupio.net	www.dailydaily-up.com
1	twstat.dailydaily-up.com	www.dailydaily-up.com
1	count.dailydaily-up.com	www.dailydaily-up.com
1	popup.dailydaily-up.com	www.dailydaily-up.com
1	ad.sitemaji.com	www.dailydaily-up.com
311	72

This site contains links to these domains. Also see Links.

Domain
effort-us.com

Subject Issuer	Validity	Valid
www.dailydaily-up.com Cloudflare Inc ECC CA-3	`2023-02-20` - `2024-02-20`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
feebee.com.tw R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
scupio.net E1	`2023-07-10` - `2023-10-08`	3 months	crt.sh
static.dable.io R3	`2023-07-11` - `2023-10-09`	3 months	crt.sh
*.compass-fit.jp GlobalSign RSA OV SSL CA 2018	`2023-04-11` - `2024-05-12`	a year	crt.sh
*.dable.io Sectigo ECC Domain Validation Secure Server CA	`2022-11-17` - `2023-11-17`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
count.xxxssk.com TrustAsia RSA DV TLS CA G2	`2023-05-05` - `2024-05-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.holmesmind.com Go Daddy Secure Certificate Authority - G2	`2023-05-19` - `2024-06-19`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.im-apps.net DigiCert TLS RSA SHA256 2020 CA1	`2023-04-13` - `2024-04-13`	a year	crt.sh
*.logly.co.jp Amazon RSA 2048 M02	`2023-04-05` - `2024-05-04`	a year	crt.sh
*.lndata.com GeoTrust RSA CA 2018	`2022-11-23` - `2023-12-24`	a year	crt.sh
*.t.ssp.hinet.net	`2023-04-06` - `2024-04-06`	a year	crt.sh
audiencedata.im-apps.net GTS CA 1D4	`2023-08-07` - `2023-11-05`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-07` - `2024-04-03`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-28` - `2023-08-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-05` - `2023-10-31`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS RSA CA G1	`2023-03-29` - `2024-04-28`	a year	crt.sh
*.scupio.com Sectigo RSA Organization Validation Secure Server CA	`2022-09-26` - `2023-10-27`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-07-31` - `2023-10-23`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-08-03` - `2024-01-24`	6 months	crt.sh

This page contains 41 frames:

Primary Page: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Frame ID: 594008F68A4DDAACE16B76BD42371CDE
Requests: 67 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html
Frame ID: FEF6716DB5B7B6A4988643B4181D0A68
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&adk=1812271804&adf=3025194257&lmt=1692431554&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754262&bpp=2&bdt=179&idt=213&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7118580141811&frm=20&pv=2&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: 4768E7C7AB2A3E2724B88F08BA2EB170
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252
Frame ID: FE9D78C92142CF4221616FB79E0FBBE6
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=3761488103&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754266&bpp=1&bdt=182&idt=253&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=2207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ob85ppz5BI&p=https%3A//www.dailydaily-up.com&dtd=255
Frame ID: CE73E3C6EA7CA25AF3B4CE066A7E6E7D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259
Frame ID: 481F503F3F68981440F4E95B3BA2FDD1
Requests: 9 HTTP requests in this frame

Frame: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=08f32bd5-7042-4e79-a9ef-38a2c10ff466&id=dablewidget_goP0dJoQ&category1=%E6%98%8E%E6%98%9F%E7%94%9F%E6%B4%BB&author=0&item_id=4902192&item_pub_date=2023-08-08&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Frame ID: F74E3FBB3B7DFA05094DAD638C929ABE
Requests: 2 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: D0F05C5A5CC84061F2B8FE2433393A79
Requests: 9 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: F628548D28641B96E4033D8F6E6F9BEF
Requests: 22 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/presetfn.js?20230627
Frame ID: 02A0223045FF0E3A65CA562BD7C5CDA7
Requests: 23 HTTP requests in this frame

Frame: https://cdn.holmesmind.com/js/capmapping.htm
Frame ID: 72B1141163628911E955722D92542D22
Requests: 6 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 6DB90B6F6AC3E7D1F9FDE3244158B116
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: E807539B58BFAF7DAF55DF7CBA7BB4DB
Requests: 1 HTTP requests in this frame

Frame: https://cm-dev-poc.holmesmind.com/fp
Frame ID: 24321A46F6271730D5DCD2D5EDA496A4
Requests: 1 HTTP requests in this frame

Frame: https://fcm.holmesmind.com/cm.php
Frame ID: E2DA493D0852D2E8CF6B0AE6B63E64BD
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: A5A990DCD6FFBF488E8B0B22F74A6E75
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: DA3570447C0440D7561592B3A36232BB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: A34179A631AD7345B1DF7BDF62EE3358
Requests: 1 HTTP requests in this frame

Frame: https://sync.logly.co.jp/sync/sync.html
Frame ID: CB1C1285E37FE95845758ABD42B4CE5D
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Frame ID: 62E1A4F780E84611B51AD29AA4E8E143
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 9B372B0A151B8446692A0E2577B22C72
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 1CBE5C2FC99181BA54A013B27226C7A9
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 4C255AEEF5CD10065DB7821E27901457
Requests: 6 HTTP requests in this frame

Frame: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 5E0B997E5ECF6FDCEA6FE833D148EC76
Requests: 1 HTTP requests in this frame

Frame: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: A60A753A9299D0743531A8A8C86F9018
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C20E55F9666C07AC6313E6E686774DCA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: ABADC33CA85E0D695287ECAF4123241F
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 04A22D50280F27009EC74D0CB21E06B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F14878F8CF7C9564FD5AEA38820D6A05
Requests: 2 HTTP requests in this frame

Frame: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: 2D4717B564C5C1F5ED9A018AB372DA7B
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVyXQwbvrm3UUAE2BCD7KEr1GEYgNDfCxM3CFhjCbYUpO6DOUgGhy_f5nLAFVazpogXL_dxU1Ii4KVZikE03lEKmX6YRxMhMMUbn71DG6Qt-yhtOCE-syynn1YE4JgAnNd7YJ8LVwaRUjMDApzjxfXZRssQ1z_W5T_WjXNqm8_uGGQbXzQ
Frame ID: 5CF396FAE1C01A2190FAC6153763CD33
Requests: 5 HTTP requests in this frame

Frame: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Frame ID: C94F09CD4B4C4A8199D4E023036A9957
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNWVLrn22lF5pV7BuFQhv_7EeTmilRmvHSsam9jBZsOQosyFX__lj4f8aAnG43qbVNRmYcqnRFpG2bibCeJXY8bUUgUH-bexZB0JZDrzskru49_cOOhuIGKmS-C_vDVbtKtXAUTda_E8JegvZk0ZaDJ89GwUP5rG3hIMoY6tNhUlns0yKKY
Frame ID: 8446BE3E7DCF73487CAA1E909F7A241E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3B2A521C1F9560EBABAAE62D25FBCFE5
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2A6238D6641008CC07E3ED372BFE5296
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 99FF02992C4A1FB163856E85DDED540A
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Frame ID: 74EBC6B01A4689115897B3561FDC5379
Requests: 18 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Frame ID: D16C6E906C3CB327A5989D158ABDAD25
Requests: 18 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B5DCE75611DE4ED6F6962043CA14E11C
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: 41C146FFBA5256A3AA662E24CD596C9F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js
Frame ID: B29A9E4F0D11A8233F7744F9B82364F9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

拒絕豪門婚約！48歲本土女星「堅決奉子成婚」下嫁真愛　婚後「偽單親7年」如今為養家復出

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

311
Requests

92 %
HTTPS

38 %
IPv6

43
Domains

72
Subdomains

58
IPs

11
Countries

15524 kB
Transfer

19843 kB
Size

45
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://effort-us.com/book_OS9FME55dE16VGRrNlRQYjhRenZQQT09
Title: 她被撿回家后，八個舅舅樂壤了！全國9000億條公主裙一夜售空!

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_NFIxNG1zQytSNUF6S29VaWFrVklEZz09
Title: 少爺，車被一窩熊孩子刮了！「報警！」司機哭了：「我不敢，他們和您長得一模一樣」

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_UEM3T1QrajkyWlBQbTNyeGhQWnFuQT09
Title: 「傻子」嫁了「瞎子」，哪知二人都是裝的！新婚10個月懷6胞胎，整個家族炸了......

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_elBBMitraGdRcHRmZFV1Rmx6anlyUT09
Title: 她傷心嫁給一個植物人，誰知他竟是裝的，新婚2個月后被撞見孕吐，整個家族炸了！

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_Sk4vbHhjMStVMnAvZzdyK2lMblo3Zz09
Title: 大婚當日他同時納妾，她飲下毒酒，露出絕世容顏，「娶我，你不配！」

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_UnFldjJlSmhla2RJdGduc1J6My9IUT09
Title: 她死了五年，總裁去注銷戶口，卻意外發現名下有龍鳳胎，當場崩潰大哭

Search URL Search Domain Scan URL

URL: https://effort-us.com/book_YkI0c1JUK09tVEs1Vi9MelJ6Z1lvdz09
Title: 植物女教授穿越遠，她被美男野人拐進山洞，她推開他：「不生了，都第五個了！」

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 26

https://www.dailydaily-up.com/xstat/pop/4902192/1 HTTP 302
https://popup.dailydaily-up.com/js/ad?lang=zh&aid=4902192&host=www.dailydaily-up.com&type=1&count=0

Request Chain 37

https://www.dailydaily-up.com/xstat/index/2575 HTTP 302
https://count.dailydaily-up.com/?2575

Request Chain 39

https://www.dailydaily-up.com/xstat/moneystat HTTP 302
https://twstat.dailydaily-up.com/stat

Request Chain 91

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 94

https://c.holmesmind.com/cm HTTP 302
https://c.holmesmind.com/cm?tc=getIn&

Request Chain 104

https://googleads.g.doubleclick.net/pagead/adview?ai=CPkX74pDgZP6PIYvmtgf7t7O4DNzQ9tBx3_7jjdsRv-EeEAEgxd7ijwFglYKAgLQHoAHKkOKiKMgBCakCPZodL7Y9sj6oAwHIA8sEqgSGAk_QTq5bIz1LJyxhU6Xk4DMeZYH-IlmD-W7DfYSUIQZqUZA5YtiLo5tlq8RzjmPeDuwTM7azZy9QS8oM96tmtfwWOj29y9f82KJRjqHNvgtnPGP3MiF9yQK-3XLAaSsijTIu-41IUxelplVNQ3s-iGuJSsm5_Y1cKvxHa3zq8LUo1gtN3g3qiqPhw9x95S563Xzf0njhCfn5y2hYvnY3Da63X821lwwh7uP-FR4QptJ2FwdlNd3joTvVLKDVbUTxCwtOawK7AzWXlPPYmDNBMIgub7wXWyScSndgh6TzOXktqCqCmYvxDIfsDAvncMLHKtHcDvhXwCFfftt585lqx9D1_BhbRnLABJfTiJGcBJIFBAgEGAGSBQQIBRgEoAYugAfKyLKCA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEOmvDdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSVodHRwczovL3d3dy5qdW5naGVpbnJpY2guY29tL2thcnJpZXJlgAoByAsB2BMNiBQF0BUBmBYBgBcBshccChoIABIUcHViLTgyNTM0MDE1MTY3NjQyMTUYAA&sigh=LXqTsPqPz-c&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWzqDxDFnRIu9pgZ8gwq66TdeIcvgM3RgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227656529079575067244%22,%22debug_reporting%22:true,%22destination%22:%22https://jungheinrich.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210810329162%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229104820987602532065%22}&andc=true

Request Chain 127

https://googleads.g.doubleclick.net/pagead/adview?ai=C9nZY4pDgZKL7IIyrtwfTnKKQCNzQ9tBx3_7jjdsRv-EeEAEgxd7ijwFglYKAgLQHoAHKkOKiKMgBCakCPZodL7Y9sj6oAwHIA8sEqgSGAk_Qlccmbopw5vu7i2w2Tdvk3bx4_Y7KGQRMsxVes0rDErDIX0uUqDdvqb_mzVJ5-akvGGqgZiD1xst2WRWDdBXnfzmIRboQ8WNA7nEJ_3U6uq-LPvzbsxKfxuRevaADuLP3gQVVd-cZ3TImb2tBwj31UMTwp43z6hUDGNL18VHdEsEt7UflaENmCdy_pp3R80N3DrLYLqJMQ4_52SwfmffslWRRSmG9gFVoHuDpuMVj7bfdvZGzspFoLMPCK8WJVUaSLazrWbvKz7iYogsHVaLOYe1ZA__0rVrP0svlevUDe8cuKczXWee2E2HJb9NF8Pbg8t7n927fWMAzrX0KOcK8rksfxoHABJfTiJGcBJIFBAgEGAGSBQQIBRgEoAYugAfKyLKCA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcEEPXVE9IIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSVodHRwczovL3d3dy5qdW5naGVpbnJpY2guY29tL2thcnJpZXJlgAoByAsB2BMNiBQF0BUBmBYBgBcBshccChoIABIUcHViLTgyNTM0MDE1MTY3NjQyMTUYAA&sigh=7hE2GxLX9AI&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJW9ByxrO2TGA0b9nNZqvzZ33wLKpNQnhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211563125548916063045%22,%22debug_reporting%22:true,%22destination%22:%22https://jungheinrich.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210810329162%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211294844706582924513%22}&andc=true

Request Chain 128

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 130

https://googleads.g.doubleclick.net/pagead/adview?ai=CtoyN4pDgZJjUIdnVtwfgsI6gCIjNtLZypcul9MwRv-EeEAEgxd7ijwFglYKAgLQHoAGg8KCXKcgBA6gDAcgDyQSqBIYCT9Du6f5SgWWYWjHIxYgTTI3bOAsePkWDmyP2gSAiAoAgTq_4koC4KEyBN426UO8qhLbBB2ako-r3r7UYMt-6SX_JYbT4S631-BEzWerglllUxweb6Zho5bAvwZm5q364JIuSGdd29RsgjTcIwYyx2XBOu7m0lseTUNl_SJM0LDWsatPUNZe-6l4PG-cWI1u8Oe5Sj_p6PAgrjI7SpRqKyS6AL2H1ZaPRgq06pvM6oc7R4mT7fvsmNEgoGMFxLXbi_mYVduE2eGE0Ov2XbI40hr-TnJGop1m0jcs9lHcy0rUlJVldorMWsCn5eFMPvCqBSoYvboTG7fFbqcW1r-oI5ElB0PlYK8AE4M_01cUEkgUECAQYAZIFBAgFGASgBgOAB6Co8fYDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ3cEL0ggWCIDhgBAQARgfMgKqAjoCgEBIvf3BOpoJrwFodHRwczovL3d3dy5teWthLmNvbS9kZS9Qcm9kdWN0LmFzcHg_cD0zNTI2JnV0bV9zb3VyY2U9Z29vZ2xlJnV0bV9tZWRpdW09Y3BjJnV0bV9jYW1wYWlnbj1ERV9BTExfR29vZ2xlX2NwY19EaXNwbGF5X09TMjFfVENQQSZ1dG1fY29udGVudD1EZXNrdG9wLSUyMEFsbCUyMEF1ZGllbmNlcy0lMjBGZW1hbGVzgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTgyNTM0MDE1MTY3NjQyMTUYAA&sigh=4kpScwOkvRU&uach_m=[UACH]&ase=2&cid=CAQSGwBpAlJWLbqAup6OfHIwiVdOzTpdiGGbVJKhYhgB&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222411797964144667003%22,%22debug_reporting%22:true,%22destination%22:%22https://myka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211054626848%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22160540875748747649%22}&andc=true

Request Chain 134

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac HTTP 301
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

Request Chain 157

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Psz8BJfpBhCQrNZv5ZDgZA

Request Chain 158

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=vlxnmSo9DuKMMga65ZDgZA

Request Chain 161

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=Mp1oM5yiDJWUp_pp5ZDgZA

Request Chain 162

https://ad2.apx.appier.net/v1/prebid/bid HTTP 307
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid HTTP 307
https://ad2.apx.appier.net/v1/prebid/bid?acid=BiEsbaYoDK2n04P95ZDgZA

Request Chain 215

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1

Request Chain 216

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOCQ5Z18pToesMMC9QgsawAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEO7gI0nCFFfXreCNOGghC4A&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO7gI0nCFFfXreCNOGghC4A%26google_cver%3D1

Request Chain 218

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUzMzc2MTQ3NzgxODI5OTA3NA%3D%3D

Request Chain 231

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4HjwovJAPOIazVKScsc48&google_cver=1

Request Chain 233

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEIoA1zgEqiLt6EVHHHzIED0&google_cver=1

Request Chain 245

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENks8ySqEV7paQe48N-iy5M&google_cver=1&google_push=AXcoOmSUk1tVaXNtObN83tR115U57t1PqwMkQBs9CKTEDTUmIDrNksRMHaJiQXVylEHpF88mbgp7dR31ZMjTVXbcTN7ONN_GUDs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc2NzEwMzEzOTQ2MDYzMDI0MQ==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENks8ySqEV7paQe48N-iy5M&google_cver=1

Request Chain 246

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&google_cver=1&google_push=AXcoOmQmH8eZBtWoGqcwjirhy9a1CvSMcV1WhliJaPhFGDl8kavO3JuBj8_G3qfiqvwBGxYO787AfeeINEI2qtbs-8ueWKnnEEzB HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&google_cver=1&google_push=AXcoOmQmH8eZBtWoGqcwjirhy9a1CvSMcV1WhliJaPhFGDl8kavO3JuBj8_G3qfiqvwBGxYO787AfeeINEI2qtbs-8ueWKnnEEzB HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFhhN2kxUDkxUXhpRGs1&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&google_cver=1&google_push=AXcoOmQmH8eZBtWoGqcwjirhy9a1CvSMcV1WhliJaPhFGDl8kavO3JuBj8_G3qfiqvwBGxYO787AfeeINEI2qtbs-8ueWKnnEEzB

Request Chain 247

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGX7eWCQC2Dq_vcParlr5JA&google_cver=1&google_push=AXcoOmTDNdpby9MLN4Ud4R6h1dp9uveU8Va7cHDfUE1cszmrK9qCezRc6etHGq2Ie0jK40WmpVwsqCgeg9NrvHU4fNIqSE0Qi8Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTDNdpby9MLN4Ud4R6h1dp9uveU8Va7cHDfUE1cszmrK9qCezRc6etHGq2Ie0jK40WmpVwsqCgeg9NrvHU4fNIqSE0Qi8Y

Request Chain 250

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF_wdQCA65PpRvuKkpnK8KU&google_cver=1&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGRvdptTmafKhkOaCRGFD790L2BT HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF_wdQCA65PpRvuKkpnK8KU&google_cver=1&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGRvdptTmafKhkOaCRGFD790L2BT HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4ODc3OTUxMjYyMDc4NTE0NQ&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGRvdptTmafKhkOaCRGFD790L2BT

Request Chain 268

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGX7eWCQC2Dq_vcParlr5JA&google_cver=1&google_push=AXcoOmRjrBfhaCRCrZ6oDGYxksxtHJM8e-ufxutsV6SHcHQTIfSntRuw0zCjvKoG7jdDj0pOcp_gmR2WlqgkYjrgfWbt86WsDGr8OA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRjrBfhaCRCrZ6oDGYxksxtHJM8e-ufxutsV6SHcHQTIfSntRuw0zCjvKoG7jdDj0pOcp_gmR2WlqgkYjrgfWbt86WsDGr8OA

Request Chain 270

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAj_eq5ApGPIdPxSR_hltlU&google_cver=1&google_push=AXcoOmSGXpJVW7kzByMWsrnqR_uuqJLrzyQGwyB-PqAUw3CQGIpG3hlCAQkRkuShA91MviPrCCH1pi7ci7LLuoAffiliL4vmmkimbg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODk2OTExNjA5NTkzNjY2Mw%3D%3D&google_push=AXcoOmSGXpJVW7kzByMWsrnqR_uuqJLrzyQGwyB-PqAUw3CQGIpG3hlCAQkRkuShA91MviPrCCH1pi7ci7LLuoAffiliL4vmmkimbg

Request Chain 272

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGDrsKUj7DT4rc9oNnmXhG0&google_cver=1&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3kRracEIbzmHJc8B6WpJPIAQhF_Q0f_HYadrw7Ww HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3kRracEIbzmHJc8B6WpJPIAQhF_Q0f_HYadrw7Ww&google_gid=CAESEGDrsKUj7DT4rc9oNnmXhG0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MDUxNzE0Njg0NjExMTE2MTI2&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3kRracEIbzmHJc8B6WpJPIAQhF_Q0f_HYadrw7Ww

311 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09 Show response
www.dailydaily-up.com/ 42 KB
11 KB 273ms
244ms Document
text/html 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: c6aec9a9b42dac0263b43f585d0b8fe660524d3a4f8c4659d15693159e3c7d4b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=28800
cf-cache-status: DYNAMIC
cf-ray: 7f9181237bec1c0f-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 19 Aug 2023 09:52:34 GMT
expires: Sat, 19 Aug 2023 17:52:34 GMT
last-modified: Sat, 19 Aug 2023 09:52:34 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=akAjOfXbx%2BW7da2WXFtIFlvClEzf6KVeXJBVMxZMaAUWCG16%2FMS0Bc56rW2wBngT8IefzdYI%2F3mgd2MfISy41cbhPhtBcEDcAbD%2FjOu7Hc1G36d6RHtxffvJx3OghiKJxbaYGGkHMIVMHS8gEkIWTyLYTNo%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-aspnet-version: 4.0.30319
x-aspnetmvc-version: 5.2
x-powered-by: ASP.NET

GET
H2 200 font.css
www.dailydaily-up.com/Content/global/default/font/ 3 KB
965 B 16ms
15ms Stylesheet
text/css 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/Content/global/default/font/font.css
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28471
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 12 May 2023 03:55:30 GMT
server: cloudflare
etag: W/"0253988584d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SxwR1aaVtVvZJmcWdeYL7ULZiYXsAb1TNImPuHiGiZnFRwdo7MPQtZAM7VCVq%2B3ZA6cYcc%2BagQcvDnEt%2BgYGjhyPwkzuAZj16xsENJESeKZIZUsulcGcGJw07BiKm0JkcH3rWrX7PYAQLBFuL6SeFdGCiaU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7f9181250def1c0f-FRA
expires: Sat, 19 Aug 2023 09:58:03 GMT

GET
H2 200 css3.css
www.dailydaily-up.com/Content/global/default/ 25 KB
4 KB 16ms
15ms Stylesheet
text/css 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/Content/global/default/css3.css?v=31
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: e2e6443f2e88331f08abd67e2c2a060c1dfa898deb6ba735237f9a8711e7a192

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2657
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 07 Apr 2023 09:17:11 GMT
server: cloudflare
etag: W/"80c5d8bb3169d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3v419Psv788gnhj33YQSIv9wyNY1hIsW%2FhIsfngfFfT7gcUiSA27hiy3EjvujMxR3lsAaSDNrvObu%2FW9OOSbGHHohx%2B9z2tp2YUz0IwJwHVwI2mRWJoDJ42%2FymhH%2FTFqCsmKnVWuT0a8Kn2i6cEe6xuFxQg%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7f9181250df01c0f-FRA
expires: Sat, 19 Aug 2023 17:08:17 GMT

GET
H2 200 globaldefault.css
www.dailydaily-up.com/Content/css/ 362 B
553 B 15ms
14ms Stylesheet
text/css 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/Content/css/globaldefault.css
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2657
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 13 Apr 2023 08:54:13 GMT
server: cloudflare
etag: W/"d2cd5385e56dd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sktL49Z%2FOP0yeh1c2rl%2FdP3amEIrCcaQhzKQGNK0FdcbY3X2UQDuZxRe%2BtwyHzYDmonFVLv%2BxNHGQH0RQekqz567orpS4lJ57Y9rxa%2B2zx8l9kX2VWo06wp%2FogYzCcN7Bcw%2BiVoGCBP3uiIHPYGkXkgFjMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7f9181250df11c0f-FRA
expires: Sat, 19 Aug 2023 17:08:17 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/ 86 KB
28 KB 33ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/3.4.1/jquery.min.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailydaily-up.com/
Origin: https://www.dailydaily-up.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2049256
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27755
last-modified: Thu, 22 Jun 2023 11:06:06 GMT
server: cloudflare
cf-cdnjs-via: cfworker/r2
etag: "64942b1e-6c6b"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sld%2Fg%2FfD7cvDVGcNgduU%2F%2BWvZjKfBVdN6pVo0hhQTkyiYUXLBzuxCLXZBrmm04kGxo7lt9DYE%2FdtEbCLj26UrqIklFKnBbliYfTzPp6eDC99Ke2nkczljDFROds2ftzA63POSPH5DZbuYXfNvdIvtNaS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f918125292518fd-FRA
expires: Thu, 08 Aug 2024 09:52:34 GMT

GET
H2 200 contents.css
www.dailydaily-up.com/Content/css/ 7 KB
2 KB 16ms
16ms Stylesheet
text/css 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/Content/css/contents.css
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23681
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:07:29 GMT
server: cloudflare
etag: W/"80d6a3dfb65cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0dnQMCVOWmccES9XGlzBDhLofz6cZ0qZD%2FZWp6H52vqscJU%2FAz906NP%2FZPGoQ1BMLrThtbHxPL5GL7Tfo1p3FixbM2wx8x%2F4riGaD1k3r5ZzefiKHBBLRX9x7MhR2TpsM9oOn5LvUh5q6%2F0uCnct70p0HOs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7f9181250df41c0f-FRA
expires: Sat, 19 Aug 2023 11:17:53 GMT

GET
H2 200 adtext.css
www.dailydaily-up.com/Content/css/ 859 B
608 B 16ms
15ms Stylesheet
text/css 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/Content/css/adtext.css
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 06605ec7ba35ed117fdef019c170683bf260013053db236f81bac821a92fb03b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 28471
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 09:27:32 GMT
server: cloudflare
etag: W/"15ac3837b6d1d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5HaCCjYMppHKDQrNXg73EG0ca%2B5lhqAQXx6%2B%2FsEm92jL5x1DkHi2xsV2UxXaXsGOywDf1Cd3e8y%2FnaZ4OE%2FlyxEUU3kPOj15Kc3i8yJFUFXv%2BDZ0xinLT%2FFF2uI29F4TdvVLiNSy9ON7T8galAVkt%2BeU5c%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=28800
cf-ray: 7f9181250df51c0f-FRA
expires: Sat, 19 Aug 2023 09:58:03 GMT

GET
H2 200 openart.js Show response
www.dailydaily-up.com/Content/js/ 86 B
508 B 18ms
18ms Script
application/javascript 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/Content/js/openart.js
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 15829
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 22 Mar 2023 12:07:21 GMT
server: cloudflare
etag: W/"8891fdbb65cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NygFz2Zlou06T8mccZRncRtLIY%2F1PQ9UxCvJQyh7k%2BmN%2Fqt9KVjVYllfSuG318vJ8JcAxhS1W2NhtUaRlwvABadH7tMV27AexLdjOccLz9mmDtvAL%2F7SbvyQptFsjUjveQS0aQzphJvhmllfD%2FtsfpO2K7w%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7f9181250df61c0f-FRA
expires: Sat, 19 Aug 2023 13:28:45 GMT

GET
H2 200 22C2EE70A39A.svg
store.dailydaily-up.com/logo/2023-05-16/ 6 KB
3 KB 52ms
16ms Image
image/svg+xml 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/logo/2023-05-16/22C2EE70A39A.svg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 458ffa79be39b821ad6564044f26293dd23b48b36d7c56b2a55b05046820e573

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 509255
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 16 May 2023 08:49:44 GMT
server: cloudflare
etag: W/"3acab45cd387d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J99eMUxs%2FQlx90Zv5FORzkQ4kBjgDiv2DRlYazv61i2GQNr7b3dRVdN%2FL%2FpxGEv4nGd4XU50xkF0Sf5k2pHvtLdcbwgoJdnCwIXdejAkuedPPqFWZ62DrDFiYZgrA8eCleVzn0f5NbvG6km94f4CcVW%2FgU%2F3ag%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f9181259bf630d0-FRA
expires: Sun, 20 Aug 2023 12:24:59 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 89ms
64ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8253401516764215

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26d41e091f53db35f627949f43ea95f33b0b197929e3af4cc65cf02025e23f04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Origin: https://www.dailydaily-up.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50765
x-xss-protection: 0
server: cafe
etag: 9431702057397427580
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:34 GMT

GET
H2 200 DFFD0703C050w640h429.jpeg
store.dailydaily-up.com/picture/20230802/FF/ 26 KB
26 KB 59ms
23ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/FF/DFFD0703C050w640h429.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 76dd721fc149430c015f21324227424990504515cbf5ff04f365fcb8e93b85ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200023
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"a76233adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=26Mp0yMAcL%2BNAYLGtdWIXYLQx1akM%2BumotYYlLuPpxJzMqvNhwKQag4ROViU5n4%2F1TsWbC175EW1STa2ZpwtP21CtATDbigS8ltB02apwhWWoTvu9AHyXEJRb%2F6kqZb7QhbnuwJ6CVBjnW%2FH6mYITGregGF0Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f9181259bf730d0-FRA
expires: Thu, 24 Aug 2023 02:18:51 GMT

GET
H2 200 9805489FF916w640h57.jpeg
store.dailydaily-up.com/picture/20230802/80/ 11 KB
12 KB 51ms
15ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/80/9805489FF916w640h57.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f6dba17f780cea3c7541ec040f86cfa4cf60d483f0282151c09eb717e922a9b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200023
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"86ce83adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUMyEFpQ9EZRqwj80uFcbyaHGEhvO2ior5H8%2FCMBLvZEGWMGUBoGQeWwOTwI%2F0KzbbTkxjWkrtK4iJuXDZ6DXZb%2BITe3MPed3Mu6AR9zMXborGcni3X%2FiWafCakWejUYQ%2FknJ%2FYdTSkin2NoORXbptvQmJsKLg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f9181259bf830d0-FRA
expires: Thu, 24 Aug 2023 02:18:51 GMT

GET
H2 200 E1E8E06FE60Ew595h619.jpeg
store.dailydaily-up.com/picture/20230802/1E/ 43 KB
43 KB 62ms
26ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/1E/E1E8E06FE60Ew595h619.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: d2c0219b3f79f1fd076f7baa05762920ebc07e47291b09b466245cc3934ee5be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"19e9f3adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A4eti1K3Nua2RgOxczNsSGg25NwieQMD5BQRMWaUpxbxCj2Z6%2BhCI%2BtzPC7qyIaUPd66uC1LS3MwqAsw8xhCytvXtJi3z%2FyZXSoSPl8QxPHOzTkA8HB%2FLml9kUrJdFIYByIeeIYFOsh5oC8kswgbEbgBgYFffw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f9181259bfa30d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 F9ED88F1A7A5w640h470.jpeg
store.dailydaily-up.com/picture/20230802/9E/ 22 KB
22 KB 52ms
17ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/9E/F9ED88F1A7A5w640h470.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f5e670413119ec12082e70b8ebde5cf8aa6b609868054fb5cb2b34fce22540b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"5585d3adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S8GBqn4RAFKGCO3CXMc%2BFEYlUrMM%2B7JW7MA5G5kNtrIHv43Bn0bAwyNQUS0JNPTY7ReJga4RExA2JSj%2BSBrkDJISxBEnxnxRA3iBKpXLfnFvoSlTLvr1J%2B6c7aGyMM6kqbadfZVeS1TB0LUT7NsOKeFf6GE1Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f9181259bfd30d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 0A79C3F04CEAw640h350.jpeg
store.dailydaily-up.com/picture/20230802/A7/ 35 KB
35 KB 52ms
16ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/A7/0A79C3F04CEAw640h350.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 506807daf2b505515dc00f384cbc1c45494a764e6c847896a1c9f8508087235d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200023
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"19e9f3adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ktjkac1Cgb%2BnbNi%2FaRAVC1r%2FXtUfgMCEVzghdpe%2Ffk7eTg8eDfnKxwTscA1vvW9sz98gMYahAWvivZajWRWspMU%2Fcdt3SnJZxnBC7TBKeYXWJzb4YF4j1OMUVpdRnnp2PMy40o5CLznGzhzt2nfZZmjCR0D9jA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f9181259bfe30d0-FRA
expires: Thu, 24 Aug 2023 02:18:51 GMT

GET
H2 200 205773FE7791w637h160.jpeg
store.dailydaily-up.com/picture/20230802/05/ 28 KB
29 KB 22ms
20ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/05/205773FE7791w637h160.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2d8e203ee50b347070544c75f35ef84146ca1fda8bc0820b9d324770b1fd5c72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"86ce83adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6pUikY2ilS3zRCVAGvt7C7XXrFUpD3TSZLivtOAVju7N5G99%2F38Qy5GpLIXCzS4zE5lnoJEo1%2BdVRMA82DSV2E3o78lxZOCi5noM6IpwLQI0v%2ByUfcaqRheZi1EQEza38FGHwd9kTzBoaGFGvckdxJ4qQZ81Kw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0130d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 F0ED45D35DBBw640h360.jpeg
store.dailydaily-up.com/picture/20230802/0E/ 29 KB
30 KB 22ms
20ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/0E/F0ED45D35DBBw640h360.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 4a774eee2325be3cf1bba0140cdf621babe3263e8314a27d1580fc0a7d283f09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"86ce83adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VTh4ldsBJfmPQOY5un3%2BBxWF9cD1TgVPOZ3s14pk2ZHlAWJdLFCWNn%2Bp%2Fc2lNKdDxv3c6vmQtlG5CchZCcGNeI12sK%2Fumsy9pZujzpHC8qw6YTJjeBf2LElv0gWudgb9bKFB2BIvqt3FBcjwp0IAuz7ksLnFXg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0230d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 1B50D69025B4w640h437.jpeg
store.dailydaily-up.com/picture/20230802/B5/ 32 KB
33 KB 22ms
21ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/B5/1B50D69025B4w640h437.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2a41aea58330ae3f0c8ee4b3786cf9f01ead7f61c3880b0ca756a0789b8cdfd1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200023
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"f214173adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lsrTn%2FZSSgJsznkF%2F0UF6NAc7JCUf9mI2eN7ECH0awtp62q583Xv70mwEE1J%2FRSxkAbqN4qCq7Dt%2Fed0pP9wKsWT%2BmgkSeBytzPJrbW6fkgbTjTnh27OJbjeXG1jH%2B6929aBIHOrt3HURvHe92B5gpvevU%2BErA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0530d0-FRA
expires: Thu, 24 Aug 2023 02:18:51 GMT

GET
H2 200 E434CDEC6E7Aw640h445.jpeg
store.dailydaily-up.com/picture/20230802/43/ 47 KB
47 KB 23ms
22ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/43/E434CDEC6E7Aw640h445.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: b2d149d82e375036bed39d307750ec01189d003b0e644336827624681d875ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"19e9f3adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JHSe68UIpzPWoPd8akVOrg7YF7BLv3AhtG%2FBtz%2FCWs1SY8b%2BfMLE52GDct%2BwMp9bVYXX38294x1PmKy1hSPEdvbwS6QvYcRjWJ1nUxNsko1GD8By44z2CG5XWCzwdXvV2oXqk1KdjyDxma%2Fe5ilMiYRhykKQZw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0730d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 A396B5AE03B6w631h585.jpeg
store.dailydaily-up.com/picture/20230802/39/ 62 KB
62 KB 23ms
21ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/39/A396B5AE03B6w631h585.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 241081e8e0cad022ed43273a2203a43b7e35b60d22be538235588a0a87873be1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200023
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"8877193adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UG8NSjgaeIJveCXZKvwGlRIIe8JISExAgTCHYfwhKRf0qpxR0EihmAt7zMu7vDfeJL3zX3ixP60zyhG9ssZGSEYhjIKtYrrdsgHJcnMbi2iBsGH3NCuyFyBtZ9AduiMMifKjGQy0V4K%2FGmYffOb1m7s5qSuo0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0830d0-FRA
expires: Thu, 24 Aug 2023 02:18:51 GMT

GET
H2 200 47BA1C1D7332w640h89.jpeg
store.dailydaily-up.com/picture/20230802/7B/ 16 KB
16 KB 23ms
21ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/7B/47BA1C1D7332w640h89.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 099ce1978d4230161806b44653ef5759990833e345290b738a8c8ffaa372df38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77748
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"86ce83adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lg9B1oG00rhbcnFMojNNgA8MG8Bx1y9LnZPPT7O6vnfeYlVkowvEqzorY9%2FdIr%2Bi1Sj%2FuOTM%2BfW1jTRgwlEkTh5uC30QAsdieNhF4bZfPz4OJVV%2BWe2HqltNKmZ6ZqV6NrOUcrDVxS2YMyC%2FYkwSumne%2BqK0rw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0930d0-FRA
expires: Fri, 25 Aug 2023 12:16:46 GMT

GET
H2 200 12FE7BCEE96Fw554h260.jpeg
store.dailydaily-up.com/picture/20230802/2F/ 34 KB
34 KB 25ms
23ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/2F/12FE7BCEE96Fw554h260.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 811fe124f8e6286d52df8f0085ea943162552ecd462162f8685f06a104fef0ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 200023
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"dbc3c3adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWSQUOl54Q%2B8UQWH5zROdlBLCP%2Fhq0RU0qoYDqYdiyw%2FdyXbRI6%2BgMzYkgpbw5l7Jd1X98LSQ6yWfPGBBaEdSRNswdaskstQBfAmC29Q7HgNWLSVpHMF0DeIIOfkmz6mM5cxMkcqMrva2D9bWyU%2B%2B1m0niq00A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0a30d0-FRA
expires: Thu, 24 Aug 2023 02:18:51 GMT

GET
H2 200 9C7E0217D598w600h793.jpeg
store.dailydaily-up.com/picture/20230802/C7/ 45 KB
46 KB 24ms
22ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/C7/9C7E0217D598w600h793.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: dd1b7672c39771921a3a71e1e7b7560e58853f65a93164def2fe40d88a0e2428

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"19e9f3adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FkjRRFNazx0zzPCrzfoVnMQktw6oqOY8FXEOXaS9yNIKhSlhOIlzDnc5ZJHcQlWSH8aH%2FCYLTqvgtFuxtK5EqsaySVXgoFaABbUN3i3FXS8hceLZQMwpIJ5Sa2QYCZ5IiMS9A%2FB%2FhJUyJUx8wzyKBMlud%2FX7Eg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0b30d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 2EE1E9FF5498w589h401.jpeg
store.dailydaily-up.com/picture/20230802/EE/ 44 KB
44 KB 24ms
22ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/EE/2EE1E9FF5498w589h401.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: ef68d7966f283bff353a821f8ec09477cf02fc499420d5d49915bdb1f4d028b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"86ce83adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E9txApe4BCHebGOhBl7P%2F8PYLsni1Fv9DUvvILhXkmizjD9ML5CBgjQylb0pSk1vVi4oxXD0FXaCn%2FG7VsfbqSzI06PJfs2cCbWiFmdrqYsDJNAMkkHvb60rhfDu6%2BWpacFOm0oeWMpMbeCyfvLlCrPq%2FS0N8w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0d30d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 3D219592652Fw640h687.jpeg
store.dailydaily-up.com/picture/20230802/D2/ 68 KB
68 KB 24ms
23ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/D2/3D219592652Fw640h687.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: cce3fd72fd0eef163bb64840913ef660d008bf7dc92c4ea70fee9fe931627d9a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 52346
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"f214173adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ukl%2BC%2FxUeO%2F%2FYvtbdkG6CcMC8Y9VuCJFMnAcioAF2DmaI8qqMEzXX0lYS7DEuZ%2BP8o3wcc7gykarMWW4mks5HxpxbRNt%2BqClCMEjDP4Eyuv%2BsRi94WDHBHl7BBjk8mq6a6qAwQaZForyoln36veLPJL%2FCjpYmg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0e30d0-FRA
expires: Fri, 25 Aug 2023 19:20:08 GMT

GET
H2 200 C4D468508E4Dw640h130.jpeg
store.dailydaily-up.com/picture/20230802/4D/ 19 KB
19 KB 23ms
22ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230802/4D/C4D468508E4Dw640h130.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 73c9693eebe5e91d665357626da38cbe8d34297fae4464b4061ecb261deddeed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 77747
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Wed, 02 Aug 2023 01:18:21 GMT
server: cloudflare
etag: W/"86ce83adfc4d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0HKWkhoZVn9FrBiRhd9%2Bxr5FKcXjp9W%2FGwKcPiX8ujPGvlVKFiizIQWwkc82F37nGEXGR7Z5lpfOGpJJX6rG7KDBAwc%2Fg2eLdmoUfUTU1brEWSUjUeKlXf4eyvI%2FwPtp2rz9GhPKF5c2Zhd7oWWxULsBsAgZCw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac0f30d0-FRA
expires: Fri, 25 Aug 2023 12:16:47 GMT

GET
H2 200 ysm_docilepuppy.js Show response
ad.sitemaji.com/ 41 KB
13 KB 34ms
7ms Script
application/javascript 35.186.215.140
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.215.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 140.215.186.35.bc.googleusercontent.com
Software: nginx/1.12.1 (Ubuntu) /
Resource Hash: 63b41a8345664bf6831b001714dc902cd6f41a4d4ee5ef151a539d3b790e670e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 22:56:36 GMT
content-encoding: br
via: 1.1 google
last-modified: Wed, 16 Aug 2023 03:01:30 GMT
server: nginx/1.12.1 (Ubuntu)
age: 39358
etag: W/"64dc3c0a-a24f"
vary: Accept-Encoding,Accept-Encoding
content-type: application/javascript
cache-control: max-age=86400,public
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12647
expires: Sat, 19 Aug 2023 22:56:36 GMT

GET
H2

200

ad Show response
popup.dailydaily-up.com/js/
Redirect Chain

https://www.dailydaily-up.com/xstat/pop/4902192/1
https://popup.dailydaily-up.com/js/ad?lang=zh&aid=4902192&host=www.dailydaily-up.com&type=1&count=0

5 KB
2 KB

399ms
387ms

Script
text/html

2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.dailydaily-up.com/js/ad?lang=zh&aid=4902192&host=www.dailydaily-up.com&type=1&count=0
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 694b6450626d638e5e2d71ce0807d8279b4578c2cff45f4ccf5a4a76f18a2528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o6UCgLWpUtZF2fn28Kc5wQNp8aXFnzcu%2BbOnJo80dP4QuGl20UCKNlpfOgE8uwoXGagRORBYgq7H%2FsKCERCCbnhj26yDY4s7v5YiTgF1IMTBmP%2BX9cSQKZPD%2FL1qVWujivXq29GN5NLco3toRL1uN9bNaR8KfA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7f918126bd7f30d0-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 19 Aug 2023 09:52:34 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cbxtRY8DDWzzJ4fMlkbc9z1shA3nPRcezFKRKndkCmNdclb2hyMVEeSBIPR0Xyk%2B0yoi3wY%2F9S7htYHxm5WWyWWxdqcsyTGUvzdbBboG21A5Ox0CBs1pXtCLjtCIvqosQu3eSWrO5iuoe6gya1daaK2dPxc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://popup.dailydaily-up.com/js/ad?lang=zh&aid=4902192&host=www.dailydaily-up.com&type=1&count=0
cache-control: private
cf-ray: 7f9181252f4f693a-FRA
alt-svc: h3=":443"; ma=86400

GET
H2 200 45BED3B953E3w800h417.jpeg
store.dailydaily-up.com/uploads/20230819/5B/ 33 KB
33 KB 23ms
22ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230819/5B/45BED3B953E3w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 587f39bb0de7373101a83306b044fa569d817b1bae971b35ae4df5a3de4e445b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2657
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 19 Aug 2023 08:03:16 GMT
server: cloudflare
etag: W/"6560e19b73d2d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EeUZiimS2Noujhnj0ryctnt7FNkn0DcTs1eJ1ulSfwhAVANcnOnmLdgysVEuTWtWOUuwk01E3ShaTLtrHWRHrtI%2BwcoavXCcgPdlSDi696TX%2F%2F3no%2BPHcXNCPhlMVMaJVgHcmY74IQ1vHaXEhXmfF2m7ScqWHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1030d0-FRA
expires: Sat, 26 Aug 2023 09:08:17 GMT

GET
H2 200 DB7EB4D50333w800h417.jpeg
store.dailydaily-up.com/uploads/20230223/B7/ 75 KB
76 KB 25ms
24ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230223/B7/DB7EB4D50333w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 7b06599a4c6a4e4cca154ea20824a4a14409ea9acf9d5d0230ccac1c7d866458

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5865
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 23 Feb 2023 08:17:08 GMT
server: cloudflare
etag: W/"67be385f47d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FIVBOoTV5hWJ4%2Fa%2FFPZwDv0Pj9K27Sz%2B6yl47e2tr5UnmIE1UJoNMjFeWmAoNA%2BG7QXy0nzG8eDLbJG6T2BL%2BnIjSfFaHIhYWsPx3Jn%2Fm0Zs%2FNwDSWGMB8duzClZWLuwnLtLn0o8Z%2FKIk7o7w1fZ1qrpLvFOOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1130d0-FRA
expires: Sat, 26 Aug 2023 08:14:49 GMT

GET
H2 200 816303B69F09w800h417.jpeg
store.dailydaily-up.com/uploads/20230819/16/ 38 KB
39 KB 23ms
21ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230819/16/816303B69F09w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 91e8a4fd7873722a78783321ba6e6e05d8f48454f9c3f3a0fbe71762efb57f43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5865
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 19 Aug 2023 07:23:29 GMT
server: cloudflare
etag: W/"483c3cd6ed2d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kbBYFhcGCs%2BTHbQpDXuQ4uXKHBR7HzusghNs%2BFj7w7FE5iyIhNs0V4MXdG3mEwKQgVbdpCGe3RTtDIPZPa%2FNDYjWR9jFqwX96R0zxI6TR%2BZw4fe1FmlmpreEabfey%2BVh0lh8wObccOOjvaOyGCRDIoN%2FDYuaQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1230d0-FRA
expires: Sat, 26 Aug 2023 08:14:49 GMT

GET
H2 200 AF026661CD79w800h417.jpeg
store.dailydaily-up.com/uploads/20230425/F0/ 22 KB
22 KB 29ms
28ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230425/F0/AF026661CD79w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: afae6747ae2ed5a8a6f6669fd9b99fcdcf405f2f18656c1a340a6c1498f1f760

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5865
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Apr 2023 05:35:45 GMT
server: cloudflare
etag: W/"595ac0c83777d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T7qe60E%2BkoOQKcqxXTLk%2FOBhfvrGLYXI4bXgtiEzo22Z5e%2FCA7Tnsj7tw%2BiZIEQmakNQ6iKQDijxG4mWNLWHl7TS0AG5fIdzVrn%2FpvFvyEmgaygF6YWjDYYND387dG%2BmtSWbJwl%2FL9PraTc4GV5xI%2F%2F1YQibbQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1330d0-FRA
expires: Sat, 26 Aug 2023 08:14:49 GMT

GET
H2 200 A75DAD23097Ew800h417.jpeg
store.dailydaily-up.com/uploads/20230424/75/ 38 KB
38 KB 29ms
27ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230424/75/A75DAD23097Ew800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 05bb160db5b7820f6839e4a9a679af000b0c4ff1cba19c352a9a22958a4a3aca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5865
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 24 Apr 2023 02:16:18 GMT
server: cloudflare
etag: W/"897f16c15276d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KhG7MVLBPEBvbBIIM75JkIaGnKvUszMDl6edFHroda66UprmAK8%2FVZxXu23kvQebKKk4Jgn8kefai4dFtJSzCNyZPFHcqJav%2Bmidf4NWSb6JOHYsR1hIrSWkzOUnzBuWdCz0tFh9k%2BNkbFmWY4NeafVB2ij6hQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1530d0-FRA
expires: Sat, 26 Aug 2023 08:14:49 GMT

GET
H2 200 13179F222413w800h417.jpeg
store.dailydaily-up.com/uploads/20230619/31/ 56 KB
56 KB 24ms
23ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230619/31/13179F222413w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 5045b62d20857679ee1a466ea800b26aa5e9a608768a8ce553b21233b268e947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 5865
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 19 Jun 2023 06:04:33 GMT
server: cloudflare
etag: W/"3eab46eb73a2d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BheQcfgKmmt2cCupqyuB0xStTe4nUpBWXxszh3PNfmgFibO8MeDwH60qWdbh4RgDPpmQictLIPsl923EGSNrE%2FXW1ABI%2F5gM%2BbUgMwm7FWXNA22YSBRBOL%2BpJMbORxjEvSXIytBJIGXFUJV0AK3mxRDOi9OPsg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1630d0-FRA
expires: Sat, 26 Aug 2023 08:14:49 GMT

GET
H2 200 6B3A31CD18E6w800h417.jpeg
store.dailydaily-up.com/picture/20230502/B3/ 59 KB
59 KB 28ms
27ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/picture/20230502/B3/6B3A31CD18E6w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: f590e3aa9bebdd34a9d53cf74102a719417add18a7038869a26ac4a250c98dc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78739
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 01 May 2023 16:25:56 GMT
server: cloudflare
etag: W/"b3a0819b497cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PvdIXnu7wbSxp2cE79l2S%2Fc13WWxMazpcJHUkilfR1%2Bmu4gbG3zYkzBnwdCyPrjOQssj8lTQ1sW6SNIVAy53UuQIW%2FDK4%2BC9czSQE0gBFS%2BGahENk1tmSmoIhN%2FSXaWFgKgnC%2BOptWT7CgEpjHijcS0aaj3MAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1830d0-FRA
expires: Fri, 25 Aug 2023 12:00:15 GMT

GET
H2 200 CBBACB6E7832w900h472.jpeg
store.dailydaily-up.com/uploads/20230818/BB/ 50 KB
51 KB 29ms
28ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230818/BB/CBBACB6E7832w900h472.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 076bd8e25840756e5b469c7de6cdeda3db1bda1f75a9674eb10ce7ecbd9bc063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 83612
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 05:47:16 GMT
server: cloudflare
etag: W/"8e6ef97197d1d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEdEfTpJIpmzNOJlyJJtjPS%2BorfSPwQ2D359FueLNIkrljoa5BBWOOrTVsraEHO5KgZtBrXwpfOK3rIND%2BoqdpR%2BB0hpAxEQq90HA0ZUiuoFI26SjJFiR3bO3Zq%2F73LJvqsSCjI56BPPkAd1OX737ls9P7uZsQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1930d0-FRA
expires: Fri, 25 Aug 2023 10:39:02 GMT

GET
H2 200 10D097ACB017w800h417.jpeg
store.dailydaily-up.com/uploads/20230818/0D/ 35 KB
35 KB 25ms
23ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230818/0D/10D097ACB017w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 8cb66130bb95c8bce9aa7f6323a1bf97137a4c34dd4752bd0292146af5942bfe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 78742
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 01:28:49 GMT
server: cloudflare
etag: W/"5ccf445773d1d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueeCzkfWhMztcAbcU%2Fiht7kciXGVYzoVet0VQyiCT8Wci3RS9VbgwRhefUKmHqpQbxbq%2BEHVIJeAeUVxyUgaoO7RxAx0obccu7QesxluPVZogQZ3xPJAZPRtaMGx448bwePEux4WXTNxwRlGOo%2FPrq%2F8L3aUEw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1a30d0-FRA
expires: Fri, 25 Aug 2023 12:00:12 GMT

GET
H2 200 ECCB080383F0w800h417.jpeg
store.dailydaily-up.com/uploads/20230818/CC/ 33 KB
34 KB 25ms
24ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/20230818/CC/ECCB080383F0w800h417.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 2572f519f65a33cc40e047bdb1bbca13a71aa664f7d59bc877ec6b0428837ed9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 111459
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 01:01:41 GMT
server: cloudflare
etag: W/"29cdc98c6fd1d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6CSBtobRcBRovoGPhmQlewGUM2A7ahu8j3vm%2BNlP6b6g1B4gZb4i3OZ9GutXIeMAbozpSfrAzBOAGZSX3%2F%2BvKYCAvRCe7uDTjGDT6l%2ByN99gDiQ4M%2BmTpapXgwTW2zJYPX8aU6hYoNR4DuKOMo%2BbvNyVeOHnw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f918125ac1b30d0-FRA
expires: Fri, 25 Aug 2023 02:54:55 GMT

GET
H2

200

/ Show response
count.dailydaily-up.com/
Redirect Chain

https://www.dailydaily-up.com/xstat/index/2575
https://count.dailydaily-up.com/?2575

7 KB
2 KB

409ms
390ms

Script
text/javascript

2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://count.dailydaily-up.com/?2575
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 96e63c15f34da25eba21f6f0c6c36eb5fea5e27a3bcf5ad5fa94562c49c015a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nXaCrf3H4tdmGuTfBU6O1PUDbntpuPz10LNbqio86SCaJ7FixGF33elXGvHtFWqNvvA6TWsSe5ZYUol6JmFfPT796XXVNvj8C4dzrZUYD%2B4Kp6LvVmIzICmElQfT%2FXfsRxKkGnd1E%2Fda5bqGiDw5%2BDB7ZkwKgw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
p3p: CP=CAO PSA OUR
cache-control: public
cf-ray: 7f9181285fb730d0-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Aug 2023 09:57:34 GMT

Redirect headers

date: Sat, 19 Aug 2023 09:52:34 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTAYqOY5un94uwYDnzHtG3kQ3g4GawqJG7JdqqlCPCrUXtSR%2F9Z%2FQcE8frsDyUAnmIY1y0KLE%2Ff5qgADTFM6AP9a%2F1Zw70oPtdFOpIRlsMt4z7tKeR%2FfXPqfHzcndvXvVg35nxqK6YPDwpymUfq3YPglXqA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://count.dailydaily-up.com?2575
cache-control: private
cf-ray: 7f9181254f76693a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 crypto-js.min.js Show response
cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/ 47 KB
14 KB 26ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/crypto-js/4.1.1/crypto-js.min.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4974856
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 13972
last-modified: Sat, 14 Aug 2021 20:33:09 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "61182885-3694"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9D7i%2Bg1HwpTUvbmovzyUtykCv7siA9kXot0HryUKm0y38LoaqVnva9CMxVUCXAkf4LV%2FjaxhCkoz49ZSYrSzlH%2BhKZo6hSuq0eOZRJ4sn8uZgzAXxYaDOslTwkracnqq%2F4RSltZrZlizp%2FxF%2B%2BYHJrtH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7f9181257de2368a-FRA
expires: Thu, 08 Aug 2024 09:52:34 GMT

GET
H2

200

stat Show response
twstat.dailydaily-up.com/
Redirect Chain

https://www.dailydaily-up.com/xstat/moneystat
https://twstat.dailydaily-up.com/stat

6 KB
3 KB

431ms
410ms

Script
text/html

2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://twstat.dailydaily-up.com/stat
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 92836f98daa00abaf02d3ea5c06f766c40da6dcb434ae1f18bad54d9675002f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0uPVLFaNk1Y3bzZO6d5%2B8X%2FHeGIvTgd5kjAmf54mrDfPEqipvSscE0sdFxp4ii7jjk9nGCR%2FfcaCBAGjcryelsTg%2Fa%2Fx0nj1vsvjnwrGWsrneL37TR6kkQ1ANoaekk0OQDDC2neqXfoDT3Ub0nli0vTteGHt2Zw%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: private
cf-ray: 7f9181270de830d0-FRA
alt-svc: h3=":443"; ma=86400

Redirect headers

date: Sat, 19 Aug 2023 09:52:34 GMT
x-aspnetmvc-version: 5.2
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-aspnet-version: 4.0.30319
server: cloudflare
x-powered-by: ASP.NET
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g2GM5C4TpiXGnlx5xHxw5y6ZRVjpzTnMZwkdsXWWd3C4nnBGYynpLW17U4KtBlQ67qBBatdJ7ce%2BUyfiDGs0ryi6iqHT5zk1PLNHuMeXpV7%2BNjZ1lwQtx9Qyj1Ujd8sp%2BotqQcTQ1UxNfmfvpWN4n5DVgbM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
location: https://twstat.dailydaily-up.com/stat
cache-control: private
cf-ray: 7f9181256fae693a-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 email-decode.min.js Show response
www.dailydaily-up.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 14ms
10ms Script
application/javascript 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dailydaily-up.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 17 Aug 2023 10:58:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"64ddfd41-4d7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcbWrK3aHjTQap4GF310UeP1nZspQgKG%2F3yzevRBlkYax9pIOGPY7r79jfD62Kgmd3OQi%2BTuSjIcVMh8up0GemcciGkBQkpwqipFfZjfW5XzKxAv6bhU1xDcco1cE3hpM4n4ZgKjsrDAlDQVwUC2C%2FzD6Z4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
x-frame-options: DENY
cache-control: max-age=172800, public
cf-ray: 7f9181256fb2693a-FRA
expires: Mon, 21 Aug 2023 09:52:34 GMT

GET
H3 200 top.png
www.dailydaily-up.com/Content/images/ 2 KB
2 KB 227ms
226ms Image
image/png 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dailydaily-up.com/Content/images/top.png?v=3
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: ASP.NET
alt-svc: h3=":443"; ma=86400
content-length: 1810
last-modified: Wed, 22 Mar 2023 12:07:23 GMT
server: cloudflare
etag: "55c19edcb65cd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BTmnGNuw60UKukXm%2B9LcLXs4X2HFWK1jTyxWPAlTqj4Oz9I%2Fa%2Bcbn65MgyXe95JYI3iTWBRDXGVa1IYbexChyJdqTFJ3gyNlmuwTAWYrMgTLWOpsLbqnXRVGTra6lpFMHnQgD4iNmWLyXnJscx6cqbKZ6gA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=28800
accept-ranges: bytes
cf-ray: 7f9181256fba693a-FRA
expires: Sat, 19 Aug 2023 17:52:34 GMT

GET
H2 200 / Show response
www.scupio.net/kanglei/ 3 KB
2 KB 530ms
505ms Script
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.scupio.net/kanglei/
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.3.9
Resource Hash: 5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.3.9
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7sGrp3gjvKHWlrBZfOCIufseeTlSfPrUDHs%2BUq5DiAKfmS2lEFO%2FTzE9eY2rFNxpMxVFEKHrO5GrRqLW%2FBQdIPTzgmlh052GcNkk38beQKmf1mg%2BmaDujLSex30tYUCer5tfonHhRLYM6PZfAg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cf-ray: 7f9181258bf118cf-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 globaldefault.js Show response
www.dailydaily-up.com/Content/js/ 2 KB
1 KB 433ms
429ms Script
application/javascript 2606:4700:3034::6815:af3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dailydaily-up.com/Content/js/globaldefault.js
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:af3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
cf-cache-status: REVALIDATED
last-modified: Thu, 06 Apr 2023 08:04:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: W/"5bab43665e68d91:0"
x-powered-by: ASP.NET
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FqLcu8emWxYEPDP1R5uWS7RwKqiKMq7C8vVyin1l9akHcGPhoE4r06aL31Rzs8CmpyCaAD9EueAnc6xDYk60x1TZDIYKgEgu%2F4Od5PLmCvRuyP2DQa9Ys3SDpqcci0cwHS9oVbbng%2B%2BKZWgnacl00gYgI9Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=28800
cf-ray: 7f9181256fb5693a-FRA
alt-svc: h3=":443"; ma=86400
expires: Sat, 19 Aug 2023 17:52:34 GMT

GET
H2 200 plugin.min.js Show response
static.dable.io/dist/ 105 KB
37 KB 63ms
9ms Script
application/javascript 23.197.142.41
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static.dable.io/dist/plugin.min.js
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.197.142.41 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-197-142-41.deploy.static.akamaitechnologies.com
Software: nginx/1.20.0 /
Resource Hash: 7c7a7d725a1e6833639a4f835aac2eb8248a8647219c27b58cd3b1d2dc88b0cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: gxcF7Gi6nhfK1wrw13kmoQIED3eO68Vf
content-encoding: gzip
date: Sat, 19 Aug 2023 09:52:34 GMT
last-modified: Wed, 16 Aug 2023 03:34:44 GMT
server: nginx/1.20.0
x-amz-request-id: NX2A95ZS8E16SF7A
etag: "ba8907880431360726921c061cc5fbfe"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=38032
accept-ranges: bytes
content-length: 37622
x-amz-id-2: E4gEWdXeG9rLmbG7QOdcVXGLmi8d2Hh25YGeO+83OnlHUttn4WWU8n12kM4YLJSeTsAaa4yzHvA=

GET
H2 200 lift_widget.js Show response
nt.compass-fit.jp/ 79 KB
17 KB 955ms
460ms Script
text/javascript 54.95.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.95.112.24 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-95-112-24.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 627198b7d91a39abfd32c4ccea0c34093b5031e48b77d092865b758f656b73c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
content-type: text/javascript
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate

GET
H2 200 prefs2 Show response
api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/ 839 B
1 KB 755ms
250ms Script
text/javascript 3.37.240.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.dable.io/plugin/services/sddmovie.com%2Fpal-mate/prefs2?uid=&tcfapiSet=0&gdpr=0&callback=dbljson1

Requested by

Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

3.37.240.225 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-37-240-225.ap-northeast-2.compute.amazonaws.com

Software

nginx /

Resource Hash

bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
etag: W/"347-8GoA0VRJvJkpQNrk5QcObAOdyHQ"
content-type: text/javascript; charset=utf-8

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/ 392 KB
132 KB 93ms
78ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8253401516764215&plah=www.dailydaily-up.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8253401516764215

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

93d3d447e9ecf43739a32818dfd8ff6bb02d5221aae0d82b24a5c9c0f796e7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134727
x-xss-protection: 0
server: cafe
etag: 1815300448169176134
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:34 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/ Frame FEF6 10 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8253401516764215

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17487
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4542
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 05:01:07 GMT
etag: 13776922816869014096
expires: Sat, 02 Sep 2023 05:01:07 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
608 B 38ms
15ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.dailydaily-up.com&callback=_gfp_s_&client=ca-pub-8253401516764215

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202308150101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8253401516764215&plah=www.dailydaily-up.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cfbba3e93a3e05503b015dce83557ac4b2fab7169912e0b984d84e05e8235802

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 256
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4768 0
179 B 183ms
182ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&adk=1812271804&adf=3025194257&lmt=1692431554&plaf=1%3A2&plat=1%3A128%2C2%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754262&bpp=2&bdt=179&idt=213&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7118580141811&frm=20&pv=2&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:34 GMT
expires: Sat, 19 Aug 2023 09:52:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FE9D 117 KB
40 KB 894ms
894ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

19574a085ff7e5b1cf7c134b7465e0e8e08219a90a50cc2d2197e90c55eeeaec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40301
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:35 GMT
expires: Sat, 19 Aug 2023 09:52:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CE73 118 KB
40 KB 570ms
569ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=3761488103&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754266&bpp=1&bdt=182&idt=253&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=2207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ob85ppz5BI&p=https%3A//www.dailydaily-up.com&dtd=255

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9881cc643232b5487a882670adbc23bd1bb7e7050175d5c8bbcce9ffbaad0c9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40693
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:35 GMT
expires: Sat, 19 Aug 2023 09:52:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 481F 106 KB
38 KB 933ms
932ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e40230d0fcdc8b17761057ef9a4ba8ddd82fae97e3777d68af0c23451ce9c35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 39272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:35 GMT
expires: Sat, 19 Aug 2023 09:52:35 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 0EB408472850w658h370.jpeg
store.dailydaily-up.com/uploads/2023-08-18/ 37 KB
37 KB 24ms
20ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/2023-08-18/0EB408472850w658h370.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 6fe52b8948eb3c4c7099dd4c310216f06ca646e5f8e0b7fd06dcb78a09e73f87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 50479
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 18 Aug 2023 07:45:52 GMT
server: cloudflare
etag: W/"319f993a8d1d91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kUBw3lo0udo6koU7iiyMkEgWRuFlMViwxIU%2B3h%2BJQN7hjejHEMlVwvzv1TLVPlDSCgbFG1vj%2F2RuQRZ7N2mfU1ju%2BjwHKnO3Jh9OVTIhGII29XluTjSwovi8WDBGxE0K%2FZTVyU%2FUx%2BYGGwmBT2XBHXC8epiZhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f91812948e230d0-FRA
expires: Fri, 25 Aug 2023 19:51:15 GMT

GET
H2 200 F16BF93EA5A4.Png
store.dailydaily-up.com/uploads/ 3 KB
3 KB 19ms
16ms Image
image/png 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/F16BF93EA5A4.Png
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 195e6636d3f6dce1239d1ee3a5b5d3833baa50b3248934f29a60618f5d9fb35a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358449
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 28 May 2019 05:10:52 GMT
server: cloudflare
etag: W/"6fcc75b81315d51:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E6xqEcSXCV0X1QFTGghPDrv8fsN0fh%2F0%2BZETWX9h5zcmuR1QgU4EkG39%2B62BdT10t4jnfG%2B%2BdZqnsHoGLMsf5gocM8YRYD1g14ys7VjnS%2B257uS0K2ksr8ymk0Md6uzYGcqF9T%2Bwsw76YSP%2FKxKBui%2B4mcbKwg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f91812948e330d0-FRA
expires: Tue, 22 Aug 2023 06:18:25 GMT

GET
H2 200 71ACED29EDFAw1200h628.png
store.dailydaily-up.com/uploads/2023-07-22/ 2 MB
2 MB 16ms
13ms Image
image/png 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/2023-07-22/71ACED29EDFAw1200h628.png
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 64902ec21be8580587f7940d93357cad631a498df0b36351477da22c8e6fcf61

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 42272
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Sat, 22 Jul 2023 03:19:24 GMT
server: cloudflare
etag: W/"25ed7e504bbcd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gk4bWmVOemIYxOlfRb8GDuByfhjXuH%2BgfrG98wD2y4VdiR9r9%2BWKg6stUeIhbyg%2Be%2FRKnLhbCoXdpNIXn8s51vfj9lGawXEJG63luI2i%2FiB2Ca%2FACksSH%2FfUEI2MCMjEQXZixyXP4T1geVngGzGTC%2F3rXpOQxw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f91812948e430d0-FRA
expires: Fri, 25 Aug 2023 22:08:02 GMT

GET
H2 200 AA730284F4E1w658h370.jpeg
store.dailydaily-up.com/uploads/2023-07-25/ 38 KB
39 KB 24ms
22ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/2023-07-25/AA730284F4E1w658h370.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 97091ddf0eb5f1ba3d693d51b4a9a5dd0a914997371150a2eae9eb88ebff51a7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 67339
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 06:28:19 GMT
server: cloudflare
etag: W/"6fc23534c1bed91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=17in%2F4N449%2BTZW9Tx2yfAsuZGFb6seSRzAVaAvHrEbOid8nkEMDKZ0EMduQvD7dqOI4EtVR8KK83YUDjIY4RWnuhXGIdNivmcg8ilsH%2B4s7JVJfE3H%2B27YPKpsNghza8cwS5fRzZ7TPkxrTBgzHoIAqJ9pJ3lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f91812948e530d0-FRA
expires: Fri, 25 Aug 2023 15:10:15 GMT

GET
H2 200 883297A0102Aw658h370.jpeg
store.dailydaily-up.com/uploads/2023-07-21/ 44 KB
44 KB 16ms
14ms Image
image/jpeg 2606:4700:3034::ac43:9313
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://store.dailydaily-up.com/uploads/2023-07-21/883297A0102Aw658h370.jpeg
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::ac43:9313 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / ASP.NET
Resource Hash: 1e3de06b5f7e5c4a3d028100f2f6e1fd8bd93ee42db004943e0c3aff93cb8ae9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:34 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 23347
x-powered-by: ASP.NET
x-cache: HIT
alt-svc: h3=":443"; ma=86400
last-modified: Fri, 21 Jul 2023 05:17:44 GMT
server: cloudflare
etag: W/"6e827ae92bbd91:0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B5w9Gy%2F92yBV2uk%2FlhTIYA2yWjmaLaJFmugZlW0bQ79MqlasMOzykaK8F4b8236mjO8lWod4%2BQsG748s%2BKpIgoFZg5vD4oPXI5t3NSLItUsuc52jirEZ3xSKcHldMBFxV97Es5ImM9CU1FInt7q8cGw5n1YIMA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=604800
cf-ray: 7f91812948e730d0-FRA
expires: Sat, 26 Aug 2023 03:23:27 GMT

GET
H2 200 00000000.0000000000000 Show response
api.dable.io/widgets/id/goP0dJoQ/users/ Frame F74E 416 B
444 B 287ms
287ms Document
text/html 3.37.240.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=08f32bd5-7042-4e79-a9ef-38a2c10ff466&id=dablewidget_goP0dJoQ&category1=%E6%98%8E%E6%98%9F%E7%94%9F%E6%B4%BB&author=0&item_id=4902192&item_pub_date=2023-08-08&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0
Requested by: Host: static.dable.io
URL: https://static.dable.io/dist/plugin.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 3.37.240.225 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-37-240-225.ap-northeast-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 5a7e33ca6b767ab56c0289efac373481cbb2ceab838f7e506ac00be6c601c10b

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sat, 19 Aug 2023 09:52:35 GMT
server: nginx

GET
H/1.1 200
OK /
count.xxxssk.com/s/ 338 B
565 B 869ms
246ms Image
image/jpeg 119.28.16.172
TENCENT-NET-AP-CN...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://count.xxxssk.com/s/?isentrance=true&guid=67ab3878-c63b-2d97-ccd7-b4de21363e3d&resolution=1600,1200&colordepth=24&location=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&referrer=&rd=0.03343485342434538&sid=2575&dpr=1&appCodeName=Mozilla&appName=Netscape&appVersion=5.0%20(Windows%20NT%2010.0;%20Win64;%20x64)%20AppleWebKit/537.36%20(KHTML,%20like%20Gecko)%20Chrome/116.0.5845.96%20Safari/537.36&maxTouchPoints=0&platform=Win32&product=Gecko&productSub=20030107&vendor=Google%20Inc.&deviceMemory=8
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 119.28.16.172 Hong Kong, Hong Kong, ASN132203 (TENCENT-NET-AP-CN Tencent Building, Kejizhongyi Avenue, CN),
Reverse DNS
Software: Microsoft-IIS/8.5 / ASP.NET
Resource Hash: e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sat, 19 Aug 2023 09:52:34 GMT
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Content-Type: image/jpeg
P3P: CP=CAO PSA OUR
Cache-Control: private
Content-Length: 338

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 178 KB
65 KB 41ms
19ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Requested by

Host: www.scupio.net
URL: https://www.scupio.net/kanglei/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80a61fdf6adf9c3e4a65f372d1f60872ab88aeadb54ed114da17a53ae2f4e962

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 66206
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 19 Aug 2023 09:52:35 GMT

GET
H2 200 init.js Show response
cdn.holmesmind.com/js/ 6 KB
6 KB 73ms
36ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/init.js
Requested by: Host: ad.sitemaji.com
URL: https://ad.sitemaji.com/ysm_docilepuppy.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: HQWMcGU6N9KrfwUZpeJoaEhU8hyygoVL
date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 18 Aug 2023 00:37:14 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 20
x-amz-server-side-encryption: AES256
etag: "765bc7e6ddd2b07161d6312a6db8df41"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6175
x-amz-cf-id: APaRd-ulUV1AGBl_f-LJdO_aQsdB6OeLsLz5pcEqIg9aBx4AYG-oVg==

GET
H2 200 css
fonts.googleapis.com/ Frame CE73 14 KB
2 KB 40ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=3761488103&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754266&bpp=1&bdt=182&idt=253&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=2207&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=Ob85ppz5BI&p=https%3A//www.dailydaily-up.com&dtd=255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 08:13:35 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 09:52:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame CE73 2 KB
973 B 32ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame CE73 23 KB
9 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:47:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame CE73 3 KB
1 KB 33ms
11ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame CE73 20 KB
8 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CE73 180 KB
57 KB 73ms
36ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:35 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame CE73 35 KB
15 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H2 200 14763004658117789537
tpc.googlesyndication.com/simgad/7953896690117188876/ Frame CE73 21 KB
21 KB 28ms
13ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7953896690117188876/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3675364ba9ea9ba32452452621c86f0ef235bb47d9035a1eff6312822efb1386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 13:28:31 GMT
x-content-type-options: nosniff
age: 505444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21021
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 17:41:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Aug 2024 13:28:31 GMT

GET
DATA 200
OK truncated
/ Frame CE73 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame CE73 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 208 KB
75 KB 25ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b78f3c0d944d3abf459bc3d507ad9ea00f6eca99f327d69678b3b2660574365c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76374
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 19 Aug 2023 09:52:35 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-87942765-23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 19 Aug 2023 09:44:23 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 492
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 19 Aug 2023 11:44:23 GMT

GET
H2 200 im-uid-hook.js Show response
dmp.im-apps.net/scripts/ 633 B
568 B 38ms
8ms Script
text/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: text/javascript
date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
cache-control: private, no-store
content-length: 445
vary: Accept-Encoding
p3p: CP="NOI PSD OTR"

GET
H/1.1 200
OK lift.json Show response
l.logly.co.jp/ 0
603 B 264ms
238ms Script
text/plain 18.173.187.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://l.logly.co.jp/lift.json?adspot_id=4300666&widget_id=54803&auc_id=&callback=_lgy_lift_callback_4300666&render_id=MTY5MjQzODc1NF8xXzQ2YTYzNjg0MmE1Ng%3D%3D&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ref=
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.187.54 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-187-54.muc50.r.cloudfront.net
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Aug 2023 09:52:35 GMT
Via: 1.1 67b46acac5b2604c39c0417497d3d218.cloudfront.net (CloudFront)
Server: nginx
X-Amz-Cf-Pop: MUC50-P4
Transfer-Encoding: chunked
X-Cache: Miss from cloudfront
P3P: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"
Access-Control-Allow-Origin: *
Cache-Control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept
X-Amz-Cf-Id: 8nwkcxSISLktnQ9lbhyYVAQ74gOfh7EoITj7Rlr3m0vUwDiApyr_hg==

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame D0F0 9 KB
9 KB 19ms
19ms Document
text/html 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46
content-length: 8743
content-type: text/html
date: Sat, 19 Aug 2023 09:52:35 GMT
etag: "13b071589ab65dddb11f1622d53b9385"
last-modified: Thu, 27 Jul 2023 03:11:36 GMT
server: AmazonS3
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
x-amz-cf-id: F0muM5NVq-BUk7xd3QjrbgNssBVD742rvt92WZKaNR-ek_oMC9Y0mQ==
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: vx257VoAWJaQJ9t62NgrKIzFJbLG_bgN
x-cache: Hit from cloudfront

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame F628 8 KB
8 KB 44ms
43ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 02:43:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 35
x-amz-server-side-encryption: AES256
etag: "6cb998b36618c683768049fa1b914a4e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8036
x-amz-cf-id: HsdL0Dk1-l4OgbyaLb4wcgvBo7MBKB_p3CJFQ5TZk1SPq9LD-5yAUw==

GET
H2 200 presetfn.js Show response
cdn.holmesmind.com/js/ Frame 02A0 8 KB
8 KB 40ms
39ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: BrBzVPgl9QuaFlQ2fdbO_4X6SOkoctOm
date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Tue, 15 Aug 2023 02:43:06 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 35
x-amz-server-side-encryption: AES256
etag: "6cb998b36618c683768049fa1b914a4e"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8036
x-amz-cf-id: N8-Hs8NuJQ8Tk9GjxThJ2-hli-TFO5u6Zd1pWEXrBPLJ-1tgOO3wbA==

GET
H2 200 capmapping.htm Show response
cdn.holmesmind.com/js/ Frame 72B1 9 KB
9 KB 7ms
6ms Document
text/html 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/capmapping.htm
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/init.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 46
content-length: 8743
content-type: text/html
date: Sat, 19 Aug 2023 09:52:35 GMT
etag: "13b071589ab65dddb11f1622d53b9385"
last-modified: Thu, 27 Jul 2023 03:11:36 GMT
server: AmazonS3
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
x-amz-cf-id: Jkzdw5YjszUfjIaAWdaXNsp1F4yfKs_BuiXYFpyZg0kNZOLOImU9SQ==
x-amz-cf-pop: MUC50-P2
x-amz-server-side-encryption: AES256
x-amz-version-id: vx257VoAWJaQJ9t62NgrKIzFJbLG_bgN
x-cache: Hit from cloudfront

GET
H2 200 im-uid.js Show response
dmp.im-apps.net/sdk/ 6 KB
3 KB 8ms
7ms Script
application/javascript 2a02:26f0:3500:c::5c7b:680f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://dmp.im-apps.net/sdk/im-uid.js
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/scripts/im-uid-hook.js?cid=6858
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:c::5c7b:680f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: Ewv0cV5pGNUFzf4cpCFpusOmzbO5pqOY
content-encoding: gzip
date: Sat, 19 Aug 2023 09:52:35 GMT
last-modified: Fri, 21 Apr 2023 06:05:08 GMT
etag: "14ccaf76e8933bdcf899015e943cd2df"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/javascript
p3p: CP="NOI PSD OTR"
cache-control: max-age=10800
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 2434

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=823763572&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ul=en-us&de=UTF-8&dt=%E6%8B%92%E7%B5%95%E8%B1%AA%E9%96%80%E5%A9%9A%E7%B4%84%EF%BC%8148%E6%AD%B2%E6%9C%AC%E5%9C%9F%E5%A5%B3%E6%98%9F%E3%80%8C%E5%A0%85%E6%B1%BA%E5%A5%89%E5%AD%90%E6%88%90%E5%A9%9A%E3%80%8D%E4%B8%8B%E5%AB%81%E7%9C%9F%E6%84%9B%E3%80%80%E5%A9%9A%E5%BE%8C%E3%80%8C%E5%81%BD%E5%96%AE%E8%A6%AA7%E5%B9%B4%E3%80%8D%E5%A6%82%E4%BB%8A%E7%82%BA%E9%A4%8A%E5%AE%B6%E5%BE%A9%E5%87%BA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=446717427&gjid=891189833&cid=1650045600.1692438755&tid=UA-87942765-23&_gid=91696532.1692438755&_r=1&gtm=457e38g0&jsscut=1&z=68175426

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:35 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dailydaily-up.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
259 B 37ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VCEDQQD6JV&gtm=45je38g0&_p=823763572&cid=1650045600.1692438755&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1692438755&sct=1&seg=0&dl=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&dt=%E6%8B%92%E7%B5%95%E8%B1%AA%E9%96%80%E5%A9%9A%E7%B4%84%EF%BC%8148%E6%AD%B2%E6%9C%AC%E5%9C%9F%E5%A5%B3%E6%98%9F%E3%80%8C%E5%A0%85%E6%B1%BA%E5%A5%89%E5%AD%90%E6%88%90%E5%A9%9A%E3%80%8D%E4%B8%8B%E5%AB%81%E7%9C%9F%E6%84%9B%E3%80%80%E5%A9%9A%E5%BE%8C%E3%80%8C%E5%81%BD%E5%96%AE%E8%A6%AA7%E5%B9%B4%E3%80%8D%E5%A6%82%E4%BB%8A%E7%82%BA%E9%A4%8A%E5%AE%B6%E5%BE%A9%E5%87%BA&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VCEDQQD6JV&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dailydaily-up.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
cm.lndata.com/ Frame D0F0 35 B
470 B 1079ms
214ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 19 Aug 2023 09:52:36 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 6DB9 0
217 B 747ms
263ms Document
text/html 52.197.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 09:52:35 GMT
server: nginx/1.18.0 (Ubuntu)

GET cm.php
fcm.holmesmind.com/ Frame E807 0
0

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame D0F0 409 B
631 B 719ms
232ms Script
application/javascript 54.178.179.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.178.179.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-179-241.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 19 Aug 2023 09:52:35 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame D0F0 5 KB
3 KB 783ms
238ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 19 Aug 2023 10:02:35 GMT

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame D0F0 0
217 B 726ms
242ms Image
text/html 52.197.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame D0F0
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
509 B

122ms
121ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

location: https://c.holmesmind.com/cm?tc=getIn&
date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK /
cm.lndata.com/ Frame 72B1 35 B
470 B 1162ms
249ms Image
image/gif 116.50.36.71
DONGFONG-TW DongF...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.lndata.com/?tid=4084&uid=media_cookie_id
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 116.50.36.71 , Taiwan, ASN18046 (DONGFONG-TW DongFong Technology Co. Ltd., TW),
Reverse DNS
Software: TornadoServer/1.2.1 /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/gif
Date: Sat, 19 Aug 2023 09:52:36 GMT
Server: TornadoServer/1.2.1
Connection: keep-alive
Etag: "0f4e929dd5bb2564f7ab9c76338e04e292a42ace"
Content-Length: 35
P3P: CP=CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR

GET
H2 200 fp
cm-dev-poc.holmesmind.com/ Frame 72B1 0
218 B 705ms
228ms Image
text/html 52.197.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
content-type: text/html; charset=UTF-8

GET
H2

200

cm
c.holmesmind.com/ Frame 72B1
Redirect Chain

https://c.holmesmind.com/cm
https://c.holmesmind.com/cm?tc=getIn&

0
508 B

121ms
121ms

Image
text/html

35.201.76.93
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.holmesmind.com/cm?tc=getIn&
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Server: 35.201.76.93 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 93.76.201.35.bc.googleusercontent.com
Software: nginx/1.10.3 (Ubuntu) / PHP/7.0.18-0ubuntu0.17.04.1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

Redirect headers

date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 google
server: nginx/1.10.3 (Ubuntu)
x-powered-by: PHP/7.0.18-0ubuntu0.17.04.1
content-type: text/html; charset=UTF-8
location: https://c.holmesmind.com/cm?tc=getIn&
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 fp Show response
cm-dev-poc.holmesmind.com/ Frame 2432 0
217 B 712ms
237ms Document
text/html 52.197.179.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cm-dev-poc.holmesmind.com/fp
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.197.179.68 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-197-179-68.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 09:52:35 GMT
server: nginx/1.18.0 (Ubuntu)

GET
H2 200 cm.php Show response
fcm.holmesmind.com/ Frame E2DA 39 B
191 B 124ms
109ms Document
text/html 34.95.67.231
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm.holmesmind.com/cm.php
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.67.231 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 231.67.95.34.bc.googleusercontent.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795

Request headers

Referer: https://cdn.holmesmind.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 09:52:35 GMT
server: Apache/2.4.29 (Ubuntu)
via: 1.1 google

GET
H2 200 cm.js Show response
fcm2.holmesmind.com/ Frame 72B1 409 B
632 B 709ms
232ms Script
application/javascript 54.178.179.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fcm2.holmesmind.com/cm.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/capmapping.htm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 54.178.179.241 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-178-179-241.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 19 Aug 2023 09:52:35 GMT
server: nginx/1.18.0 (Ubuntu)
content-type: application/javascript; charset=utf-8

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.3/ Frame F74E 94 KB
33 KB 43ms
7ms Script
text/javascript 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js

Requested by

Host: api.dable.io
URL: https://api.dable.io/widgets/id/goP0dJoQ/users/00000000.0000000000000?from=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ref=&cid=00000000.0000000000000&uid=00000000.0000000000000&site=sddmovie.com%2Fpal-mate&gdpr=1&service_id=10086&service_type=news&country=TW&client_id=2011&randomStr=08f32bd5-7042-4e79-a9ef-38a2c10ff466&id=dablewidget_goP0dJoQ&category1=%E6%98%8E%E6%98%9F%E7%94%9F%E6%B4%BB&author=0&item_id=4902192&item_pub_date=2023-08-08&pixel_ratio=1&client_width=890&network=non-wifi&lang=en&is_top_win=1&top_win_accessible=1&is_lazyload=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://api.dable.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 22:16:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33507
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 22:16:45 GMT

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame F628 2 KB
701 B 716ms
235ms Script
text/html 13.230.233.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14456
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.233.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-233-218.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e9122e2dbf1fbe809c32141c6beb40d0075cd6fb40aebeb4ec0be227875bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 Preset.js Show response
adcdn.holmesmind.com/adserver/ Frame 02A0 2 KB
702 B 712ms
232ms Script
text/html 13.230.233.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://adcdn.holmesmind.com/adserver/Preset.js?z=14456
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.233.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-233-218.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e9122e2dbf1fbe809c32141c6beb40d0075cd6fb40aebeb4ec0be227875bc7d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
DATA 200
OK truncated
/ Frame CE73 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 49162c0e234cfb9aa412e99fe5f3ad4e8b703518f0e3f4ed39ad6d8ed19bc239

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 get Show response
audiencedata.im-apps.net/imuid/ 10 B
188 B 271ms
247ms XHR
application/json 2600:1901:0:e207::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://audiencedata.im-apps.net/imuid/get?cid=6858&vid=01H86KBY2QTTM4BMQW4DTX8YNP
Requested by: Host: dmp.im-apps.net
URL: https://dmp.im-apps.net/sdk/im-uid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:e207:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:35 GMT
via: 1.1 google
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10
content-type: application/json

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame CE73 33 KB
34 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 17314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame CE73
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CPkX74pDgZP6PIYvmtgf7t7O4DNzQ9tBx3_7jjdsRv-EeEAEgxd7ijwFglYKAgLQHoAHKkOKiKMgBCakCPZodL7Y9sj6oAwHIA8sEqgSGAk_QTq5bIz1LJyxhU6Xk4DMeZYH-IlmD-W7DfYS...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227656529079575067244%22,%22debug_reporting%22:true,%22destination%22:%22https://jungheinrich.com%22,%22event_report_window%...

0
0

58ms
41ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%227656529079575067244%22,%22debug_reporting%22:true,%22destination%22:%22https://jungheinrich.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210810329162%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%229104820987602532065%22}&andc=true

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"7656529079575067244","debug_reporting":true,"destination":"https://jungheinrich.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10810329162"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"9104820987602532065"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 09:52:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 09:52:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"7656529079575067244","debug_reporting":true,"destination":"https://jungheinrich.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10810329162"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"9104820987602532065"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 css
fonts.googleapis.com/ Frame FE9D 14 KB
1 KB 18ms
16ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 19 Aug 2023 08:14:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Aug 2023 09:52:35 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame FE9D 2 KB
926 B 9ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73450
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 865
x-xss-protection: 0
server: cafe
etag: 5051423035144352294
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:25 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame FE9D 23 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:47:22 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame FE9D 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame FE9D 20 KB
8 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:31 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FE9D 180 KB
56 KB 78ms
76ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:35 GMT

GET
H2 200 e822d7071992e030a786d1a51b1f59a7.js Show response
www.gstatic.com/mysidia/ Frame FE9D 35 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/e822d7071992e030a786d1a51b1f59a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Wed, 16 Aug 2023 00:17:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293717
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14926
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 00:01:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 14 Nov 2023 00:17:18 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A5A9 37 KB
14 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/7953896690117188876/ Frame FE9D 21 KB
21 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7953896690117188876/14763004658117789537?w=400&h=209

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3675364ba9ea9ba32452452621c86f0ef235bb47d9035a1eff6312822efb1386

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sun, 13 Aug 2023 13:28:31 GMT
x-content-type-options: nosniff
age: 505444
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21021
x-xss-protection: 0
last-modified: Fri, 24 Feb 2023 17:41:30 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 12 Aug 2024 13:28:31 GMT

GET
DATA 200
OK truncated
/ Frame FE9D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FE9D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame FE9D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5ae35307130aa78d63a9fe2cb12a20a2248e844aa51f4266deb650cb908e97e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4691061690816554023
tpc.googlesyndication.com/simgad/ Frame 481F 150 KB
150 KB 12ms
11ms Image
image/gif 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4691061690816554023

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef7192bf2c6dbef1bb27d2673a22610dfdbf6b9322e4b9aa45009c207d7b7699

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 05:02:41 GMT
x-content-type-options: nosniff
age: 362994
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 153581
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 13:48:02 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 14 Aug 2024 05:02:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 481F 23 KB
9 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:47:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9092
x-xss-protection: 0
server: cafe
etag: 9312205082594545078
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:47:22 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 481F 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50393
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 481F 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73444
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 481F 180 KB
56 KB 33ms
32ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:35 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 481F 35 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 15:02:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 67780
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14294
x-xss-protection: 0
server: cafe
etag: 17218437938740726354
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 15:02:55 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
41ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 09:52:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA35 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:23:43 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 481F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9fdcd812e3e8f8e4b7f7f53a8d5b223fd715fc1b72c5e1006b0ae8b746b0de4c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame FE9D 33 KB
33 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:04:01 GMT
x-content-type-options: nosniff
age: 17314
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 18 Aug 2024 05:04:01 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame FE9D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C9nZY4pDgZKL7IIyrtwfTnKKQCNzQ9tBx3_7jjdsRv-EeEAEgxd7ijwFglYKAgLQHoAHKkOKiKMgBCakCPZodL7Y9sj6oAwHIA8sEqgSGAk_Qlccmbopw5vu7i2w2Tdvk3bx4_Y7KGQRMsxV...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211563125548916063045%22,%22debug_reporting%22:true,%22destination%22:%22https://jungheinrich.com%22,%22event_report_window...

0
0

41ms
40ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2211563125548916063045%22,%22debug_reporting%22:true,%22destination%22:%22https://jungheinrich.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210810329162%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211294844706582924513%22}&andc=true

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"11563125548916063045","debug_reporting":true,"destination":"https://jungheinrich.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10810329162"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"11294844706582924513"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 09:52:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 09:52:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"11563125548916063045","debug_reporting":true,"destination":"https://jungheinrich.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10810329162"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"11294844706582924513"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame DA35
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

16ms
15ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:35 GMT
expires: Sat, 19 Aug 2023 09:52:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:35 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame A341 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=3715432496&adf=2469204067&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754264&bpp=2&bdt=180&idt=247&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=375&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2kipkrJotk&p=https%3A//www.dailydaily-up.com&dtd=252

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 481F
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CtoyN4pDgZJjUIdnVtwfgsI6gCIjNtLZypcul9MwRv-EeEAEgxd7ijwFglYKAgLQHoAGg8KCXKcgBA6gDAcgDyQSqBIYCT9Du6f5SgWWYWjHIxYgTTI3bOAsePkWDmyP2gSAiAoAgTq_4koC...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222411797964144667003%22,%22debug_reporting%22:true,%22destination%22:%22https://myka.com%22,%22event_report_window%22:%2225...

0
0

41ms
41ms

Fetch
text/css

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%222411797964144667003%22,%22debug_reporting%22:true,%22destination%22:%22https://myka.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2211054626848%22],%224%22:[%2208-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%22160540875748747649%22}&andc=true

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:35 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"2411797964144667003","debug_reporting":true,"destination":"https://myka.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11054626848"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"160540875748747649"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 09:52:35 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 09:52:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"2411797964144667003","debug_reporting":true,"destination":"https://myka.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["11054626848"],"4":["08-19"],"6":["true"]},"priority":"500","source_event_id":"160540875748747649"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
41ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 09:52:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 42ms
42ms Preflight
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 19 Aug 2023 09:52:35 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sync.html Show response
sync.logly.co.jp/sync/ Frame CB1C 495 B
664 B 695ms
229ms Document
text/html 18.178.157.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.html
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.178.157.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-178-157-43.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=2592000
content-length: 495
content-type: text/html
date: Sat, 19 Aug 2023 09:52:36 GMT
etag: "64dfa058-1ef"
last-modified: Fri, 18 Aug 2023 16:46:16 GMT
server: nginx

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 62E1
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=logly&endpoint=apac
https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac

281 B
554 B

40ms
10ms

Document
text/html

23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Requested by: Host: nt.compass-fit.jp
URL: https://nt.compass-fit.jp/lift_widget.js?adspot_id=4300666
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Sat, 19 Aug 2023 09:52:35 GMT
ETag: "40010-119-5ec73a0a33d00"
Last-Modified: Wed, 02 Nov 2022 02:30:44 GMT
Server: Apache/2.2.15 (CentOS)
Vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Sat, 19 Aug 2023 09:52:35 GMT
location: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
server: AkamaiGHost

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B37 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8253401516764215&output=html&h=280&slotname=2864275442&adk=2022196744&adf=1168102672&pi=t.ma~as.2864275442&w=850&fwrn=4&fwrnh=100&lmt=1692431554&rafmt=1&format=850x280&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1692438754267&bpp=1&bdt=183&idt=257&shv=r20230816&mjsv=m202308150101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C850x280%2C850x280&nras=1&correlator=7118580141811&frm=20&pv=1&ga_vid=1650045600.1692438755&ga_sid=1692438755&ga_hid=823763572&ga_fc=0&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=375&ady=3914&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759842%2C44759875%2C44759926%2C31077085%2C31077148%2C31076995%2C44796632%2C44799571&oid=2&pvsid=2906945123823268&tmod=897390773&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=BQh3lyEaDS&p=https%3A//www.dailydaily-up.com&dtd=259

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12105
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 62E1 34 KB
10 KB 7ms
7ms Script
text/html 23.35.229.251
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.229.251 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-251.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 30fa33af4612abc3b244120992e191a8a471d3b20611a6bea1cc773843c7fc1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Date: Sat, 19 Aug 2023 09:52:35 GMT
Content-Encoding: gzip
Last-Modified: Fri, 18 Aug 2023 18:04:15 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
Content-Type: text/html; charset=UTF-8
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=29541
Connection: keep-alive
Content-Length: 10116
Expires: Sat, 19 Aug 2023 18:04:56 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 62E1 284 B
536 B 52ms
10ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=logly&endpoint=apac
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/jpg
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 284
X-RPHost: 3bafef7aa4e37890defcd73f0a080481
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 72B1 173 KB
47 KB 23ms
7ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 19 Aug 2023 09:52:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: BmrWWRrLBrpofIS6P4NpWTPsbAGrijpDUYjSOqSWd9vHcTkuekcUcMXm8r3fEeDnj3MT1R7t1plgnU/bZF2kiQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame D0F0 173 KB
46 KB 33ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: fcm2.holmesmind.com
URL: https://fcm2.holmesmind.com/cm.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Sat, 19 Aug 2023 09:52:36 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 47412
x-xss-protection: 0
pragma: public
x-fb-debug: BmrWWRrLBrpofIS6P4NpWTPsbAGrijpDUYjSOqSWd9vHcTkuekcUcMXm8r3fEeDnj3MT1R7t1plgnU/bZF2kiQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame 02A0 2 KB
1 KB 303ms
293ms Script
text/html 13.230.233.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14456&rf=&n=814&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7864-5K5uALkU3KfkgJgEtHNyIV3zfaEXlbAK&fp_uuid=7864-88412bc972ad8e2801929482845a4d2215f1171d8f99235292b8cb70ed2c195b&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.233.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-233-218.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: b4f6ff7812ac79cfc45ad93f38ea5d5182bc313c529466dbc51bdf300689cb7b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame 02A0 3 KB
3 KB 25ms
24ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: 0fG0jBlN_fjL2b_cGVorqgKefgxutKTo
date: Sat, 19 Aug 2023 09:52:18 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:28:14 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 19
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: qLdb8xuAtAKYjcvO3KLsFXxutepgq5ZJItTP9ItWnDPgA0u4xmFO6A==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame 02A0 128 KB
41 KB 68ms
32ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:52:36 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame 02A0 3 KB
4 KB 25ms
24ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Sat, 19 Aug 2023 09:52:36 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: o_B_erwD9O7zsfbaRDNLr5kcZDVtciWx0u2oyi4F1oRkv-xMJa4c8Q==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame 02A0 4 KB
5 KB 25ms
24ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: QDDkZ0Y9wB3QqsNSDoyIsF7zIuG1Itaj
date: Sat, 19 Aug 2023 09:52:18 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:28:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 19
x-amz-server-side-encryption: AES256
etag: "990b529c50a92c18cd5337f5f2a1d611"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4532
x-amz-cf-id: E_RTGl9H2hTkxOUIYkYFfmktOZ7_UCluIrcJd3RnRcdnriw_65qB1A==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame 02A0 6 KB
7 KB 26ms
25ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: u3L28Xt1KqU76H00EInRZdWnsemjGRZo
date: Sat, 19 Aug 2023 09:52:12 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:28:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: xgwU4SZh-Eyh4ydkCXqIjyxYHqtc3PrfV3Zl2Qsjn3dnYFbeslV-7w==

GET
H2 200 ads.js Show response
ad.holmesmind.com/adserver/ Frame F628 2 KB
1 KB 345ms
337ms Script
text/html 13.230.233.218
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.holmesmind.com/adserver/ads.js?z=14456&rf=&n=926&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7864-5K5uALkU3KfkgJgEtHNyIV3zfaEXlbAK&fp_uuid=7864-88412bc972ad8e2801929482845a4d2215f1171d8f99235292b8cb70ed2c195b&initver=230627P
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.230.233.218 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-230-233-218.ap-northeast-1.compute.amazonaws.com
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: d33d3e50faf1a2ae9178f115a8633deffe5577894ab3a303fb42bbf10f7073fe

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
content-encoding: gzip
access-control-allow-credentials: true
server: nginx/1.14.0 (Ubuntu)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 rtbhouseV2.js Show response
cdn.holmesmind.com/js/ Frame F628 3 KB
3 KB 23ms
22ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: 0fG0jBlN_fjL2b_cGVorqgKefgxutKTo
date: Sat, 19 Aug 2023 09:52:18 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:28:14 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 19
x-amz-server-side-encryption: AES256
etag: "6a605eea47197fa280f27aaf1fa1521d"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 2773
x-amz-cf-id: aTPPjze8tvAJqxkgdnmz1Q7GfRsdHUtu6qxTg2jw0q0_MtBa7ktV9g==

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ Frame F628 128 KB
41 KB 86ms
52ms Script
text/javascript 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 03 Aug 2023 11:12:29 GMT
server: nginx
etag: W/"64cb8b9d-1fe04"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 20 Aug 2023 09:52:36 GMT

GET
H2 200 criteoV2.js Show response
cdn.holmesmind.com/js/ Frame F628 3 KB
4 KB 24ms
24ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/criteoV2.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: ScZOn53LDZH9EqQBQtTybn_n.yFFnixh
date: Sat, 19 Aug 2023 09:52:36 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Thu, 27 Jul 2023 02:29:01 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "13519f9e63c9828d93a698c47992e115"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 3197
x-amz-cf-id: aRcN1zh5mBd2Trba6NGYgbzxkcd-OZPbMmX3-81nHaMi4em9sRhXIQ==

GET
H2 200 bridgewellV3.js Show response
cdn.holmesmind.com/js/ Frame F628 4 KB
5 KB 24ms
23ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: QDDkZ0Y9wB3QqsNSDoyIsF7zIuG1Itaj
date: Sat, 19 Aug 2023 09:52:18 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:28:24 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 19
x-amz-server-side-encryption: AES256
etag: "990b529c50a92c18cd5337f5f2a1d611"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 4532
x-amz-cf-id: eGIsUAXl7jI66Lp-wCbOgt-IzIesxsdbjtnApn_erLrYh1yBkdOC0A==

GET
H2 200 appier_mainV3.js Show response
cdn.holmesmind.com/js/ Frame F628 6 KB
7 KB 24ms
24ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/appier_mainV3.js
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: u3L28Xt1KqU76H00EInRZdWnsemjGRZo
date: Sat, 19 Aug 2023 09:52:12 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:28:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 25
x-amz-server-side-encryption: AES256
etag: "d653bf20e2f03cb602105cbd317c55ed"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 6650
x-amz-cf-id: hu9z844EEAz6OtWfMJWNnSAIcraUEarYVpAPjo7tstm-l3yB-tmDOQ==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame D0F0 37 B
409 B 241ms
241ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

2fb9fc988225b098817eee893f5073f56d7cc1252651aea3fa14f321ea53b70b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame F628 0
183 B 513ms
173ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H2 204 bids Show response
prebid-asia.creativecdn.com/bidder/prebid/ Frame 02A0 0
184 B 509ms
169ms XHR
text/plain 103.132.192.30
RTBHOUSE-AS-AP RT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-asia.creativecdn.com/bidder/prebid/bids
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/rtbhouseV2.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 103.132.192.30 , Singapore, ASN138552 (RTBHOUSE-AS-AP RTB HOUSE PTE. LTD., SG),
Reverse DNS: ip-103-132-192-30.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
access-control-allow-credentials: true
vary: Origin
access-control-max-age: 3600
access-control-allow-methods: POST

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame F628 0
181 B 732ms
240ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.8982037690307361
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dailydaily-up.com
Date: Sat, 19 Aug 2023 09:52:36 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame F628 0
181 B 732ms
240ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.7716179594036756
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dailydaily-up.com
Date: Sat, 19 Aug 2023 09:52:36 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F628
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Psz8BJfpBhCQrNZv5ZDgZA

2 B
169 B

277ms
276ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Psz8BJfpBhCQrNZv5ZDgZA
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 19 Aug 2023 09:52:37 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Psz8BJfpBhCQrNZv5ZDgZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame F628
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=vlxnmSo9DuKMMga65ZDgZA

2 B
139 B

280ms
280ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=vlxnmSo9DuKMMga65ZDgZA
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 19 Aug 2023 09:52:37 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=vlxnmSo9DuKMMga65ZDgZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 02A0 0
181 B 737ms
244ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.21274046930669432
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dailydaily-up.com
Date: Sat, 19 Aug 2023 09:52:36 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H/1.1 204
No Content prebid.aspx Show response
prebid.scupio.com/recweb/ Frame 02A0 0
181 B 742ms
242ms XHR
text/plain 210.59.219.34
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.scupio.com/recweb/prebid.aspx?cb=0.5217066382188655
Requested by: Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/bridgewellV3.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 210.59.219.34 Taichung, Taiwan, ASN3462 (HINET Data Communication Business Group, TW),
Reverse DNS: 210-59-219-34.hinet-ip.hinet.net
Software: Kestrel /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.dailydaily-up.com
Date: Sat, 19 Aug 2023 09:52:36 GMT
Access-Control-Allow-Credentials: true
Server: Kestrel

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 02A0
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=Mp1oM5yiDJWUp_pp5ZDgZA

2 B
139 B

277ms
276ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=Mp1oM5yiDJWUp_pp5ZDgZA
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 19 Aug 2023 09:52:37 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=Mp1oM5yiDJWUp_pp5ZDgZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2

200

bid Show response
ad2.apx.appier.net/v1/prebid/ Frame 02A0
Redirect Chain

https://ad2.apx.appier.net/v1/prebid/bid
https://gocm.c.appier.net/apnet?url=ad2.apx.appier.net%2Fv1%2Fprebid%2Fbid
https://ad2.apx.appier.net/v1/prebid/bid?acid=BiEsbaYoDK2n04P95ZDgZA

2 B
139 B

276ms
276ms

XHR
application/json

35.190.36.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ad2.apx.appier.net/v1/prebid/bid?acid=BiEsbaYoDK2n04P95ZDgZA
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 35.190.36.98 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 98.36.190.35.bc.googleusercontent.com
Software: /
Resource Hash: 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-store
access-control-allow-credentials: true
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

Redirect headers

date: Sat, 19 Aug 2023 09:52:37 GMT
accept-ch: Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
server: nginx
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: null
location: https://ad2.apx.appier.net/v1/prebid/bid?acid=BiEsbaYoDK2n04P95ZDgZA
cache-control: no-store
access-control-allow-credentials: true
content-length: 0

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 02A0 0
199 B 85ms
35ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=35115367756

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 02A0 0
199 B 82ms
34ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=22335269839

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F628 0
200 B 63ms
31ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=48038546648

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame F628 0
199 B 63ms
32ms XHR
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?ptv=140&profileId=184&cb=84890412031

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame 02A0 5 KB
3 KB 240ms
239ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 19 Aug 2023 10:02:36 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame F628 0
199 B 19ms
17ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F628 43 B
365 B 20ms
18ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 13 Aug 2024 09:52:36 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame F628 43 B
365 B 21ms
20ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 13 Aug 2024 09:52:36 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame F628 0
199 B 18ms
17ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 02A0 43 B
365 B 21ms
19ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=1

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 13 Aug 2024 09:52:36 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ Frame 02A0 43 B
365 B 19ms
18ms Image
image/gif 2a02:2638:d::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/images/pixel.gif?ch=2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Tue, 13 Aug 2024 09:52:36 GMT

POST
H2 204 events
bidder.criteo.com/csm/ Frame 02A0 0
199 B 25ms
24ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:35 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

POST
H2 204 events
bidder.criteo.com/csm/ Frame 02A0 0
199 B 20ms
20ms Ping
text/plain 2a02:2638:d::a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/csm/events

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dailydaily-up.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.dailydaily-up.com
date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=31536000; preload;
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Kestrel
vary: Origin

GET
H2 200 utag.js Show response
t.ssp.hinet.net/ Frame F628 5 KB
3 KB 243ms
240ms Script
application/javascript 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/utag.js

Requested by

Host: cdn.holmesmind.com
URL: https://cdn.holmesmind.com/js/presetfn.js?20230627

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
last-modified: Wed, 16 Nov 2022 03:58:03 GMT
server: nginx
etag: W/"63745fcb-142e"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=600
expires: Sat, 19 Aug 2023 10:02:36 GMT

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame D0F0 30 B
278 B 242ms
242ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=f1a9c5b2-1497-4f5c-97df-9577534f13b6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cdn.holmesmind.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://cdn.holmesmind.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 sync.js Show response
sync.logly.co.jp/sync/ Frame CB1C 0
268 B 231ms
230ms Script
text/plain 18.178.157.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.logly.co.jp/sync/sync.js
Requested by: Host: sync.logly.co.jp
URL: https://sync.logly.co.jp/sync/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.178.157.43 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-178-157-43.ap-northeast-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://sync.logly.co.jp/sync/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sat, 19 Aug 2023 09:52:36 GMT
cache-control: private, no-cache, no-cache="Set-Cookie", proxy-revalidate
server: nginx
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
p3p: CP="NOI DSP COR NID DEVa PSAa PSDo OUR SAMa STP PRE STA UNI NAV COM"

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame 02A0 9 KB
9 KB 34ms
33ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14456&rf=&n=814&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7864-5K5uALkU3KfkgJgEtHNyIV3zfaEXlbAK&fp_uuid=7864-88412bc972ad8e2801929482845a4d2215f1171d8f99235292b8cb70ed2c195b&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: O7sZGT0knnzygQhuPzTFxlRFCbP1u_sa
date: Sat, 19 Aug 2023 09:52:04 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:29:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 33
x-amz-server-side-encryption: AES256
etag: "5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8980
x-amz-cf-id: VqefQwBkFt7zlf5zS1zimHov-p_dcz8SYM7zegt6huq8zgDh0W5gbA==

GET
H2 200 drawV2.js Show response
cdn.holmesmind.com/js/ Frame F628 9 KB
9 KB 7ms
6ms Script
application/javascript 2600:9000:237d:c000:0:e06c:e940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.holmesmind.com/js/drawV2.js
Requested by: Host: ad.holmesmind.com
URL: https://ad.holmesmind.com/adserver/ads.js?z=14456&rf=&n=926&o=1&fc=undefined&d=1&b=2&ts=1&ii=3&FPCK=7864-5K5uALkU3KfkgJgEtHNyIV3zfaEXlbAK&fp_uuid=7864-88412bc972ad8e2801929482845a4d2215f1171d8f99235292b8cb70ed2c195b&initver=230627P
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:237d:c000:0:e06c:e940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

x-amz-version-id: O7sZGT0knnzygQhuPzTFxlRFCbP1u_sa
date: Sat, 19 Aug 2023 09:52:04 GMT
via: 1.1 2190b35b24e05763512aa336b18a1b52.cloudfront.net (CloudFront)
last-modified: Fri, 14 Jul 2023 03:29:39 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P2
age: 33
x-amz-server-side-encryption: AES256
etag: "5605cb8cc8a95ce9c39d43b26ce2823b"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 8980
x-amz-cf-id: PWXjIibW3N9xrx5QiRvYPgWfaTGSCBsFZGNAt5MG9GCBVCFlmZgwFA==

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame 02A0 36 B
411 B 242ms
241ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

80164afd06a67645c5029987fa97d71e4a7d3363d5fc5e9feffc5e39ad3641db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.dailydaily-up.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FE9D 42 B
174 B 115ms
113ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst_9ytiFn1IB1NNpaQK6GR2NCW3g62BO7t8qfRhiCnNRkVGc5Rco82YAT-pS5W6n-otrW1bIN9Bf53IouSPHJTFtVR9DO0JKek1ITuNJV4_4sw7l1JmNKY8VMyP5iKoqcSsa3yQjdlytEPE&sai=AMfl-YQwZ6Dggg7XxTGrhDe0sKnJmGonAwFmwnrxThZ1Rd4VtlXq9c33ipdzAeV4b9G8qb2L_e1u4CAHpnhf&sig=Cg0ArKJSzEhGLaXWZdJLEAE&cid=CAQSGwBpAlJW9ByxrO2TGA0b9nNZqvzZ33wLKpNQnhgB&id=lidar2&mcvt=1002&p=0,0,280,850&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20230816&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3715432496&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1692438754517&rpt=1058&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:36 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
t.ssp.hinet.net/ Frame F628 36 B
411 B 242ms
239ms XHR
text/html 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

80164afd06a67645c5029987fa97d71e4a7d3363d5fc5e9feffc5e39ad3641db

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://www.dailydaily-up.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 emome2 Show response
t.ssp.hinet.net/ Frame 02A0 30 B
281 B 242ms
241ms XHR
application/json 203.75.214.136
HINET Data Commun...

General

Check archive.org

Show headers Download Go to

Full URL

https://t.ssp.hinet.net/emome2?u=f1a9c5b2-1497-4f5c-97df-9577534f13b6

Requested by

Host: t.ssp.hinet.net
URL: https://t.ssp.hinet.net/utag.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

203.75.214.136 , Taiwan, ASN3462 (HINET Data Communication Business Group, TW),

Reverse DNS

203-75-214-136.hinet-ip.hinet.net

Software

nginx /

Resource Hash

365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:36 GMT
strict-transport-security: max-age=0
content-encoding: gzip
server: nginx
vary: Accept-Encoding, Origin
content-type: application/json
access-control-allow-origin: https://www.dailydaily-up.com
cache-control: no-cache, private
access-control-allow-credentials: true

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 1CBE 97 KB
28 KB 126ms
104ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

212a2954bd370a297cf8ce033cfa4ea93bd16bb03f94203ae112e26ec5bba910

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28532
x-xss-protection: 0
server: cafe
etag: 213 / 19588 / m202308150101 / config-hash: 4570674370816517536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 4C25 97 KB
28 KB 201ms
193ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85a7af7754a6537256c34a8cba717dd7135b94d22018936510d7ed743dc70e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28532
x-xss-protection: 0
server: cafe
etag: 356 / 19588 / m202308150101 / config-hash: 4570674370816517536
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ Frame 1CBE 402 KB
127 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13401
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129634
x-xss-protection: 0
server: cafe
etag: 8962464231799197432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:09:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1CBE 24 KB
11 KB 253ms
253ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2133539460467170&correlator=784565390238804&eid=31068367&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D8af1167fdde0a705-224cf5c355de005f%3AT%3D1692438754%3ART%3D1692438754%3AS%3DALNI_MarCMnjHluQCZmAYQM6GCue3xxHbw&gpic=UID%3D00000c625c6aa8af%3AT%3D1692438754%3ART%3D1692438754%3AS%3DALNI_MYb99cp4gKF81KiUSJJJkuSRwoKkA&abxe=1&dt=1692438757373&lmt=1692431557&adxs=632&adys=13095&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=wy8qkzahospr&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ref=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&top=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&vis=1&psz=336x280&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=1650045600.1692438755&ga_sid=1692438757&ga_hid=2097434160&ga_fc=true&dlt=1692438757164&idt=183&adks=1603015165&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3bf54f61d2278d7585f1b3ec288714819c347c98721f30f4368a06f19aefbad2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11273
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dailydaily-up.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1CBE 15 KB
11 KB 65ms
64ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c411f2d04872ff57ce67b6eea232aa25a839c3b122f7bfe36b4c117ffb52757a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11748
x-xss-protection: 0

GET
H2 200 container.html Show response
615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5E0B 6 KB
3 KB 65ms
15ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
expires: Sun, 18 Aug 2024 09:52:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/ Frame 4C25 402 KB
127 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:09:16 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13401
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 129634
x-xss-protection: 0
server: cafe
etag: 8962464231799197432
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 18 Aug 2024 06:09:16 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4C25 24 KB
11 KB 360ms
360ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3412695746675140&correlator=2402550139913517&output=ldjh&gdfp_req=1&vrg=202308150101&ptt=17&impl=fif&iu_parts=22670248360%2Cdocilepuppy_336x280&enc_prev_ius=%2F0%2F1&prev_iu_szs=336x280&ifi=1&sfv=1-0-40&sc=1&cookie=ID%3D8af1167fdde0a705-224cf5c355de005f%3AT%3D1692438754%3ART%3D1692438754%3AS%3DALNI_MarCMnjHluQCZmAYQM6GCue3xxHbw&gpic=UID%3D00000c625c6aa8af%3AT%3D1692438754%3ART%3D1692438754%3AS%3DALNI_MYb99cp4gKF81KiUSJJJkuSRwoKkA&abxe=1&dt=1692438757441&lmt=1692431557&adxs=632&adys=10808&biw=1600&bih=1200&isw=336&ish=280&scr_x=0&scr_y=0&btvi=1&ucis=evdbok2y6yg&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&nhd=2&url=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&ref=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&top=https%3A%2F%2Fwww.dailydaily-up.com%2Fdoc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ&vis=1&psz=336x280&msz=336x0&fws=256&ohw=0&ea=0&ga_vid=1650045600.1692438755&ga_sid=1692438757&ga_hid=2086789357&ga_fc=true&dlt=1692438757180&idt=252&adks=1603015165&frm=23

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a38eef5f193880aabb75ca9e2b527a67bec7effef3f6556bb4158f7a26f06060

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11470
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.dailydaily-up.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4C25 15 KB
11 KB 58ms
58ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202308150101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f76db861ea62081cb86d08f74cdf710135f9159a7231402addb533e0d9410f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11729
x-xss-protection: 0

GET
H2 200 container.html Show response
269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A60A 6 KB
3 KB 31ms
16ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
expires: Sun, 18 Aug 2024 09:52:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1CBE 17 KB
6 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C20E 13 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:21:44 GMT
expires: Sun, 18 Aug 2024 09:21:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame ABAD 829 B
995 B 18ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ed359c91fe5a461160e0785a0469a2b19a6d4e8134d00cdac071f16c38baef33

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-gAOQ3vZXeAVa4C0hGqkS8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 538
content-security-policy: script-src 'report-sample' 'nonce-gAOQ3vZXeAVa4C0hGqkS8g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
expires: Sat, 19 Aug 2023 09:52:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4C25 17 KB
6 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame C20E 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame ABAD 0
0 105ms
105ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=2133539460467170&rc=
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 04A2 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1853
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:21:44 GMT
expires: Sun, 18 Aug 2024 09:21:44 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F148 829 B
559 B 17ms
17ms Document
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6d48f2ebe99c14c230a12f30f8b41e9bc82028bf86a7019639dee2aa096a49d4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-mamCaltNk-bBaeWzPQKWNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 537
content-security-policy: script-src 'report-sample' 'nonce-mamCaltNk-bBaeWzPQKWNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
expires: Sat, 19 Aug 2023 09:52:37 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 04A2 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12107
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F148 0
0 105ms
105ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202308150101&jk=3412695746675140&rc=
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C20E 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?S2GFaQ
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 container.html Show response
615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2D47 6 KB
3 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
expires: Sun, 18 Aug 2024 09:52:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 5CF3 624 B
242 B 48ms
47ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVyXQwbvrm3UUAE2BCD7KEr1GEYgNDfCxM3CFhjCbYUpO6DOUgGhy_f5nLAFVazpogXL_dxU1Ii4KVZikE03lEKmX6YRxMhMMUbn71DG6Qt-yhtOCE-syynn1YE4JgAnNd7YJ8LVwaRUjMDApzjxfXZRssQ1z_W5T_WjXNqm8_uGGQbXzQ

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame 2D47 86 KB
29 KB 151ms
150ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D47 42 B
63 B 106ms
105ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C9_cv2eiegnvWK3KOKZJ2CDP0lVnOkFJJZQE7UOU9z_eMCKSOgrS-GSUAgUYlLU0TnB0Sn2zlBwOOM6_bbZ1BL6_gBNqcjLM97zuXz_JPlHzbgRdo

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D47 0
20 B 107ms
106ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=17582745283610590222&x=1&ct=76

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2D47 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame 2D47 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:31 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2D47 180 KB
56 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 04A2 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?8Zg51A
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5CF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVyXQwbvrm3UUAE2BCD7KEr1GEYgNDfCxM3CFhjCbYUpO6DOUgGhy_f5nLAFVazpogXL_dxU1Ii4KVZikE03lEKmX6YRxMhMMUbn71DG6Qt-yhtOCE-syynn1YE4JgAnNd7YJ8LVwaRUjMDApzjxfXZRssQ1z_W5T_WjXNqm8_uGGQbXzQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Aug 2023 09:52:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=498
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5CF3
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZOCQ5Z18pToesMMC9QgsawAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1

43 B
766 B

8ms
8ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVyXQwbvrm3UUAE2BCD7KEr1GEYgNDfCxM3CFhjCbYUpO6DOUgGhy_f5nLAFVazpogXL_dxU1Ii4KVZikE03lEKmX6YRxMhMMUbn71DG6Qt-yhtOCE-syynn1YE4JgAnNd7YJ8LVwaRUjMDApzjxfXZRssQ1z_W5T_WjXNqm8_uGGQbXzQ
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Aug 2023 09:52:37 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=497
Content-Length: 43
Expires: 0

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJFigiBNZ_bW8F8-rWDR-es&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

bounce
ib.adnxs.com/ Frame 5CF3
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEO7gI0nCFFfXreCNOGghC4A&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO7gI0nCFFfXreCNOGghC4A%26google_cver%3D1

43 B
887 B

20ms
19ms

Image
image/gif

185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO7gI0nCFFfXreCNOGghC4A%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNVyXQwbvrm3UUAE2BCD7KEr1GEYgNDfCxM3CFhjCbYUpO6DOUgGhy_f5nLAFVazpogXL_dxU1Ii4KVZikE03lEKmX6YRxMhMMUbn71DG6Qt-yhtOCE-syynn1YE4JgAnNd7YJ8LVwaRUjMDApzjxfXZRssQ1z_W5T_WjXNqm8_uGGQbXzQ

Protocol

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
an-x-request-uuid: 74421523-520c-465f-bca2-2cc9b4065845
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 81.95.5.42; 81.95.5.42; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
an-x-request-uuid: a7e3a617-463a-4f2b-9951-d94ce38b0ff0
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEO7gI0nCFFfXreCNOGghC4A%26google_cver%3D1
cache-control: no-store, no-cache, private
x-proxy-origin: 81.95.5.42; 81.95.5.42; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5CF3
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUzMzc2MTQ3NzgxODI5OTA3NA%3D%3D

170 B
188 B

18ms
18ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUzMzc2MTQ3NzgxODI5OTA3NA%3D%3D

Requested by

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
an-x-request-uuid: 393a879b-1c30-4480-b6bb-7471215dbc88
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODUzMzc2MTQ3NzgxODI5OTA3NA%3D%3D
x-proxy-origin: 81.95.5.42; 81.95.5.42; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame C94F 6 KB
3 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308150101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dailydaily-up.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
expires: Sun, 18 Aug 2024 09:52:37 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8446 640 B
262 B 48ms
47ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNWVLrn22lF5pV7BuFQhv_7EeTmilRmvHSsam9jBZsOQosyFX__lj4f8aAnG43qbVNRmYcqnRFpG2bibCeJXY8bUUgUH-bexZB0JZDrzskru49_cOOhuIGKmS-C_vDVbtKtXAUTda_E8JegvZk0ZaDJ89GwUP5rG3hIMoY6tNhUlns0yKKY

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:37 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 dv3.js Show response
pagead2.googlesyndication.com/pagead/js/ Frame C94F 86 KB
29 KB 103ms
103ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/dv3.js

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30167
x-xss-protection: 0
server: cafe
etag: 12949109546734229676
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=600
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C94F 42 B
63 B 108ms
107ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AtvkMG9tV70OoRbdZRURJoWRU5nCD0W2oHg0mXAOGlgQzyjXHVy9fX6T-UNjYxN9WIu18VvGD2DFpPVENSPAIF1x7TW75rJg3d8KDoCAVdBgxlN30

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C94F 0
20 B 108ms
107ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=13028487355647132369&x=1&ct=76

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C94F 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/window_focus_fy2021.js

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 19:52:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 19:52:42 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/ Frame C94F 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230816/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:28:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73446
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8273
x-xss-protection: 0
server: cafe
etag: 16365778639179992903
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 13:28:31 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame C94F 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNV5zBoyTuuvgPqaId8cLQ4o5yKV4tEbWg4U7zSTnuFlvhH5yOGQ7B-Gf5h3N24ACfREHKSmXpNxh4FlIyupbYhZ0cWg
Requested by: Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C94F 180 KB
56 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57620
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1692185840427238"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:37 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D47 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=3556422355693&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D47 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=3556422355693&version=m202307240101&ct=76&x=1&cor=17582745283610591000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 2D47 102 KB
38 KB 70ms
70ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByHwwWEtPpLjSTb8WSk_GSibXVN-nXTZEfkmQAS8moftUL0_WYRCS3hIsVB2U17UAfeQ0GAGbpSMPwJDc1PKQIMypoKF7PC0sFbEVSArsATz5BXjEVBYWN595Ohzbdydg4p419dynSgun6PhJTW_uCdwkLU74TF27HFNdQcOxRi24zubc&dbm_d=AKAmf-BSPSgSc03cGD9e5P1Hj2mm3XmOjKYxgp2VV1pEERn7stC2F3A_btlTuFxe04nHpl6yoJn6gDL_oRCsFjGEVsS2IPDpBj8IBIOhL-LP5QOTFsY1gX2OuKYwwMWW6lg13tk-6IsVw0Z2swP8T8ikWtwfRTXGpxiKmICepBSXurojOOW0_VZJPoMFpLcPYL6-6ilNSMqzxsf0qTmgCT-hwfaE37DeVdpBBdWNYpN9f1Cin9Jb7GwrjN84WM6aujclHI6xFuZYdByZL87fIIFFWxWLQjE-JlGkBPOqB1AM2G-iGLHoEX2-SDPQzUrZaUNcYQy8ofl_b3Oh2cBMBPZAY2YwIa0-0rRuI-nD8GMqOV0xdO_Mc9IFNc77kapg0vOnWJgYKLOzy-k-F6VC9q2w3F_RHhVOf2pFu-wx9t4PONAFTex7cM3AmZ38DxiOINYeiX9Rt81qzdpNM30zJ5KqxTOD_4OvXi-vtxBC6sdcwTJ8JygVeTLEnni6Lvkz_Ye2heUn9jAr4rdcsjlD44CeqSH-vl5G0Sp0ZNmhowwFmiCUVob8QGXvYLRbdAyojpm7uy-H48p-HxOg17r6Y4_Y-5R0esfzM90LEur_4gx2zrL3eqLD_3nn1KanSK2fHFDTJaoaFMr2awWwtJGcvSvfm0wUod7_yKZUwMuQvoyw9eDpR7vPTK69JRjM091oImlQtAkJLqkAqgD6iwK_EomzqprGMFCZzSz4Bg8Y7SXgRNTg1VwX2GqvnEKiWFEjLqDPUKKqL6MMiW11CYRgv2q7kDLGc9lqJ6TZVHg35bdF4JeDRFQcPTwc1Ls3KzZqy2ApquZsx2M4lfj5qxiz5CpnXGOA6a3EjYpWvj6yjr7vknMSUq3p21qCkI0fsqHWD_liJS0zvajdSFVICf9pMrvDAHZkxRsgLqhX0pCttWGgB5zOgqaxUaBLfBQhFbr5KKmNq4qWsyYN6xPw-sYRY1akShjK_yK6Jh4RuVUFa6OHx6ptvkqG_0fqLMYx1VXXA1-vXtMQrfxDgIo5jhlIoIkLr6t3MMBAFGrlHeyzrtTuVbckbOJWQNE_UeHr9JYMfUZ1pwwgAomJqOJcsNAmqadzmOWmp4ny5ZbSAWmWlQR9W68hx6ejY9Z5jFw4DiZA2s7bpoidzoHVdGj78dyqgJdMH2t3Le7tNSbC5eWebUuu6ACb__Lzwq85E9-bm3oJINdor5823LU7nwW3WIbjtEDPICOocMPRU9_tDApT7iptdADgPG4bOdIXoGVuilaS87H2kWOthpnvN5bEi_G2sRvO-_Uh1X94McOLUx4Q4u9f0Ur5EnFnzVX_XRPWrhKvEJV0P7e9-hLY0xddFKny_j3frpBpeTufC90CdaraHAycIN7wUmae2gXryva-HdrRx3NMjPHaO2myfR-tFIxiewLzlalZxuPZu8KsiTr9QvHz72kWT-fXQTEhI8WKHVxoWg-nnx_mEy4-qAgJVD-HgaEZz1Uf8Z9H518YS1cBON4imPPUxMFTrDMiieNoNxMy2dbUALA4Me0ldtL34HzewpiceI6FXHJfSRSNRFO2fbxyIEtVbzHtvILdlJIi1ASbd9ThzvJvmUZLJIJHPvp0fub-2sQUak8lKcdOt0TNS6gzVB1IW-1t4oooKH4T4IWrGEQbaiL27-qDupvbMkUyMgMvANtQv8cFxG7rP6VH9AjFwOtVlGs4YrrCklMCMvLZA3Zl_ZimLKwWCfTHSVMToVCx7td4ysjQOPFym41ztLZl5uZNmYd52JDWHd6QGf6xxrIV72fZMY7_zpUOok93ZB94QUs0cRYhqbptmVUaCb8mGXISQY_AUEwrHqhPteVocAa2wQGU76kp15QaoauoUzfzrR34piW65HVHqj0C_E82Dho6_DYu9wiALZEkqGS-Zi4ByBNwIG3zctgz1sfZe6Hu1NGxGYZ1Zrkd4RHb8UJ29igZjWVr3VWSpce6bTGiyQpJLF5yz8yH8ADvQ2y03eNMNK8_pB9ub9Id4AsmLUw35llW69lNL8oNQOz1Wmkqf4khsjzyrddLc-XdFj1Synpb7fu7Q8TKeEo0pF66cWxwhrWgFuzo797BGWrD7WsDUmm-vq45EMH9W_3TZAFNite3s2PJvkvnP3dVZu611oFIX_P4Vo-9D6O4TPllIQhFf13PWPq3ha8pT-b9BmRkBJQWhbw4EWrYww2HEmYZBSIopjyR0Wn-1L7zRWjIzhYc0-4Y5sU2obYmZ_WhkS6jd7axO2L4YXPg_eCvGvWuKCkojtvqpoaAQ-e05WVV-VAflqnan15BawniIgGohC9PghmqvvtEljczigVTeuMtxmoNUGgsDl5SiFuI56yBMANuvSxKfJXYAgHQt0YLYC_ZBkAWm3ccEy_nWDP6LwKZf0JdlVpW0qZH9bp5yNfpYHQ8dgoRflghM3E70l3N2_hfl7Mj5TvbNGieTJX32ou35eLuxVKk_eJs8-V6w5Jsc9skgkNwH6qLQJVLdOh9d3aeGzQS-pzdAuUJCWaJrguaELpY2BsJpLDkvKHRBkOZFg6iDrN_vVV1-_ZIuEchyLwGbLP8yy7vhT7maSIPDfGf9T3L_B9fJ53CJo5Nh9AHuDNlnpiy_vwqCwOnMOlUMKzwGOM9xtRqkjMsJQ9qov99XmTSRNcrk2C7l1mcApWDUwrInb0FiapvVFePAnP60ybQs9-rW_y7A5nu1mPtB0FMxkpm3GSMJfA9JotSm77XvnzzXrPFJeMMWx1RF_mrd1h17jW9cO1WBXnHkEZZ-BApigpI_IZHlhuK6A-wdozApnlIiHSG4p1Y0Bht_KqJFUTRYi2FYH2k_6Hck0gxuG3xPXoBu7wXPsmGRKkf7TCohYYZiYkEodI8lobYwbTC71dNF0btK_T_WzL3UAWS_BBShVGbploLZj-_Y_3lYwNsb-TCzjhPWvxzO_u631CT0ZkEKxGOTGprH94gVJJXIKqs_DkNivoZqoMDTHw92FqwGJWm0XA4QG6YR97PvRaw-_8eDZyk3Qq57dIDDSW4bKQTWnWGRVyN48Rs4xDvxfoUif8FlJBBiYE_3s2QG-7eg0Xs5T8nD3kUvFhqR0FCErJAVB8duzm_6MNHO0YFPGN5hsa1C1zZe8uPl_41zi69gywzxugtvE8NSaUtmM94DzJfloBlhRffL-rNXsatEnhfOGrmBXW3Uf0E_sGeV1J07X-DRMgAjUQIg-hL4mmyDdfwZ9KAsLl7qHDS7Ggn4H6DxEXYgTKcpFsccpE4SsIh_HDyKrBNTYRUEBY8N6W1ixFRdYecXC2gfR21lwePrdCcY5sPL7q003MvPAFLHOYUnTGs5fV5QTn2HkS0qYkIc0qhroK41R2QgEO97LZ0hnyDzSxf48I52XvBILziGxF5tETOTFE2TGieVhRQZLBJT23XB8MZPg_Ks2F8O7BvgcMCGcGghqQ1tzcakeZFJj3a2Q0ui8mWjK84gUdDrHxaUvHr1PV0qNzonK-iwin8heke2ny-BnYziDdYPeUmF4fod77KD6I4O57XV4gxysWHz5GWNH1LbzBazv14YTang3ujjDbJxDPL6-iY62CJSZ9tdkPdzB7HFfX9YhuF6K0bmhleQs7de_2yZf3jeQmvDcdJOYfs3ECJ6752S001Pes0-jtMtYqXv46sMIoBx3mLZsZQaD5WRfIGLi-PYdrMDkFLLnUAjOdoNu-0d2T8L97jszhkkHu9JXd_IK_yVQiIOOHEgTq7co1r9P3Xqy6_UpELXHIllqecTOripFi0s19vAL8e_VdTeuXMTleYeqGZAIYR8bPb1FaXVjzov-mLXuYgIyeR3lD2eqryOblbTa1TY_VlHDSM4MvF0HU19MmRuYe2uAypgiGphdi69Vo&cid=CAQSPABpAlJWCaBkXVnETXb8pxFlgxFR2bPNMjYCOcAUeglGnm8IrG-kOWa8Eve-JXrAy0r_2slc407YHOJ1_xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.dailydaily-up.com&ds=l&xdt=1&iif=1&cor=17582745283610591000&adk=216784209&idt=156&cac=0&dtd=43

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee5d0a9209783fc331f5b3afac4a9750c5ca24af580a8102eb9192ded52f3f53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39176
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 8446
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4HjwovJAPOIazVKScsc48&google_cver=1

43 B
273 B

20ms
16ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4HjwovJAPOIazVKScsc48&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNWVLrn22lF5pV7BuFQhv_7EeTmilRmvHSsam9jBZsOQosyFX__lj4f8aAnG43qbVNRmYcqnRFpG2bibCeJXY8bUUgUH-bexZB0JZDrzskru49_cOOhuIGKmS-C_vDVbtKtXAUTda_E8JegvZk0ZaDJ89GwUP5rG3hIMoY6tNhUlns0yKKY
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEM4HjwovJAPOIazVKScsc48&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 8446 43 B
145 B 40ms
18ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNWVLrn22lF5pV7BuFQhv_7EeTmilRmvHSsam9jBZsOQosyFX__lj4f8aAnG43qbVNRmYcqnRFpG2bibCeJXY8bUUgUH-bexZB0JZDrzskru49_cOOhuIGKmS-C_vDVbtKtXAUTda_E8JegvZk0ZaDJ89GwUP5rG3hIMoY6tNhUlns0yKKY
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 8446
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEIoA1zgEqiLt6EVHHHzIED0&google_cver=1

23 B
163 B

40ms
33ms

Image
image/gif

104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEIoA1zgEqiLt6EVHHHzIED0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNWVLrn22lF5pV7BuFQhv_7EeTmilRmvHSsam9jBZsOQosyFX__lj4f8aAnG43qbVNRmYcqnRFpG2bibCeJXY8bUUgUH-bexZB0JZDrzskru49_cOOhuIGKmS-C_vDVbtKtXAUTda_E8JegvZk0ZaDJ89GwUP5rG3hIMoY6tNhUlns0yKKY
Protocol: H2
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Sat, 19 Aug 2023 09:52:37 GMT
pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um?eid=3&uid=CAESEIoA1zgEqiLt6EVHHHzIED0&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 8446 23 B
163 B 59ms
32ms Image
image/gif 104.102.35.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COGKFRCp6RsYmtbjwAEwAQ&v=APEucNWVLrn22lF5pV7BuFQhv_7EeTmilRmvHSsam9jBZsOQosyFX__lj4f8aAnG43qbVNRmYcqnRFpG2bibCeJXY8bUUgUH-bexZB0JZDrzskru49_cOOhuIGKmS-C_vDVbtKtXAUTda_E8JegvZk0ZaDJ89GwUP5rG3hIMoY6tNhUlns0yKKY
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.102.35.84 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-102-35-84.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

expires: Sat, 19 Aug 2023 09:52:37 GMT
pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C94F 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=5605400741566&version=m202307240101

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C94F 0
20 B 106ms
106ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=5605400741566&version=m202307240101&ct=76&x=1&cor=13028487355647132000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C94F 102 KB
38 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dog7M_7nEkm8aiE1djPNGBpchh1k1V4Fyg7iOI7e9rOL6aXsqGOoEv3A2W42ltKY1DiMth0OTfp8yqZEjprIAHkFYNu0NX1zJ--CVJtAEcAtP6h98VUtTSXkSTqi3EBe07Bnc0nGEnx1ZTcWNUaqvZTrw42cbu-kU2wunXDKVu8EeCTG8&dbm_d=AKAmf-C5utG2s-i_dI5CKWqmseOlFn-lKQtQ-BOTNkxvFtHqpaWa7hQW-p4d297ZYffIPAWcwXQ-bgpt7kRwUG-JRreUJOFYdj4z6v6b-t3LRdUUI3l3eVnf4NnG4j4TAm66zjP9XGcCULkW-9YqgltlQGFD0oVXNX4rJYFo51vRRRHhUPl74V0VbeZfyHP6kRUHY8wP3UVEfW2meavM_24yGuuJRAs06duncjzRJIORecwUeoNLOADC3HBMK9uiH6Epr4l59C1a_LyAs3YlZUsLeZYoYUg7jq3U3iPiOHrw8F3PhOzAmRDdk-ziZU_YHMA6OWHalNdXznMbwGtlIHMoPAV3nUGwEdYnsr91NO2MxJehnbFIuGee-t1Sd_2Of3n81L2cqI1BBozN9He4OFoTHyYRwHP7e3CKMBXD7wDKNDuYMup4mi0q0kvWrTPt5QeLGpPEN5Ut6dDqjNH427ybbQVAaP4aF0t3ap8I4Z6yvjqxj2O9OD-BPd2L6BUW2kYs18UcYVqU6fz58j9n7vUo2WUeS8IAaNguA6dyOUZUQLgeN-JNpwTGdjkPmqAHFXrPX-pbUx22g-akYTUSuKZutfRKn9FwxIExITn3uhfQrciOTFajwTVNKIE7nrL2BneqerLW6r45zk7yfxU4o5jfBOZma5dln5N5ZGsdFutUPZ_fbb8npSdnkmouFOxCuttHBgTmAbjjx7E3JQDYOYJTw2qLEjUmqA8DqCc2oxvS74jcC8sAmRjqj1DjPDMfU2SKdEIy0WXL9n1xJW27JAfW1Jk1ux-AZQdju5ayloz-I-9h7N1jkaj9zvCpFvmfRkb1jTwFqaI5VnH1b3dEb_3jcfVh2LzCEeDDmDVSPYFp_VqY_h2_qjM4g_6WJPMOy7a-fx7ei7cBSDMkqji9KbMK29y1JTjw7HTeCkAGVBk2jY9HRDJZCm5e_twMbMJTxO8NNtfkXVrRF4T-VL7rgOvju_ionpP-9lQHgXnWa96lpfgGgjtzqMMuc8dovuzibdBgoKkvnL8584-5XM8cahlTuAzcKITJb4cDR66a90-FI7UDFGkqlDMvOr8dyqdT2uolJ7wJ2NrJmeUS2RvhcnB3PuT_OLx0cquS47lt02oFWZH80njF9QdyGf-KqL3Zkm4Uu7w3UVetw8z0n2XyVY-EhEUdLma801JDvs2C9Boscn9prBpcLTJWNSA_ZTzARq59XJcr24gdSi0lDIu5tov2TSyVSqEtfaNWt4m7D4-JwL7GrcF2CuuUD1Xpou-oCUwoYv0fEt2OJPQDRO_LMH_kEDlwzDyZrOWdxuX1cIx5igph1ogEuSl5t0Hfx8QBeE_ReNmEYMxaZG5t-pyx8OzSNaHpgzIxGE8xFUZAoBv0V1Fj9zbTjK-807AEWnzO0S1BWmcvklTsi-KOaefSv2LOjHWwgKkBDg2gGHQza2_YOcs0WFGG3IYXZROw5kvbwBHaZ3BkDc9Zd_yQ_vv6VEuyzdcWRwQrl5gl_H-0imZnNk1_bCuDdTvRfyv2HZupPTXARWu7aiC2ah7Ssi8ACmy0qyNumYfDtqKxfRIPVQO0Y5uathjwXYeCOJiHCLrQx1ep4f-kx4ApwfS_acpMrISFI9TaXa1l8EOOgyifAswwNXyj8lboBts_431L6imc8NpFjB7UwnTcGXuJ57OGO2JvQt3alkvs7RX6yZ8PgBUYjthrtAFL1L9pKnffq4iMUXcDx88etSMQ2jrhb40nLNJI-4UlnyTL7UkFhzpCtmF6tYe2BBXwg425jHFrDDxf_BtZ5vulr6TUAxZ9oOxXfIUQhitbMHgCi5mCodb-ahZFTauPyrNaWMnDhmBm28bGEupcI4YV91gGiJwsvSiprFaFxOM7HZAytgtfrY7znWaMpibvrtyq2TKXu9q09QGtPGNlhbMraULgXki50eovF1bqDsBjPgjk91YHt7Y5XjWykbONcPjZBXbXEbLCTQJU89b4MmHuQb2LitGwIqD8HqSHT7Ts8Rqr6M0QK8zrhQ9YabQHAYzCfJ6nTR7OGeg59vhipbmScQw8QuxdSImHFB4jfQM9XSYA8S-JuRjypj0SXOH_bmY7ACh3HhUZwIqOrqNjxK0rkj7fsWogoS4RK590RDPqRMWRxnyagyh2X-t1bsTjAltWnp6q9ik6K0CgSHyNFw5vPARnHOPSHuQMVDWzxOpcQBRSGdweXKuRWxAomuzrH2qCJpI-3aTycPhw4wZ3u1iYE42rK8dvJEAW_acJCKKI2cJ0inepp1speqa1oE-mB1XRIraju2DHjH6zt5nUEhc-M0d5PmPGgxVDOEMs-2vCltCid6vwbjfnebnfc-PgrEXC40o5FfDtZBFFx8UpX36ngqunjPnZpHMyMPNtd1JHg8i4ggLhqqmoVLVQ4RCgfuNOh0KUmj2mCGuHO8Syzp6xrk1cfTN_0k6EmeXMQneHVtB-g0hSwy2um79h5wgOIjUn7HHaVGsZYuE62Vz_zy_ZhhuCk4bsByUugF_AKlbLJapV3kq2I_MAyTGDTv24J23kn5i4LqwDOeLQTypK6jRQZoA1-m0hL6Gdv7iizaxqFlTUFm_XhLWTFGPcFR9e0YweZ4ke5pRq69w3vozoVXypsGqoJWinh_L8acBr71vtSPGcL27rGKzQS9-Gd-L-RXPsEc4pslO8EgLntkHPsSsJ3JVh1fBZ8cHt9rZhxVKwrx5oMJrsfyJeI86MIL_o9qhACCuHYMIz_nXbnTGKKz1qlDLtbUrLMM0ShJ2-BGrXdsVLCXuFG97_rbIqb6p_xBUJmbbUcduLxmuuUSqEgjAQFNPPxz-Zf4DwiHQNVAHcVEXNVa-pY9YCD5zAcKfl3zRncPPg5ydr5vaeoY8McpvXOdHyFRLukL1AWOPe-aeq0o_JOiyrNUr0Y9AkX81N1QbVBivtcfuYrn0djgIIr5ar6D-yctHJcKDKtKAtFBHPSg7G_NFHyRGif4eZtrHjLO1ilRygwKrjFmp6FFyqrDau4BnZneIJ8Xvf7QlcFr-vZAaznX8GUC4a900_tSmuXHCKmFiInWs6a4KlKQcuN1-VjpQu2m5CbLmoW0SVdr4j_votmhG3FtIFT3I46CCw5dohd0UkyZu4Z4gh0Qmisqlp6vRVrGAIoO-cLVpriJEu3ieerU8tZEBrDqbk_WTUTQF27D1ZDYUQCIKiTJ2XYKZSVrSm90l1o3XcwSbRUwJbGjlrjDD_keJkFc5MOsurCzry_ERzlerjFni-0J-ulrCqk7skSDFcyKr6pOa_kb96UNEwr4-kSv2_djKyPyQLDkOT1yKAt0tCkeJpm6Grhg7FiA5LfWxR9rJ8OvIM-WSWiwtNjeG628gIVONbj4DJXs7xL3axFk6WCw0c9jl_SpZPUil6Wafv6tuICAliaH9vOFbNNSSWEayy0X4qAoB5bOY6tD5VrGrRMkOJfTf64kSHy1_cbqq39ZSUcOPhlQTsXZZ7XLHSQ1rI7Ta2JqmcqnrcHJde7IfEEQrgpL0hCkESgAvUzgIHbEhAhOlPiS4C22fZPdEPIVfSiSZFCWP3pRSAcLfjS4AMbmTLCMSsTjAPdAHo4fa4S5gU57rSZIJNecQLHn1JRfkZTBN_FziMLM7rTvxN3MHbeoEv93TGzPmSP7lUS44BIA4IM0JmSwe8j0wn4L5nOMfHWX2zUCoQoJihixf7aNl6LwDecfPJKOvTVKk7XlLaNGLLAXCUZXHYFKaBuH8P3_xw_GhPDgZYZkQ5mytWFQw-hG9DgHDzLrgJG0l2EAQpOwdc0PMeP8tyoTpfqCjfIwUKVGOIsh6QJ8dSzq76erakOT-v-JEvcT250D8W43imNPk4Z39laX7VBBMH9iHTcD8U4LdiczNYx_TZ-4M&cid=CAQSPABpAlJWZmW2GyYITDHbHBKaStvGhNEqqStI031qFJ-_r-9iRD4wXP4TirUhu2fDnnFd6GRSGIaubZl5eBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.dailydaily-up.com&ds=l&xdt=1&iif=1&cor=13028487355647132000&adk=1930376201&idt=109&cac=0&dtd=2

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8ebae2adcd582095934d1a634749aaf03010c548e010dec8c212cb2f0404406f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 38986
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 2D47 172 KB
61 KB 42ms
7ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
Origin: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16213
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:22:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame 2D47 11 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ByHwwWEtPpLjSTb8WSk_GSibXVN-nXTZEfkmQAS8moftUL0_WYRCS3hIsVB2U17UAfeQ0GAGbpSMPwJDc1PKQIMypoKF7PC0sFbEVSArsATz5BXjEVBYWN595Ohzbdydg4p419dynSgun6PhJTW_uCdwkLU74TF27HFNdQcOxRi24zubc&dbm_d=AKAmf-BSPSgSc03cGD9e5P1Hj2mm3XmOjKYxgp2VV1pEERn7stC2F3A_btlTuFxe04nHpl6yoJn6gDL_oRCsFjGEVsS2IPDpBj8IBIOhL-LP5QOTFsY1gX2OuKYwwMWW6lg13tk-6IsVw0Z2swP8T8ikWtwfRTXGpxiKmICepBSXurojOOW0_VZJPoMFpLcPYL6-6ilNSMqzxsf0qTmgCT-hwfaE37DeVdpBBdWNYpN9f1Cin9Jb7GwrjN84WM6aujclHI6xFuZYdByZL87fIIFFWxWLQjE-JlGkBPOqB1AM2G-iGLHoEX2-SDPQzUrZaUNcYQy8ofl_b3Oh2cBMBPZAY2YwIa0-0rRuI-nD8GMqOV0xdO_Mc9IFNc77kapg0vOnWJgYKLOzy-k-F6VC9q2w3F_RHhVOf2pFu-wx9t4PONAFTex7cM3AmZ38DxiOINYeiX9Rt81qzdpNM30zJ5KqxTOD_4OvXi-vtxBC6sdcwTJ8JygVeTLEnni6Lvkz_Ye2heUn9jAr4rdcsjlD44CeqSH-vl5G0Sp0ZNmhowwFmiCUVob8QGXvYLRbdAyojpm7uy-H48p-HxOg17r6Y4_Y-5R0esfzM90LEur_4gx2zrL3eqLD_3nn1KanSK2fHFDTJaoaFMr2awWwtJGcvSvfm0wUod7_yKZUwMuQvoyw9eDpR7vPTK69JRjM091oImlQtAkJLqkAqgD6iwK_EomzqprGMFCZzSz4Bg8Y7SXgRNTg1VwX2GqvnEKiWFEjLqDPUKKqL6MMiW11CYRgv2q7kDLGc9lqJ6TZVHg35bdF4JeDRFQcPTwc1Ls3KzZqy2ApquZsx2M4lfj5qxiz5CpnXGOA6a3EjYpWvj6yjr7vknMSUq3p21qCkI0fsqHWD_liJS0zvajdSFVICf9pMrvDAHZkxRsgLqhX0pCttWGgB5zOgqaxUaBLfBQhFbr5KKmNq4qWsyYN6xPw-sYRY1akShjK_yK6Jh4RuVUFa6OHx6ptvkqG_0fqLMYx1VXXA1-vXtMQrfxDgIo5jhlIoIkLr6t3MMBAFGrlHeyzrtTuVbckbOJWQNE_UeHr9JYMfUZ1pwwgAomJqOJcsNAmqadzmOWmp4ny5ZbSAWmWlQR9W68hx6ejY9Z5jFw4DiZA2s7bpoidzoHVdGj78dyqgJdMH2t3Le7tNSbC5eWebUuu6ACb__Lzwq85E9-bm3oJINdor5823LU7nwW3WIbjtEDPICOocMPRU9_tDApT7iptdADgPG4bOdIXoGVuilaS87H2kWOthpnvN5bEi_G2sRvO-_Uh1X94McOLUx4Q4u9f0Ur5EnFnzVX_XRPWrhKvEJV0P7e9-hLY0xddFKny_j3frpBpeTufC90CdaraHAycIN7wUmae2gXryva-HdrRx3NMjPHaO2myfR-tFIxiewLzlalZxuPZu8KsiTr9QvHz72kWT-fXQTEhI8WKHVxoWg-nnx_mEy4-qAgJVD-HgaEZz1Uf8Z9H518YS1cBON4imPPUxMFTrDMiieNoNxMy2dbUALA4Me0ldtL34HzewpiceI6FXHJfSRSNRFO2fbxyIEtVbzHtvILdlJIi1ASbd9ThzvJvmUZLJIJHPvp0fub-2sQUak8lKcdOt0TNS6gzVB1IW-1t4oooKH4T4IWrGEQbaiL27-qDupvbMkUyMgMvANtQv8cFxG7rP6VH9AjFwOtVlGs4YrrCklMCMvLZA3Zl_ZimLKwWCfTHSVMToVCx7td4ysjQOPFym41ztLZl5uZNmYd52JDWHd6QGf6xxrIV72fZMY7_zpUOok93ZB94QUs0cRYhqbptmVUaCb8mGXISQY_AUEwrHqhPteVocAa2wQGU76kp15QaoauoUzfzrR34piW65HVHqj0C_E82Dho6_DYu9wiALZEkqGS-Zi4ByBNwIG3zctgz1sfZe6Hu1NGxGYZ1Zrkd4RHb8UJ29igZjWVr3VWSpce6bTGiyQpJLF5yz8yH8ADvQ2y03eNMNK8_pB9ub9Id4AsmLUw35llW69lNL8oNQOz1Wmkqf4khsjzyrddLc-XdFj1Synpb7fu7Q8TKeEo0pF66cWxwhrWgFuzo797BGWrD7WsDUmm-vq45EMH9W_3TZAFNite3s2PJvkvnP3dVZu611oFIX_P4Vo-9D6O4TPllIQhFf13PWPq3ha8pT-b9BmRkBJQWhbw4EWrYww2HEmYZBSIopjyR0Wn-1L7zRWjIzhYc0-4Y5sU2obYmZ_WhkS6jd7axO2L4YXPg_eCvGvWuKCkojtvqpoaAQ-e05WVV-VAflqnan15BawniIgGohC9PghmqvvtEljczigVTeuMtxmoNUGgsDl5SiFuI56yBMANuvSxKfJXYAgHQt0YLYC_ZBkAWm3ccEy_nWDP6LwKZf0JdlVpW0qZH9bp5yNfpYHQ8dgoRflghM3E70l3N2_hfl7Mj5TvbNGieTJX32ou35eLuxVKk_eJs8-V6w5Jsc9skgkNwH6qLQJVLdOh9d3aeGzQS-pzdAuUJCWaJrguaELpY2BsJpLDkvKHRBkOZFg6iDrN_vVV1-_ZIuEchyLwGbLP8yy7vhT7maSIPDfGf9T3L_B9fJ53CJo5Nh9AHuDNlnpiy_vwqCwOnMOlUMKzwGOM9xtRqkjMsJQ9qov99XmTSRNcrk2C7l1mcApWDUwrInb0FiapvVFePAnP60ybQs9-rW_y7A5nu1mPtB0FMxkpm3GSMJfA9JotSm77XvnzzXrPFJeMMWx1RF_mrd1h17jW9cO1WBXnHkEZZ-BApigpI_IZHlhuK6A-wdozApnlIiHSG4p1Y0Bht_KqJFUTRYi2FYH2k_6Hck0gxuG3xPXoBu7wXPsmGRKkf7TCohYYZiYkEodI8lobYwbTC71dNF0btK_T_WzL3UAWS_BBShVGbploLZj-_Y_3lYwNsb-TCzjhPWvxzO_u631CT0ZkEKxGOTGprH94gVJJXIKqs_DkNivoZqoMDTHw92FqwGJWm0XA4QG6YR97PvRaw-_8eDZyk3Qq57dIDDSW4bKQTWnWGRVyN48Rs4xDvxfoUif8FlJBBiYE_3s2QG-7eg0Xs5T8nD3kUvFhqR0FCErJAVB8duzm_6MNHO0YFPGN5hsa1C1zZe8uPl_41zi69gywzxugtvE8NSaUtmM94DzJfloBlhRffL-rNXsatEnhfOGrmBXW3Uf0E_sGeV1J07X-DRMgAjUQIg-hL4mmyDdfwZ9KAsLl7qHDS7Ggn4H6DxEXYgTKcpFsccpE4SsIh_HDyKrBNTYRUEBY8N6W1ixFRdYecXC2gfR21lwePrdCcY5sPL7q003MvPAFLHOYUnTGs5fV5QTn2HkS0qYkIc0qhroK41R2QgEO97LZ0hnyDzSxf48I52XvBILziGxF5tETOTFE2TGieVhRQZLBJT23XB8MZPg_Ks2F8O7BvgcMCGcGghqQ1tzcakeZFJj3a2Q0ui8mWjK84gUdDrHxaUvHr1PV0qNzonK-iwin8heke2ny-BnYziDdYPeUmF4fod77KD6I4O57XV4gxysWHz5GWNH1LbzBazv14YTang3ujjDbJxDPL6-iY62CJSZ9tdkPdzB7HFfX9YhuF6K0bmhleQs7de_2yZf3jeQmvDcdJOYfs3ECJ6752S001Pes0-jtMtYqXv46sMIoBx3mLZsZQaD5WRfIGLi-PYdrMDkFLLnUAjOdoNu-0d2T8L97jszhkkHu9JXd_IK_yVQiIOOHEgTq7co1r9P3Xqy6_UpELXHIllqecTOripFi0s19vAL8e_VdTeuXMTleYeqGZAIYR8bPb1FaXVjzov-mLXuYgIyeR3lD2eqryOblbTa1TY_VlHDSM4MvF0HU19MmRuYe2uAypgiGphdi69Vo&cid=CAQSPABpAlJWCaBkXVnETXb8pxFlgxFR2bPNMjYCOcAUeglGnm8IrG-kOWa8Eve-JXrAy0r_2slc407YHOJ1_xgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.dailydaily-up.com&ds=l&xdt=1&iif=1&cor=17582745283610591000&adk=216784209&idt=156&cac=0&dtd=43

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36915
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 23:37:22 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame 2D47 30 KB
11 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70066
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 2D47 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72629
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 13:42:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3B2A 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5783
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2D47 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14b908c4a215ea0f392ce1419e99a1b5c16dceb6c3601e6079707e250439c708

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2A62 22 KB
8 KB 8ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 57413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 3B2A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESENks8ySqEV7paQe48N-iy5M&google_cver=1&google_push=AXcoOmSUk1tVaXNtObN83tR115U57t1PqwMkQBs9CKTEDTUmIDrNksRMHaJiQXVylEHpF88mbgp7dR31ZMjTVXbcTN7ONN_GUDs
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mjc2NzEwMzEzOTQ2MDYzMDI0MQ==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENks8ySqEV7paQe48N-iy5M&google_cver=1

43 B
398 B

45ms
20ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENks8ySqEV7paQe48N-iy5M&google_cver=1
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESENks8ySqEV7paQe48N-iy5M&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B2A
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFhhN2kxUDkxUXhpRGs1&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&google_cver=1&google_push=AXcoOmQmH8eZBtWoGqcwjirhy9a1CvSMcV1WhliJaPhFGDl...

170 B
188 B

20ms
20ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFhhN2kxUDkxUXhpRGs1&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&google_cver=1&google_push=AXcoOmQmH8eZBtWoGqcwjirhy9a1CvSMcV1WhliJaPhFGDl8kavO3JuBj8_G3qfiqvwBGxYO787AfeeINEI2qtbs-8ueWKnnEEzB

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Aug 2023 09:52:37 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-788-g55788f4#dev-temp-decrease-retargeting-updates-batch i-0546ea729b64acd63@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZFhhN2kxUDkxUXhpRGs1&google_gid=CAESEGanpkn7tYBznQFlLpngd6g&google_cver=1&google_push=AXcoOmQmH8eZBtWoGqcwjirhy9a1CvSMcV1WhliJaPhFGDl8kavO3JuBj8_G3qfiqvwBGxYO787AfeeINEI2qtbs-8ueWKnnEEzB
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B2A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGX7eWCQC2Dq_vcParlr5JA&google_cver=1&google_push=AXcoOmTDNdpby9MLN4Ud4R6h1dp9uveU8Va7cHDfUE1cszmrK9qCezRc6etHGq2Ie0jK40WmpVwsqCgeg9NrvHU4...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTDNdpby9MLN4Ud4R6h1dp9uveU8Va7cHDfUE1cszmrK9qCezRc6etHGq2Ie0jK40WmpVwsqCgeg9NrvHU4fNIqSE0Qi8Y

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTDNdpby9MLN4Ud4R6h1dp9uveU8Va7cHDfUE1cszmrK9qCezRc6etHGq2Ie0jK40WmpVwsqCgeg9NrvHU4fNIqSE0Qi8Y

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 19 Aug 2023 09:52:38 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x11 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmTDNdpby9MLN4Ud4R6h1dp9uveU8Va7cHDfUE1cszmrK9qCezRc6etHGq2Ie0jK40WmpVwsqCgeg9NrvHU4fNIqSE0Qi8Y
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 3B2A 43 B
146 B 32ms
8ms Image
image/gif 35.156.208.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDv5govRlZkIeghZKJFtSZY&google_cver=1&google_push=AXcoOmTnshivroAI2ZQm1gGglTZ0z_Lz9aYOSu5lmaVcrWurFwlb64Dp5LG4fxLw6s6hK43i8UteJq1lVc0PMOtF4katOEnE1EEw
Requested by: Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 3B2A 43 B
363 B 46ms
13ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRByhIJ2F01BUEpJqH285I5X8tLNlfj4pmMK9K1EOHvmen_9nwvgE8GoxMKROoaD3AB-Tw8XTekMcbtGIFZd3I-5rjDP2pO&google_gid=CAESEF25w9PgcFttXL6rxyOrOAs&google_cver=1

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 183693
expires: Sat, 19 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3B2A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEF_wdQCA65PpRvuKkpnK8KU&google_cver=1&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGRvdptT...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEF_wdQCA65PpRvuKkpnK8KU&google_cver=1&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGR...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4ODc3OTUxMjYyMDc4NTE0NQ&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGRvdp...

170 B
188 B

25ms
25ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4ODc3OTUxMjYyMDc4NTE0NQ&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGRvdptTmafKhkOaCRGFD790L2BT

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NjQ4ODc3OTUxMjYyMDc4NTE0NQ&google_push=AXcoOmRap5mgUZjVUFXq0eermpWMydn8eZbihYruwn6bYpeiYhzITdIj37RHE9F6SnoK9pPWcGRvdptTmafKhkOaCRGFD790L2BT
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 sync
ssbsync.smartadserver.com/api/ Frame 3B2A 0
45 B 86ms
17ms Image
text/plain 185.86.139.93
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEKK61dYb4YO910mwULsTPvk&google_cver=1&google_push=AXcoOmQc_3UHzlSrxpgS1wUhyJoe_BKo4CfZwih6deyL5Rc83UlbSLThnMufVoTLErbW5Oux-Hviq4T_fONpWT_AMkyWyUhKyqEP
Requested by: Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.93 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:37 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3B2A 0
12 B 15ms
14ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KXgAb_0hue7q6qXwcA-GiIsHe1vp4CeC9w-zYmoZ9qtd9dZbBTIfKb5yYq7FxwUZWDsYgE

Requested by

Host: 615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
URL: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame C94F 172 KB
60 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
Origin: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:22:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16214
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61485
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:43:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:22:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/ Frame C94F 11 KB
4 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dog7M_7nEkm8aiE1djPNGBpchh1k1V4Fyg7iOI7e9rOL6aXsqGOoEv3A2W42ltKY1DiMth0OTfp8yqZEjprIAHkFYNu0NX1zJ--CVJtAEcAtP6h98VUtTSXkSTqi3EBe07Bnc0nGEnx1ZTcWNUaqvZTrw42cbu-kU2wunXDKVu8EeCTG8&dbm_d=AKAmf-C5utG2s-i_dI5CKWqmseOlFn-lKQtQ-BOTNkxvFtHqpaWa7hQW-p4d297ZYffIPAWcwXQ-bgpt7kRwUG-JRreUJOFYdj4z6v6b-t3LRdUUI3l3eVnf4NnG4j4TAm66zjP9XGcCULkW-9YqgltlQGFD0oVXNX4rJYFo51vRRRHhUPl74V0VbeZfyHP6kRUHY8wP3UVEfW2meavM_24yGuuJRAs06duncjzRJIORecwUeoNLOADC3HBMK9uiH6Epr4l59C1a_LyAs3YlZUsLeZYoYUg7jq3U3iPiOHrw8F3PhOzAmRDdk-ziZU_YHMA6OWHalNdXznMbwGtlIHMoPAV3nUGwEdYnsr91NO2MxJehnbFIuGee-t1Sd_2Of3n81L2cqI1BBozN9He4OFoTHyYRwHP7e3CKMBXD7wDKNDuYMup4mi0q0kvWrTPt5QeLGpPEN5Ut6dDqjNH427ybbQVAaP4aF0t3ap8I4Z6yvjqxj2O9OD-BPd2L6BUW2kYs18UcYVqU6fz58j9n7vUo2WUeS8IAaNguA6dyOUZUQLgeN-JNpwTGdjkPmqAHFXrPX-pbUx22g-akYTUSuKZutfRKn9FwxIExITn3uhfQrciOTFajwTVNKIE7nrL2BneqerLW6r45zk7yfxU4o5jfBOZma5dln5N5ZGsdFutUPZ_fbb8npSdnkmouFOxCuttHBgTmAbjjx7E3JQDYOYJTw2qLEjUmqA8DqCc2oxvS74jcC8sAmRjqj1DjPDMfU2SKdEIy0WXL9n1xJW27JAfW1Jk1ux-AZQdju5ayloz-I-9h7N1jkaj9zvCpFvmfRkb1jTwFqaI5VnH1b3dEb_3jcfVh2LzCEeDDmDVSPYFp_VqY_h2_qjM4g_6WJPMOy7a-fx7ei7cBSDMkqji9KbMK29y1JTjw7HTeCkAGVBk2jY9HRDJZCm5e_twMbMJTxO8NNtfkXVrRF4T-VL7rgOvju_ionpP-9lQHgXnWa96lpfgGgjtzqMMuc8dovuzibdBgoKkvnL8584-5XM8cahlTuAzcKITJb4cDR66a90-FI7UDFGkqlDMvOr8dyqdT2uolJ7wJ2NrJmeUS2RvhcnB3PuT_OLx0cquS47lt02oFWZH80njF9QdyGf-KqL3Zkm4Uu7w3UVetw8z0n2XyVY-EhEUdLma801JDvs2C9Boscn9prBpcLTJWNSA_ZTzARq59XJcr24gdSi0lDIu5tov2TSyVSqEtfaNWt4m7D4-JwL7GrcF2CuuUD1Xpou-oCUwoYv0fEt2OJPQDRO_LMH_kEDlwzDyZrOWdxuX1cIx5igph1ogEuSl5t0Hfx8QBeE_ReNmEYMxaZG5t-pyx8OzSNaHpgzIxGE8xFUZAoBv0V1Fj9zbTjK-807AEWnzO0S1BWmcvklTsi-KOaefSv2LOjHWwgKkBDg2gGHQza2_YOcs0WFGG3IYXZROw5kvbwBHaZ3BkDc9Zd_yQ_vv6VEuyzdcWRwQrl5gl_H-0imZnNk1_bCuDdTvRfyv2HZupPTXARWu7aiC2ah7Ssi8ACmy0qyNumYfDtqKxfRIPVQO0Y5uathjwXYeCOJiHCLrQx1ep4f-kx4ApwfS_acpMrISFI9TaXa1l8EOOgyifAswwNXyj8lboBts_431L6imc8NpFjB7UwnTcGXuJ57OGO2JvQt3alkvs7RX6yZ8PgBUYjthrtAFL1L9pKnffq4iMUXcDx88etSMQ2jrhb40nLNJI-4UlnyTL7UkFhzpCtmF6tYe2BBXwg425jHFrDDxf_BtZ5vulr6TUAxZ9oOxXfIUQhitbMHgCi5mCodb-ahZFTauPyrNaWMnDhmBm28bGEupcI4YV91gGiJwsvSiprFaFxOM7HZAytgtfrY7znWaMpibvrtyq2TKXu9q09QGtPGNlhbMraULgXki50eovF1bqDsBjPgjk91YHt7Y5XjWykbONcPjZBXbXEbLCTQJU89b4MmHuQb2LitGwIqD8HqSHT7Ts8Rqr6M0QK8zrhQ9YabQHAYzCfJ6nTR7OGeg59vhipbmScQw8QuxdSImHFB4jfQM9XSYA8S-JuRjypj0SXOH_bmY7ACh3HhUZwIqOrqNjxK0rkj7fsWogoS4RK590RDPqRMWRxnyagyh2X-t1bsTjAltWnp6q9ik6K0CgSHyNFw5vPARnHOPSHuQMVDWzxOpcQBRSGdweXKuRWxAomuzrH2qCJpI-3aTycPhw4wZ3u1iYE42rK8dvJEAW_acJCKKI2cJ0inepp1speqa1oE-mB1XRIraju2DHjH6zt5nUEhc-M0d5PmPGgxVDOEMs-2vCltCid6vwbjfnebnfc-PgrEXC40o5FfDtZBFFx8UpX36ngqunjPnZpHMyMPNtd1JHg8i4ggLhqqmoVLVQ4RCgfuNOh0KUmj2mCGuHO8Syzp6xrk1cfTN_0k6EmeXMQneHVtB-g0hSwy2um79h5wgOIjUn7HHaVGsZYuE62Vz_zy_ZhhuCk4bsByUugF_AKlbLJapV3kq2I_MAyTGDTv24J23kn5i4LqwDOeLQTypK6jRQZoA1-m0hL6Gdv7iizaxqFlTUFm_XhLWTFGPcFR9e0YweZ4ke5pRq69w3vozoVXypsGqoJWinh_L8acBr71vtSPGcL27rGKzQS9-Gd-L-RXPsEc4pslO8EgLntkHPsSsJ3JVh1fBZ8cHt9rZhxVKwrx5oMJrsfyJeI86MIL_o9qhACCuHYMIz_nXbnTGKKz1qlDLtbUrLMM0ShJ2-BGrXdsVLCXuFG97_rbIqb6p_xBUJmbbUcduLxmuuUSqEgjAQFNPPxz-Zf4DwiHQNVAHcVEXNVa-pY9YCD5zAcKfl3zRncPPg5ydr5vaeoY8McpvXOdHyFRLukL1AWOPe-aeq0o_JOiyrNUr0Y9AkX81N1QbVBivtcfuYrn0djgIIr5ar6D-yctHJcKDKtKAtFBHPSg7G_NFHyRGif4eZtrHjLO1ilRygwKrjFmp6FFyqrDau4BnZneIJ8Xvf7QlcFr-vZAaznX8GUC4a900_tSmuXHCKmFiInWs6a4KlKQcuN1-VjpQu2m5CbLmoW0SVdr4j_votmhG3FtIFT3I46CCw5dohd0UkyZu4Z4gh0Qmisqlp6vRVrGAIoO-cLVpriJEu3ieerU8tZEBrDqbk_WTUTQF27D1ZDYUQCIKiTJ2XYKZSVrSm90l1o3XcwSbRUwJbGjlrjDD_keJkFc5MOsurCzry_ERzlerjFni-0J-ulrCqk7skSDFcyKr6pOa_kb96UNEwr4-kSv2_djKyPyQLDkOT1yKAt0tCkeJpm6Grhg7FiA5LfWxR9rJ8OvIM-WSWiwtNjeG628gIVONbj4DJXs7xL3axFk6WCw0c9jl_SpZPUil6Wafv6tuICAliaH9vOFbNNSSWEayy0X4qAoB5bOY6tD5VrGrRMkOJfTf64kSHy1_cbqq39ZSUcOPhlQTsXZZ7XLHSQ1rI7Ta2JqmcqnrcHJde7IfEEQrgpL0hCkESgAvUzgIHbEhAhOlPiS4C22fZPdEPIVfSiSZFCWP3pRSAcLfjS4AMbmTLCMSsTjAPdAHo4fa4S5gU57rSZIJNecQLHn1JRfkZTBN_FziMLM7rTvxN3MHbeoEv93TGzPmSP7lUS44BIA4IM0JmSwe8j0wn4L5nOMfHWX2zUCoQoJihixf7aNl6LwDecfPJKOvTVKk7XlLaNGLLAXCUZXHYFKaBuH8P3_xw_GhPDgZYZkQ5mytWFQw-hG9DgHDzLrgJG0l2EAQpOwdc0PMeP8tyoTpfqCjfIwUKVGOIsh6QJ8dSzq76erakOT-v-JEvcT250D8W43imNPk4Z39laX7VBBMH9iHTcD8U4LdiczNYx_TZ-4M&cid=CAQSPABpAlJWZmW2GyYITDHbHBKaStvGhNEqqStI031qFJ-_r-9iRD4wXP4TirUhu2fDnnFd6GRSGIaubZl5eBgB&dv3_ver=m202307240101&rfl=https%3A%2F%2Fwww.dailydaily-up.com&ds=l&xdt=1&iif=1&cor=13028487355647132000&adk=1930376201&idt=109&cac=0&dtd=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 23:37:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 36916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4196
x-xss-protection: 0
server: cafe
etag: 15907914729094346842
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 23:37:22 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/ Frame C94F 30 KB
11 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230816/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 14:24:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70067
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11536
x-xss-protection: 0
server: cafe
etag: 2200807439755941123
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 01 Sep 2023 14:24:51 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C94F 41 KB
13 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 13:42:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72630
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13692
x-xss-protection: 0
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 17 Aug 2024 13:42:08 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 99FF 1 KB
643 B 7ms
7ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 5784
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 08:16:14 GMT
etag: 48472445140208031
expires: Sun, 20 Aug 2023 08:16:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C94F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a752f8106cb345b9c97a6ba4a5de223c067abadf16d9834e00ba848043aa3bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15874828848628604197/ Frame 74EB 673 B
438 B 31ms
16ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bc147189922e69bb8162e64a86b223280ad3549a743ada86b5ee06eb6dbe133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 410
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:38 GMT
expires: Sun, 18 Aug 2024 09:52:38 GMT
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D47 0
0 88ms
51ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvU5e_r96QjsIdBShWz83ah4G7WllSTK9lkurUE87vRiD2rOXt9kCZ4WQ5-M_pXV3hpCZlouluIRob1BYddT8AsVRmVRauq9wmH1_fhC-ui3HGQjrsJ_cHqr5Hf0NFtDpBPrriAktsaJrpC-XsQfI0ktbWsS1OypFHoPNh9zzkLhF8klw-liap3xUMD73glk5wH4kFNRyy7qaN9GkI3yeUSFNZ75r8Xws2u57VVlP7zkIQ9ObsxlgSnVTTQvjSbESy00slLJPxhNJW0wcskrIawbeURRikOoey4_geYYX5xnnKNX5-pAVr3GhTSdH9_NQnwPwRq34w8GCgJXlU2hur8TVc5Z_pPJ7jhSueX5VK69seLV3-oQQ5nVSj-dsVFGKXUaYCTwIRgOa103d0oZJS8jT8yACbnv6O-Ufh5MNwuMpLOg5fm3n-DxKcEaKEJUWZZZ1ffKVoswvTOU94Uh1SUGSPagSv2YJUwISu1DfXSLZ7HWqBM4-yD37Y0Re0wNat23s4VCU5kPFln0GAEHb7gqYXZqLFcmCaZT_8ptgrVWqOk3MuF1SpMtb_wad7OolHnjNqOZiBi3KuyzzSkUWuFOVNtFLXE7jMjq8T0R-L49kqpQoohZkCjFOsrf7GdWeaTWedzOjAERsyX_HdC4zPP5QlHtXvqlPDuwhpzFu0o8eYuhINHteXgUXBPcBo0P2_0UuykmKptq4de0F-ljg08YdxeRq0s4INxHUKvMD1aDUVskLs4J4mXODBSBp8s5S95nf21rItZzfcKj8jRzQr50RNaGWYcO5RZO5mHF9-bm2k6M8cptpT5ocwwDAqN0_CK1nx3bljwDy-6dDFRX7eGpIcoHxML_h4CIh6X2KhHfRi92Xj5dgyZO38zAT6vetUR7IzmJTXNftTn5EokPDkgy99jpsg_74HCvZWIpGUaEkrLlSJa0GL9EyAHq_5R89c3i3GYXA9I6XFwud0bE8_FnleGeRS3GUVl8d6YHPosHJL0n8HMv2oJemFajm4ThsGfaxuo0gNlQjY8QS7fp0fcIVbOFnjteec8wDiPaWg88IG342e7h8O5WdJ34jKLi32To63YCLJTvpK6Lwe2CPdhWLvzHVlYj-h0GqniS_69nEwOT7TfjLLCP6JE09IhUhnLg9NP-0IkOckBvcifP5jArQ9w_jaKM6qX8nOwjSfH-8KzvF84nPXFQBNmLZLsuWeP6JvW3JB4uXSbY25sMlvyVpPP3zkrClRY7V8xJkAYMbrleOCAeFwOVHTsL6YWWqYAlLMAoa3lx1vkjSgfQRjnH4cgeVGrCFiC9f3zIsVhxdwrsQ4g9S_I5Jc&sai=AMfl-YRFgs19pb6jycDTock1Y714xJ8iRstaiyKOLFup4ioRusaafLUEUY7mSFZfeLUC1TK0lIIxEOMZ2rV1ry5U5KTeEq8BRsklfc1orQyGWtt7JE4w3cl0DQimXGap7NvpZeVSCwg9eoc-BUHKY5veykCLZ3pQccW7iBwe2yrnrCvdep95Y_rOgX03ZNtahefPXVcb1viyYg6WbQ-MK_g2lI9gNHrin-fGvl5UlPSMKu-3GZtDJkn0fdRCJHsorkpmRbdM7CE&sig=Cg0ArKJSzE94SnipfUUjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=122&cbvp=1&cstd=112&cisv=r20230816.75739&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:38 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/15874828848628604197/ Frame D16C 673 B
438 B 15ms
15ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bc147189922e69bb8162e64a86b223280ad3549a743ada86b5ee06eb6dbe133

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 410
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 19 Aug 2023 09:52:38 GMT
expires: Sun, 18 Aug 2024 09:52:38 GMT
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C94F 0
0 70ms
52ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVjuHNUAV4SGjtVMofG7S05iZXGvJsbKGCxPGBWOb3XrpTl8HEWnuu86os8l1uP-IBeZ6TfNx0rtmiVCCaa8tvtw7ScZxrtVfc0_i7t0o2Pn4zkr4IrE24Dg3ccgXliglR5Rke-1OMPysRgqsPGpQVFP7PbtUk7dOqlQSZq7vHMWhJyrXKTcj1icWRsjKo85_TJOjaGlpnwzbaJC2p5H_voPWUHDVbpvbagxuAjS_2RTnDuZxFS3H7xu0zB8Y5YQfgZZibEX7Jr3RUnlhX2O5CqS6-FLnGZUQUgPx8DJlZfxpWglEM4sTqrc9i1JJh_TmDJmtXDltCdjkW9JI1VNao7ypGIfgMZBz_YUXlAifPbJoyr8_nq18aDJp3XAwyWz-_o98BAfHHhk7TmOVcR1oUzhHtdGUi8KPhO2_MVLecOEFNK8Fr2JgsiQ7CJd5H9QQVguY6UlPiHmTZMc3abZAS4cG0U8an8R4IG1BT4c0_ngYK1F-LUdFM6tPfl5QFrtMjEvBQ-mpuoKoOH_AWFUhOHC91gEQC67HC_A_pS9YGtl1onOrAdTYetJjpA2xcIyGU5rzEH0TsPlnAh1I2yh-Y5JORgt6iLbFRcAmEpPKzVqNhc7RSit1aWhkG57SGntAIUMdFKg5s3GlCez3kfHZ00cl0jYYd7Jp4BFOF7rxXYn2Un-lJ_vdatXLRWFC3Ntwex2QpINUkGyB642Xx3n614VjE4gyqVvLyGySPhLTOEKg_2jN0ugJwHfpzakCV_LKBohxAI7Wr1QaWgK6g8WzKbaHcTI28PVLvPS8Fz15SO0VaBq-t5Udcs0KxYF2Kb_CWfLILPmPWfhUtMntDUWbrwK92dUalwKKak8X8nWdEUwoQMJXGbELwf7uPr4erpGsv6hElzBXTCITwzj8-BmUcYEeoxJcaRz8CzNLyFdNQzdhG3lMxubKwqY461EgzyQVirgAXftCD9GRjn5rUViEGGN2Btbtn9i9xQwnLCunRKPA1KihxD6BQk2CHYrIAqmP9PIZoxLx1fuIxof1LXYu3lsskGHduEYrnHCwFXxjeccHvbZ-ZremVouBNL5kBjQX5lCSenJC1c3ApKC-hPxLEiIwy5KoIHShGUxd8uDDPx411bX5XrMjYd8_oNdMk1bibEnAcU-TvvsFiEH3NTHkCmhNDU8MBmKKXLWB-lk2XtwL52WDAVbLC55WR9UlNbrJgDYkknjyNzQ6zAJUADE9UwGmBTkIKcAgERueZFGCcuKpwvQBSoRULg5XUiye2J7bgIe6qdDA9aKcpbI877XGxxK6iX03SnLToXDJCNFPZMD_khwAdcFglU48&sai=AMfl-YQWzwiOAywM9qDlanfVOfTm1GBvsNBiVy9iH-Dga5NstHRlm1lzMHSM91w8j_7B50RurTTn_ly0QCX9W-IPNCepHmrJZBQs21aM6nm8WJnUuNIMhPZ-CLDqvnkkPZYmWWWgYy6EF0Rj5tTBXamcPbydiCmLbA5iRA8aYcHg_DYnk8RD8ixv27FilDhcBQesLeM7qdBOTEwrXn7vQovNnMoGLsHCvc2K1BRN3IMoxwY_dm7m6-QJbgRj0cK8Gs2HMDcAPOw&sig=Cg0ArKJSzLEKYmsQiZ3cEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=81&cbvp=1&cstd=74&cisv=r20230816.56285&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
cache-control: private
access-control-allow-credentials: true
timing-allow-origin: *
expires: Sat, 19 Aug 2023 09:52:38 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 2A62 37 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B5DC 22 KB
8 KB 9ms
9ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 57413
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 18 Aug 2023 17:55:45 GMT
expires: Sat, 17 Aug 2024 17:55:45 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame 74EB 120 KB
41 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 07:39:37 GMT

GET
H3 200 template-43bf74fd.js Show response
s0.2mdn.net/sadbundle/15874828848628604197/ Frame 74EB 40 KB
14 KB 14ms
13ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13999
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 04:59:15 GMT

GET
H3 200 index-09647504.css
s0.2mdn.net/sadbundle/15874828848628604197/ Frame 74EB 4 KB
1 KB 12ms
11ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 10:48:42 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99FF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEGX7eWCQC2Dq_vcParlr5JA&google_cver=1&google_push=AXcoOmRjrBfhaCRCrZ6oDGYxksxtHJM8e-ufxutsV6SHcHQTIfSntRuw0zCjvKoG7jdDj0pOcp_gmR2WlqgkYjrg...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRjrBfhaCRCrZ6oDGYxksxtHJM8e-ufxutsV6SHcHQTIfSntRuw0zCjvKoG7jdDj0pOcp_gmR2WlqgkYjrgfWbt86WsDGr8OA

170 B
188 B

19ms
19ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRjrBfhaCRCrZ6oDGYxksxtHJM8e-ufxutsV6SHcHQTIfSntRuw0zCjvKoG7jdDj0pOcp_gmR2WlqgkYjrgfWbt86WsDGr8OA

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 19 Aug 2023 09:52:38 GMT
Server: MT3 1031 59fd23a master cdg cdg-pixel-x28 config_version:"1438"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AXcoOmRjrBfhaCRCrZ6oDGYxksxtHJM8e-ufxutsV6SHcHQTIfSntRuw0zCjvKoG7jdDj0pOcp_gmR2WlqgkYjrgfWbt86WsDGr8OA
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 19 Aug 2023 09:52:37 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 99FF 70 B
265 B 101ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEIqCPmcLEBu3Y5mPe1gzvXs&google_cver=1&google_push=AXcoOmSfSNSX1Xjik3l6cnP2FDeZeMvhMLHO_AG17xCDNk9QSQ-hlDaykLKtP3uVOlZdKX1fBWI3RVLSDH_1mQ5dz2WerZAjYtkxtQ
Requested by: Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99FF
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEAj_eq5ApGPIdPxSR_hltlU&google_cver=1&google_push=AXcoOmSGXpJVW7kzByMWsrnqR_uuqJLrzyQGwyB-PqAUw3CQGIpG3hlCAQkRkuShA91MviPrCCH1pi7ci7LLuo...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODk2OTExNjA5NTkzNjY2Mw%3D%3D&google_push=AXcoOmSGXpJVW7kzByMWsrnqR_uuqJLrzyQGwyB-PqAUw3CQGIpG3hlCAQkRkuShA91MviPrCCH1pi7ci7LLuoAffi...

170 B
188 B

22ms
22ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODk2OTExNjA5NTkzNjY2Mw%3D%3D&google_push=AXcoOmSGXpJVW7kzByMWsrnqR_uuqJLrzyQGwyB-PqAUw3CQGIpG3hlCAQkRkuShA91MviPrCCH1pi7ci7LLuoAffiliL4vmmkimbg

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzI2ODk2OTExNjA5NTkzNjY2Mw%3D%3D&google_push=AXcoOmSGXpJVW7kzByMWsrnqR_uuqJLrzyQGwyB-PqAUw3CQGIpG3hlCAQkRkuShA91MviPrCCH1pi7ci7LLuoAffiliL4vmmkimbg
Date: Sat, 19 Aug 2023 09:52:38 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 99FF 43 B
362 B 17ms
15ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmRjZIejkLmGyNbb_B5dOGfKtEV0DG0qZfQ-C7k6tl0XEOWywlnMAhM3JTYWJ6qRQ8HWu6YmLjBbbP4IcJ-aFwBXGiWdzTQ0vA&google_gid=CAESEF25w9PgcFttXL6rxyOrOAs&google_cver=1

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:37 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 196947
expires: Sat, 19 Aug 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 99FF
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGDrsKUj7DT4rc9oNnmXhG0&google_cver=1&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3kRracEIbzmHJc8B6WpJPIAQhF_Q0f_HYadr...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3kRracEIbzmHJc8B6WpJPIAQhF_Q0f_HYadrw...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MDUxNzE0Njg0NjExMTE2MTI2&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3k...

170 B
188 B

18ms
17ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MDUxNzE0Njg0NjExMTE2MTI2&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3kRracEIbzmHJc8B6WpJPIAQhF_Q0f_HYadrw7Ww

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjQ2MDUxNzE0Njg0NjExMTE2MTI2&google_push=AXcoOmTa3p8jrB1-jV27wSEYsuE8qJgwXBB8al182azJ_ITvEwrX1jhECPYLA_3kRracEIbzmHJc8B6WpJPIAQhF_Q0f_HYadrw7Ww
date: Sat, 19 Aug 2023 09:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58281/ Frame 99FF 0
125 B 71ms
40ms Image
text/plain 3.71.149.231
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEOJFpJJphx4DdvYcNsAD0n4&google_cver=1&google_push=AXcoOmRXVgMrEcemV9zjX_sEXf3uc8DQHa1eyW0On_IXfuIn1tol0Ehu5NJyF5cfB7XvHGUB2YpIPHlQM6Ibnbi-ti9pFn8efGsoc48

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-71-149-231.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.75 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.75
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25
x.bidswitch.net/check_uuid/ Frame 99FF 43 B
145 B 10ms
9ms Image
image/gif 35.156.208.169
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/check_uuid/https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dthe_mediagrid_eb%26google_hm%3D%24%7BBSW_UUID%7D%26%25%25GOOGLE_PUSH_PAIR%25%25?google_gid=CAESEK3-vsWKFl2yZsnGXldjdAw&google_cver=1&google_push=AXcoOmQRGRBgUFbsmjLpLnqn1QMf11E21upAtrqV5nmNkAxKHO-FQ13vNgH_Fy86bjkGAjP0MIBc3JQ7PhIjyvTkpmKvYw9KpAO4evM
Requested by: Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.208.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-156-208-169.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 99FF 0
12 B 16ms
15ms Image
text/html 172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I-5uZLyi-nxdPSUWYxFQXv45hzQ1mjIEy6Ka4cqMlOxdNBWLhwiuzmCLCEyMBhDz6OoCgbzfg

Requested by

Host: 269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
URL: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 Enabler_01_250.js Show response
s0.2mdn.net/879366/ Frame D16C 120 KB
41 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_250.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 07:39:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7981
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42247
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 21:28:42 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 07:39:37 GMT

GET
H3 200 template-43bf74fd.js Show response
s0.2mdn.net/sadbundle/15874828848628604197/ Frame D16C 40 KB
14 KB 14ms
10ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:59:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17603
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13999
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 18 Aug 2024 04:59:15 GMT

GET
H3 200 index-09647504.css
s0.2mdn.net/sadbundle/15874828848628604197/ Frame D16C 4 KB
1 KB 13ms
10ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Tue, 15 Aug 2023 10:48:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342236
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1375
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 14 Aug 2024 10:48:42 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B5DC 37 KB
14 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 2D47 0
0 46ms
46ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvU5e_r96QjsIdBShWz83ah4G7WllSTK9lkurUE87vRiD2rOXt9kCZ4WQ5-M_pXV3hpCZlouluIRob1BYddT8AsVRmVRauq9wmH1_fhC-ui3HGQjrsJ_cHqr5Hf0NFtDpBPrriAktsaJrpC-XsQfI0ktbWsS1OypFHoPNh9zzkLhF8klw-liap3xUMD73glk5wH4kFNRyy7qaN9GkI3yeUSFNZ75r8Xws2u57VVlP7zkIQ9ObsxlgSnVTTQvjSbESy00slLJPxhNJW0wcskrIawbeURRikOoey4_geYYX5xnnKNX5-pAVr3GhTSdH9_NQnwPwRq34w8GCgJXlU2hur8TVc5Z_pPJ7jhSueX5VK69seLV3-oQQ5nVSj-dsVFGKXUaYCTwIRgOa103d0oZJS8jT8yACbnv6O-Ufh5MNwuMpLOg5fm3n-DxKcEaKEJUWZZZ1ffKVoswvTOU94Uh1SUGSPagSv2YJUwISu1DfXSLZ7HWqBM4-yD37Y0Re0wNat23s4VCU5kPFln0GAEHb7gqYXZqLFcmCaZT_8ptgrVWqOk3MuF1SpMtb_wad7OolHnjNqOZiBi3KuyzzSkUWuFOVNtFLXE7jMjq8T0R-L49kqpQoohZkCjFOsrf7GdWeaTWedzOjAERsyX_HdC4zPP5QlHtXvqlPDuwhpzFu0o8eYuhINHteXgUXBPcBo0P2_0UuykmKptq4de0F-ljg08YdxeRq0s4INxHUKvMD1aDUVskLs4J4mXODBSBp8s5S95nf21rItZzfcKj8jRzQr50RNaGWYcO5RZO5mHF9-bm2k6M8cptpT5ocwwDAqN0_CK1nx3bljwDy-6dDFRX7eGpIcoHxML_h4CIh6X2KhHfRi92Xj5dgyZO38zAT6vetUR7IzmJTXNftTn5EokPDkgy99jpsg_74HCvZWIpGUaEkrLlSJa0GL9EyAHq_5R89c3i3GYXA9I6XFwud0bE8_FnleGeRS3GUVl8d6YHPosHJL0n8HMv2oJemFajm4ThsGfaxuo0gNlQjY8QS7fp0fcIVbOFnjteec8wDiPaWg88IG342e7h8O5WdJ34jKLi32To63YCLJTvpK6Lwe2CPdhWLvzHVlYj-h0GqniS_69nEwOT7TfjLLCP6JE09IhUhnLg9NP-0IkOckBvcifP5jArQ9w_jaKM6qX8nOwjSfH-8KzvF84nPXFQBNmLZLsuWeP6JvW3JB4uXSbY25sMlvyVpPP3zkrClRY7V8xJkAYMbrleOCAeFwOVHTsL6YWWqYAlLMAoa3lx1vkjSgfQRjnH4cgeVGrCFiC9f3zIsVhxdwrsQ4g9S_I5Jc&sai=AMfl-YRFgs19pb6jycDTock1Y714xJ8iRstaiyKOLFup4ioRusaafLUEUY7mSFZfeLUC1TK0lIIxEOMZ2rV1ry5U5KTeEq8BRsklfc1orQyGWtt7JE4w3cl0DQimXGap7NvpZeVSCwg9eoc-BUHKY5veykCLZ3pQccW7iBwe2yrnrCvdep95Y_rOgX03ZNtahefPXVcb1viyYg6WbQ-MK_g2lI9gNHrin-fGvl5UlPSMKu-3GZtDJkn0fdRCJHsorkpmRbdM7CE&sig=Cg0ArKJSzE94SnipfUUjEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=223&vt=11&dtpt=101&dett=3&cstd=112&cisv=r20230816.75739&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 09:52:38 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C94F 0
0 44ms
44ms Fetch
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstVjuHNUAV4SGjtVMofG7S05iZXGvJsbKGCxPGBWOb3XrpTl8HEWnuu86os8l1uP-IBeZ6TfNx0rtmiVCCaa8tvtw7ScZxrtVfc0_i7t0o2Pn4zkr4IrE24Dg3ccgXliglR5Rke-1OMPysRgqsPGpQVFP7PbtUk7dOqlQSZq7vHMWhJyrXKTcj1icWRsjKo85_TJOjaGlpnwzbaJC2p5H_voPWUHDVbpvbagxuAjS_2RTnDuZxFS3H7xu0zB8Y5YQfgZZibEX7Jr3RUnlhX2O5CqS6-FLnGZUQUgPx8DJlZfxpWglEM4sTqrc9i1JJh_TmDJmtXDltCdjkW9JI1VNao7ypGIfgMZBz_YUXlAifPbJoyr8_nq18aDJp3XAwyWz-_o98BAfHHhk7TmOVcR1oUzhHtdGUi8KPhO2_MVLecOEFNK8Fr2JgsiQ7CJd5H9QQVguY6UlPiHmTZMc3abZAS4cG0U8an8R4IG1BT4c0_ngYK1F-LUdFM6tPfl5QFrtMjEvBQ-mpuoKoOH_AWFUhOHC91gEQC67HC_A_pS9YGtl1onOrAdTYetJjpA2xcIyGU5rzEH0TsPlnAh1I2yh-Y5JORgt6iLbFRcAmEpPKzVqNhc7RSit1aWhkG57SGntAIUMdFKg5s3GlCez3kfHZ00cl0jYYd7Jp4BFOF7rxXYn2Un-lJ_vdatXLRWFC3Ntwex2QpINUkGyB642Xx3n614VjE4gyqVvLyGySPhLTOEKg_2jN0ugJwHfpzakCV_LKBohxAI7Wr1QaWgK6g8WzKbaHcTI28PVLvPS8Fz15SO0VaBq-t5Udcs0KxYF2Kb_CWfLILPmPWfhUtMntDUWbrwK92dUalwKKak8X8nWdEUwoQMJXGbELwf7uPr4erpGsv6hElzBXTCITwzj8-BmUcYEeoxJcaRz8CzNLyFdNQzdhG3lMxubKwqY461EgzyQVirgAXftCD9GRjn5rUViEGGN2Btbtn9i9xQwnLCunRKPA1KihxD6BQk2CHYrIAqmP9PIZoxLx1fuIxof1LXYu3lsskGHduEYrnHCwFXxjeccHvbZ-ZremVouBNL5kBjQX5lCSenJC1c3ApKC-hPxLEiIwy5KoIHShGUxd8uDDPx411bX5XrMjYd8_oNdMk1bibEnAcU-TvvsFiEH3NTHkCmhNDU8MBmKKXLWB-lk2XtwL52WDAVbLC55WR9UlNbrJgDYkknjyNzQ6zAJUADE9UwGmBTkIKcAgERueZFGCcuKpwvQBSoRULg5XUiye2J7bgIe6qdDA9aKcpbI877XGxxK6iX03SnLToXDJCNFPZMD_khwAdcFglU48&sai=AMfl-YQWzwiOAywM9qDlanfVOfTm1GBvsNBiVy9iH-Dga5NstHRlm1lzMHSM91w8j_7B50RurTTn_ly0QCX9W-IPNCepHmrJZBQs21aM6nm8WJnUuNIMhPZ-CLDqvnkkPZYmWWWgYy6EF0Rj5tTBXamcPbydiCmLbA5iRA8aYcHg_DYnk8RD8ixv27FilDhcBQesLeM7qdBOTEwrXn7vQovNnMoGLsHCvc2K1BRN3IMoxwY_dm7m6-QJbgRj0cK8Gs2HMDcAPOw&sig=Cg0ArKJSzLEKYmsQiZ3cEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=180&vt=11&dtpt=99&dett=3&cstd=74&cisv=r20230816.56285&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 19 Aug 2023 09:52:38 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 74EB 7 KB
6 KB 53ms
53ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02e63c7057c42284ec950828aacaea80e210275ff429feea8cf140aa5df4ea5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5721
x-xss-protection: 0

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 74EB 28 KB
28 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:41 GMT
x-content-type-options: nosniff
age: 11877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 06:34:41 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame 74EB 2 MB
2 MB 12ms
11ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:18:09 GMT
x-content-type-options: nosniff
age: 20069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 04:18:09 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 74EB 4 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame 74EB 5 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame 74EB 2 KB
1 KB 10ms
9ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:56:59 GMT

GET
H3 200 congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame 74EB 2 KB
1000 B 10ms
9ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 974
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/15874828848628604197/ Frame 74EB 5 KB
2 KB 11ms
10ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/logo-d0d80991.svg

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 15:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 15:26:08 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1CBE 0
0 111ms
111ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=2133539460467170&bg=!39yl3IjNAAZGPLJIZjw7ADkAdvg8Wl7TvOxVTVKZkm9ppKEYG-FjGpTAQMwjXmed4qu-FiIWPkk6TtlfGK61afd1btXsKa8Wb4gCAAAAilIAAAAGaAEHmQMQZLRywHriOLG0kR2P_HOGyz3XIjyuZWNmdvYeV9lMtSzTKG2hDyP-OdedRWwELSSc8h_OZjhAaVK81H6q9Pcj97OCFafh93ABdZJvx1RpyEEa_raC-tXC7gScxRl-HmTCk2-6nLKWTBQGuXOju034_G1EwJajPrcplr1kkmgPyiePtaSftSzqLJ-NoeNnNgAzYOOMT5DshKlEOrC7dotMgj_00gWuSsYuYgCDYlqxaUDW70wGkhpTNn0VtPP8xVT8w-yWxPPU1iRlXl8ncgUWaltUSbdAfF_QB0W6gkYYrpVvX_veO6F0Pl4e_h4ZQnhzSfnwlSAVmfod2DH6UfW2GshvAf23iC0BFB0h1Cejd7DlxSx49JggwT_sjDTOAQyBxad5HoacTe8udbSjf7-DDmm17y66fwCUJUwdCzWuw3YyIsxkUpiKNt-WXgjA3RVAycRF3Zke3NCaz8sv90z7uwcjZA2HNV-xBZG2eZGh7hbtA2JVC9CExlsRsfCK-R-eyx1XFFxzWW6Fwqiiy-GupmQE7ekt0rrVJBXRymhkz-ocAGStBuqkoniFAGdPmNW2tOb3-AusrEwKM2g6TUOsARmQsi57adiuKQfplfTSuLFTQh1lS2o1kalnHlPfGgzDzK5ANdetdQBrlk7b7GacuEh3P-4VnIlcAFsdztZrHnSUigEDUz22iNiwnk8vqJxA4pb1mjyx9ufMx2vKtyhHXX64379QvomSGmG6RYsG0qgAyKe_uGvafxTWZA9YZCnfC7gkwAKMaQ3N18xamxoGHKOGYoB_OIYtMWwqjDrdWfbbHOTNpBuSWXLM_awyvrDFi_oRypNG3lWh9Y1h3NidsOndJCdR7x2w_0yo1uBAF0fRxbSEQyusL56_2KBtluj0XzRpO4wCu72botiGmdcq30KFSxW57sVz9qx1ZAy1Nm-_hvxnRjciG_viOI5k1a1uSq8thXeNqcDeCpvOdznfca5_kfQ_SkDk-wMdEBhty-zwKS3dcn9U7MDIdpyREQaW6g83AE_DfcbY-5Q7MYM44Q
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame D16C 28 KB
28 KB 16ms
12ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:41 GMT
x-content-type-options: nosniff
age: 11877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 06:34:41 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame D16C 2 MB
2 MB 17ms
13ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:18:09 GMT
x-content-type-options: nosniff
age: 20069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 04:18:09 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame D16C 4 KB
2 KB 18ms
14ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H3 200 logo.svg
s0.2mdn.net/4528404/1687521602712/ Frame D16C 5 KB
2 KB 19ms
15ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687521602712/logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:00:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H3 200 cta_mit-pfeil_01.svg
s0.2mdn.net/4528404/1687937402098/ Frame D16C 2 KB
1 KB 19ms
15ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687937402098/cta_mit-pfeil_01.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:56:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14139
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1134
x-xss-protection: 0
last-modified: Wed, 28 Jun 2023 07:30:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:56:59 GMT

GET
H3 200 congstar-stoerer_gb-plus_small.svg
s0.2mdn.net/4528404/1687525202075/ Frame D16C 2 KB
1000 B 19ms
15ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202075/congstar-stoerer_gb-plus_small.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 974
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D16C 7 KB
6 KB 58ms
54ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_250&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5cbe136f1ba8a98109b4d6daddd4babdf20b1a1f9a15dedfb9acd3c2a0d27abf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5698
x-xss-protection: 0

GET
H3 200 logo-d0d80991.svg
s0.2mdn.net/sadbundle/15874828848628604197/ Frame D16C 5 KB
2 KB 19ms
15ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/15874828848628604197/logo-d0d80991.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Fri, 18 Aug 2023 15:26:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 66390
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1913
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 11:52:58 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 17 Aug 2024 15:26:08 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 74EB 17 KB
6 KB 73ms
72ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Aug 2023 09:52:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4C25 0
0 112ms
111ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202308150101&jk=3412695746675140&bg=!lJell8PNAAZGPLJIZjw7ADkAdvg8WrdKkDLa1I_nWQBT8QvjddmJAoss8nVNnxcg8sUC0zsC3LIqfWs2uRRiz77MqM2PN3XbgHMCAAAAd1IAAAAFaAEHmQMHdtfWkwJJFcsL8fGU3m3Jic0LnL2MPnSmhMMWGejzVb2YAydQj8C3U1cw9fCw_0TaqguDRLfmqqWHULIDkvNLjiBFxX56r3cCJFRJiotQ6NxcXZ0gzmRieDNEJFqbFdSpaV60_j7a4kMsFYjMeHtjZTZuyqTrcIZJjK6mN11A-GVI_Vn4yc7kVE6-yAJTCADyzKt7R3lk-kbKEVvgye5GiZKQdkYcQn-bF6Em-EwBGHcWvNFP-E-qqFNNevae5zQrK5uwRsEhkliBGCYV_18Pgsd6PXicd2wffsnwtJIM_VFXzloU_y__8WIkqtnmhTsVMgVwf5ISXq9O3hF-9M3toc8Zjptaqtu9SZVOrR7-Wwz5hq2dOcYCWLtL2Rlsb4Ak7b9rzxrHoMgoN-EOA0Id0Oc6VQgJqLGTllbk4kwBPEcuWRN2gZJ-12dDShed9EEZPJv_MLvTscKr16RJa9j4CbCCEEWHLzTB1ivcyR_So7R3boMMtKTL286B0dHmAbN26nF9Mag_wDR8jacntzNhOdN69m2R1fzXT6xpWRYC2EQ9DhdcUvdCB1qsVEUfAcqyaxTF400L6W0byiTNjYUVRgpc1ZlIVni_naFa4Gqgu7JA98s87koATnn38gxVjNYdxkFsvrcYKiG9SKSjdUIoxQY2nuDzR4FStvpmc4Y51vY4itN7PZ69xqnHfnXfjawjVcUrWqadIR49gSALSJGmgtUegZrD5Qtlrn8SKAQsU0burahQ6ydlPWmAcfGIBUXwtLMabAs4iBR5g2uyLginiX7o1xqKDHGjw1FcQWVIGd3KTRBbbo9FMVz7kZjy-XE9O0k71QM7AWwiopFF2Jbo0FXRH82HIhtJmBHMnbYRoH29BlHrhi9Z0MLhl5Giij3P35Daefpb2QxdDUeelNt8z23ekmO-KCohZFHKCVl-kmanCjEwGiOimPdYzBm59wSoEu_zUuGXEhf8kjbk4dc7zBhdlBVbVpqmh0LwA6R4V9yOlZowIUk2ZR3T96jyEo8Pk8RIr1RJlw
Requested by: Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dailydaily-up.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 74EB 14 KB
14 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:39:18 GMT
x-content-type-options: nosniff
age: 800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Aug 2023 09:54:18 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame 74EB 28 KB
28 KB 9ms
7ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:44:49 GMT
x-content-type-options: nosniff
age: 469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Aug 2023 09:59:49 GMT

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame 74EB 28 KB
28 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:41 GMT
x-content-type-options: nosniff
age: 11877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 06:34:41 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame 74EB 2 MB
2 MB 8ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:18:09 GMT
x-content-type-options: nosniff
age: 20069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 04:18:09 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame 74EB 4 KB
2 KB 8ms
8ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=FyeaizWrpB&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H2 200 dc_oe=ChMIuc7f17nogAMVS9wRCB1CQQSkEAAYACC3mOVcQhMI4abC17nogAMVZlgdCR1ODwRM;stragg=1;&timestamp=1692438758369;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame 2D47 42 B
401 B 93ms
52ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIuc7f17nogAMVS9wRCB1CQQSkEAAYACC3mOVcQhMI4abC17nogAMVZlgdCR1ODwRM;stragg=1;&timestamp=1692438758369;str=nextSlide;strtype=1

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D16C 17 KB
6 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_250.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:52:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Aug 2023 09:52:38 GMT

GET
H3 200 06232023-053002206-background_quadratisch.png
s0.2mdn.net/4528404/ Frame D16C 28 KB
28 KB 7ms
7ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/06232023-053002206-background_quadratisch.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:34:41 GMT
x-content-type-options: nosniff
age: 11877
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28774
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 06:34:41 GMT

GET
H3 200 annick_sitzend.png
s0.2mdn.net/4528404/ Frame D16C 2 MB
2 MB 8ms
8ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/annick_sitzend.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 04:18:09 GMT
x-content-type-options: nosniff
age: 20069
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2539328
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 12:30:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 04:18:09 GMT

GET
H3 200 InterstateCondensedBlack.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame D16C 14 KB
14 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensedBlack.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:39:18 GMT
x-content-type-options: nosniff
age: 800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14644
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:06 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Aug 2023 09:54:18 GMT

GET
H3 200 InterstateCondensed.woff2
s0.2mdn.net/creatives/assets/4925812/ Frame D16C 28 KB
28 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/4925812/InterstateCondensed.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index-09647504.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 09:44:49 GMT
x-content-type-options: nosniff
age: 469
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28596
x-xss-protection: 0
last-modified: Mon, 26 Jun 2023 09:13:02 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Aug 2023 09:59:49 GMT

GET
H3 200 congstar-stoerer_gb-plus_full.svg
s0.2mdn.net/4528404/1687525202405/ Frame D16C 4 KB
2 KB 9ms
9ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4528404/1687525202405/congstar-stoerer_gb-plus_full.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/15874828848628604197/template-43bf74fd.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/15874828848628604197/index.html?e=69&leftOffset=0&topOffset=0&c=1LLz2g6C4U&t=1&renderingType=2&ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 05:18:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 16436
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1929
x-xss-protection: 0
last-modified: Fri, 23 Jun 2023 13:00:02 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 20 Aug 2023 05:18:42 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2A62 0
20 B 112ms
111ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDJTD5ZDgZPnHNsu4x_APwoKRoAoAAAAAOAHgBAI&bg=!-_il-KzNAAZGPLJIZjw7ADkAdvg8Wi_u-_jo8RGFz4iubT8VySRqNgnQqT76VBfLS63MRWaAbZzYEWU8OHhy7_YLINffirrakkkCAAAA4VIAAAAHaAEHmQNi9EC2ZrKkNmt1d4wKJKZXfR5Z8S_6lF9Qs18xKsD8NTOuur1O7AoRovmGT5WPllbWptvmL9xjpnWPDUWrMJLNcKS-SLINONZGdOMC_1fmt8-10T5xdEGcojxiPYMQuZtyMxxNaOrjyTBIkWNfBanbr-DTEDoW6XUAfKkSjAjt4Bqg-41O1m1-YuufJ-QN3H03vC34Okiu8oocxclJeCvV3FiqtXIUiJOrh6hjGPWCZjT_aZk78ZCAIJNvTGabOfkXSUIquZwdKNHheK4GqJgE3vza5fno90Yu4UL-DBIha5L5qUv8Fh693lm0XoyCI5d3dtiOS9cRqN2vbuPN2lHiVO0t3tSORuLD0idINqhef7zQ_hGkx9z1cmsmhj7NJzSUGYIR-F2WTZGgSKLvxYBQFfWrK0SfqQ8wUCRjiYKsGzqcAkkhbGYfnJbhcIWOlVC0nFuMcE4o01SVE6oJjI4CTeC5SkUdHKxt305Ng_h4PFb0FfQESE3KAFspbEedxmhG1b5k0nY4RGrtli7tW-xmsg0PYEkBpyAAmfevkWAv-JMrBOyACjLTUItA9QiAl3LYOSpqNfB4m94QBPSMIZ57qmCGbHUn_9pIJhBHvFvxCijbvEuaNEokfqEUJrZ2g-3zaawImDom9gKcN_npeNV-mrVFh6s7FRq6XEweYK9SpIV9SpP8OMuCyP2QcyHv9h2XDRWa4CXecbFWFNkRdqGRNBQY5FB4Fe-JpGRE952lT3ulf_FSn7B6zUebJraz_b3DGNXc6iwbmRJN5wMtKLj7CS2XC5cm1O6r98Po8GbHCO_uIPwLkrLI4cxQiYRkfY2SKg7TuT_tyuZvRlJtDHXIvbX-lf_7lej9_7oaAR6XpFW-CDybNqQrysp4zLdidtfaURtIokxCuTwinJgSnVs1WcnzikcI4KJRka2BtXMVIk3A-wqPf6jvXQiTxyPEnYnQ1aFBbnIEyhyFUi6durbB7R11zQ4Mnh70mZvpyJzFxY1f9kNOJzm9fgl0MmIvzyG5J9iqxXHqat5mxzH1glLGN6wUn8-APsve0YH3bgxfjJyUy94Htenqowut3etQsYzVMQgS4t-cr9DqZE0MVOlyFVFjFQPrrW7DcpDODJRk8oHi51gyVIiyJXG4cj1Da4eJ5eI

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMI3ZTj17nogAMVqNwRCB2DswuVEAAYACC3mOVcQhMIg4rG17nogAMV-1gdCR2NygpD;stragg=1;&timestamp=1692438758409;str=nextSlide;strtype=1
ade.googlesyndication.com/ddm/activity/ Frame C94F 42 B
107 B 53ms
51ms Image
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI3ZTj17nogAMVqNwRCB2DswuVEAAYACC3mOVcQhMIg4rG17nogAMV-1gdCR2NygpD;stragg=1;&timestamp=1692438758409;str=nextSlide;strtype=1

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame 41C1 37 KB
14 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 200 aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js Show response
pagead2.googlesyndication.com/bg/ Frame B29A 37 KB
14 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/aZrQl3reHFLrXxIU5jTX67bfpJTGr0dfi-1qyyEVSZQ.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

date: Sat, 19 Aug 2023 06:30:50 GMT
content-encoding: br
x-content-type-options: nosniff
age: 12108
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14741
x-xss-protection: 0
last-modified: Mon, 14 Aug 2023 12:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 18 Aug 2024 06:30:50 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B5DC 0
20 B 114ms
113ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B2ugT5ZDgZJ2OOqi5x_APg-euqAkAAAAAOAHgBAI&bg=!3d6l3orNAAZGPLJIZjw7ADkAdvg8WpkVHJuMylzFrM-mgyOX3lP_4BhCY0GpjmfcFK_9khKAagvwCF0Ul_s3Yfh1q3TkOX27RAkCAAAA9FIAAAAGaAEHmQNIR_62_ndqDNA21iCGWBNHRH2YtQxl6X88A8OmDFNEPJByAIGw_iGbTHq6N9URIAl6YrL_3GchHyoT0ZSZsHi9pJRIpbtBenjyZZ0A8Jcv9kBXiHLl5qZorzxlefSlgyaLPR6Kmq79-CE4qFY8EU0T8GE7POUMNjv7uqzBvv8O9HFljvlkMxbaa1p81DGO1CHVzbtbYip96MHPyCkKV31hmU-bTCae7MjpW4WZzjb-nKMEouXI_7PeQsxTbWnNEV2SAirSrjtq-TlSzADzIFJyqzZxVrvv6-N3eozVXLHpk3T1Wz9TZGiCqpvHHpI_rq5hI3HzxJByifBRycEghF6UH4cKw3h0BbFJ2HckbRC8cxrpmKTqAU18TBMBA4NiPmJfQ0mWuN61ytQhLiuHATSCcZTEAdNJE037_PGHvrrjZ8Ttr1dTWVtfj-1ZdjtcTMJqefv8sae2TXsquelOT1k3kH8txJws0kI92mmX9LxMb9XVo0huiGUFxriqsYyIbpwsZTJKdWv4xWz2MaQo8f_0cuMs-6YghTthFlQQcajc4OiSzfaGnewIbD1z_D99kzc4cQvZ8wm2JxYP40oOXSCz3NhIz3ib5tENE0EmDRnnXucZsLh4u6J-kIX4P0K-gs__V6-xX589hp3NkXTJQOH3t4hIc77nIHqfyGHMOXB5sXV8P6emHUSCH0Gq1dqWQR434E8vEoG4Y9i-PdD2eZy0Ouj_Z1Xd_UiZLmVulv6EbrDhiPLLBe4DXwTi0opdWylFeH4M7XUqB--0RoeASnT3ay-AjakzeY6pqIlo4vXbViekIWTmxKJWFr7YPQWn59tvbbMXqj2sm-MxiR4ZH4jgH7RQKQ3LBtqXGl13PmMlE6x5iVL4BYsGkRtxo8BAXbjororSOl_W3u-TLt9lYo47kftOxj6tKCG5aI4j7VecTNjthckovSGsJWdv6LFayHbJSLkL1hb8L-mtrA4BOzdMqiblpt4IycdwonCfeIZu_ZvF9VTdfI44GLem6ARc27d6NBuHkDllUTLnS8UO02X93uv61TbWYSpbaFp_vyfyd61hWBDRNRYt9ta4gC1SWv-9yIu90lv_AbpJ7kqlu2bIp9zfrJyILAl8

Requested by

Host: www.dailydaily-up.com
URL: https://www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09?fbclid=IwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:38 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2D47 0
20 B 106ms
106ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=3556422355693&version=m202307240101&ct=76&x=1&cor=17582745283610591000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C94F 0
20 B 105ms
105ms Ping
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=5605400741566&version=m202307240101&ct=76&x=1&cor=13028487355647132000

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.96 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Aug 2023 09:52:39 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fcm.holmesmind.com
URL: https://fcm.holmesmind.com/cm.php

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

45 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.dailydaily-up.com/	1970-01-20 23:28:54	Name: __gads Value: ID=8af1167fdde0a705-224cf5c355de005f:T=1692438754:RT=1692438754:S=ALNI_MarCMnjHluQCZmAYQM6GCue3xxHbw
.dailydaily-up.com/	1970-01-20 23:28:54	Name: __gpi Value: UID=00000c625c6aa8af:T=1692438754:RT=1692438754:S=ALNI_MYb99cp4gKF81KiUSJJJkuSRwoKkA
.dable.io/	1970-01-20 14:25:26	Name: _gg_ck_match Value: 1
.dable.io/	1970-01-20 14:25:26	Name: _nas_ck_match Value: 1
.dable.io/	1970-01-20 14:25:26	Name: _nh_ck_match Value: 1
.dable.io/	1970-01-20 14:25:26	Name: _gn_ck_match Value: 1
.dable.io/	1970-01-20 14:25:26	Name: _kko_ck_match Value: 1
.www.dailydaily-up.com/	1970-01-20 23:43:18	Name: dable_uid Value: undefined
www.dailydaily-up.com/	1970-01-20 14:07:40	Name: xxxsskguid2575 Value: 67ab3878-c63b-2d97-ccd7-b4de21363e3d
www.dailydaily-up.com/	1970-01-20 14:07:40	Name: lastlocation2575 Value: https%3A//www.dailydaily-up.com/doc_cnNyRFhTaFF3R3JzbFowdmxGOHRFQT09%3Ffbclid%3DIwAR2QV0V6guzOp-CZIsAHEUj7SYnQvWnREsexTM_dSagi94JKktv1uVNnJlQ
.dailydaily-up.com/	1970-01-20 14:08:45	Name: _gid Value: GA1.2.91696532.1692438755
.dailydaily-up.com/	1970-01-20 14:07:18	Name: _gat_gtag_UA_87942765_23 Value: 1
.dailydaily-up.com/	1970-01-20 23:43:18	Name: _ga_VCEDQQD6JV Value: GS1.1.1692438755.1.0.1692438755.0.0.0
.dailydaily-up.com/	1970-01-20 23:43:18	Name: _ga Value: GA1.1.1650045600.1692438755
.www.dailydaily-up.com/	1970-01-20 14:50:30	Name: _im_vid Value: 01H86KBY2QTTM4BMQW4DTX8YNP
.doubleclick.net/	1970-01-20 23:28:54	Name: IDE Value: AHWqTUml1J3ChYWm5W4o_nE_AHB3V-FBiCmncZYMZr28hGpV2bCtbO8PZWMWThAghI0
.googleadservices.com/	1970-01-20 16:16:54	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 14:07:22	Name: DSID Value: NO_DATA
.holmesmind.com/	1970-01-20 14:28:25	Name: Vision Value: 20230819-23:59,20230819-20,20230819-20,20230819-23:59
.holmesmind.com/	1970-01-20 14:28:25	Name: C Value: null
.holmesmind.com/	1970-01-20 16:32:16	Name: RK Value: null
.holmesmind.com/	1970-01-20 23:43:18	Name: P Value: 308811-xqc3J4r2JmU61jahZw7llnzxVqacXOwU
.holmesmind.com/	1970-01-20 14:08:45	Name: fcm Value: 1
.dailydaily-up.com/	1970-01-20 14:50:30	Name: CFFPCKUUID Value: 3004-9wmPClEPViKXIO3YF6TieW2b7nH3KTfL
.dailydaily-up.com/	1970-01-20 14:50:30	Name: CFFPCKUUIDMAIN Value: 7864-5K5uALkU3KfkgJgEtHNyIV3zfaEXlbAK
.dailydaily-up.com/	1970-01-20 14:50:30	Name: FPUUID Value: 7864-88412bc972ad8e2801929482845a4d2215f1171d8f99235292b8cb70ed2c195b
.hinet.net/	1970-01-20 23:43:18	Name: uuid Value: f1a9c5b2-1497-4f5c-97df-9577534f13b6
.lndata.com/	1970-01-20 22:53:23	Name: admckid Value: 2308191752351315141
.dailydaily-up.com/	1970-01-20 22:52:54	Name: __htid Value: f1a9c5b2-1497-4f5c-97df-9577534f13b6
.dailydaily-up.com/	1970-01-20 14:07:22	Name: _ht_em Value: 1
.c.appier.net/	1970-01-20 22:52:54	Name: _auid Value: BiEsbaYoDK2n04P95ZDgZA
.casalemedia.com/	1970-01-20 22:52:54	Name: CMID Value: ZOCQ5Z18pToesMMC9QgsawAA
.casalemedia.com/	1970-01-20 16:16:54	Name: CMPS Value: 1205
.casalemedia.com/	1970-01-20 16:16:54	Name: CMPRO Value: 1205
.adnxs.com/	1970-01-20 16:16:54	Name: uuid2 Value: 8533761477818299074
.adnxs.com/	1970-01-20 16:16:54	Name: anj Value: dTM7k!M41.D>6NRF']wIg2E?gI9G9d!@wnfH8K6pQK`!5=E<*L5?%M>7TjM2hj9Tu2^]_Hl!ETA7nBxp??lbYZ[HZ/%nugO%v4VB%nma8)qf6V
.doubleclick.net/	1970-01-20 18:26:30	Name: APC Value: AfxxVi6w0RzMmK7gunJ7rd86aFj0yah83E1kSf9oMN88JmNN5Kr9ZA
.w55c.net/	1970-01-20 23:38:59	Name: wfivefivec Value: dXa7i1P91QxiDk5
.mathtag.com/	1970-01-20 14:50:30	Name: mt_mop Value: 4:1692438758
.adform.net/	1970-01-20 14:51:57	Name: C Value: 1
.w55c.net/	1970-01-20 14:50:30	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 15:33:42	Name: uid Value: 6488779512620785145
.3lift.com/	1970-01-20 16:16:54	Name: tluid Value: 246051714684611116126
.adfarm1.adition.com/	1970-01-20 16:16:54	Name: UserID1 Value: 7268969116095936663
.turn.com/	1970-01-20 18:26:30	Name: uid Value: 2767103139460630241

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

269371dc273df2b32045b177fe1693ad.safeframe.googlesyndication.com
615af3a30eec362c4885b98a1302adf0.safeframe.googlesyndication.com
ad.holmesmind.com
ad.sitemaji.com
ad.turn.com
ad2.apx.appier.net
adcdn.holmesmind.com
ade.googlesyndication.com
ajax.googleapis.com
api.dable.io
audiencedata.im-apps.net
bidder.criteo.com
c.holmesmind.com
c1.adform.net
cdn.holmesmind.com
cdnjs.cloudflare.com
cm-dev-poc.holmesmind.com
cm.g.doubleclick.net
cm.lndata.com
connect.facebook.net
count.dailydaily-up.com
count.xxxssk.com
dis.criteo.com
dmp.im-apps.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
fcm.holmesmind.com
fcm2.holmesmind.com
fonts.googleapis.com
fonts.gstatic.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
l.logly.co.jp
match.adsrvr.org
nt.compass-fit.jp
pagead2.googlesyndication.com
partner.googleadservices.com
pm.w55c.net
popup.dailydaily-up.com
prebid-asia.creativecdn.com
prebid.scupio.com
r.turn.com
region1.google-analytics.com
s0.2mdn.net
secure-assets.rubiconproject.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
static.criteo.net
static.dable.io
store.dailydaily-up.com
sync.logly.co.jp
sync.mathtag.com
sync.teads.tv
t.ssp.hinet.net
token.rubiconproject.com
tpc.googlesyndication.com
twstat.dailydaily-up.com
ups.analytics.yahoo.com
us-u.openx.net
www.dailydaily-up.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.scupio.net
x.bidswitch.net
fcm.holmesmind.com
103.132.192.30
104.102.35.84
116.50.36.71
119.28.16.172
13.230.233.218
142.250.181.226
142.250.186.130
142.250.186.66
15.197.193.217
172.104.70.67
172.217.16.194
178.250.1.9
18.173.187.54
18.178.157.43
185.29.134.244
185.80.39.216
185.86.139.93
185.89.210.46
2001:4860:4802:34::36
203.75.214.136
210.59.219.34
23.197.142.41
23.35.229.251
23.56.202.187
2600:1901:0:e207::
2600:9000:237d:c000:0:e06c:e940:93a1
2606:4700:3034::6815:af3
2606:4700:3034::ac43:9313
2606:4700::6811:190e
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:811::2002
2a00:1450:4001:812::2006
2a00:1450:4001:813::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a02:2638:d::2
2a02:2638:d::a
2a02:26f0:3500:c::5c7b:680f
2a03:2880:f083:9:face:b00c:0:3
2a06:98c1:3120::3
3.127.92.109
3.37.240.225
3.71.149.231
34.95.67.231
35.156.208.169
35.186.215.140
35.190.36.98
35.201.76.93
35.244.159.8
37.157.3.30
46.228.164.11
52.197.179.68
54.178.179.241
54.95.112.24
69.173.144.139
76.223.111.18
85.114.159.93
02e63c7057c42284ec950828aacaea80e210275ff429feea8cf140aa5df4ea5f
05bb160db5b7820f6839e4a9a679af000b0c4ff1cba19c352a9a22958a4a3aca
06605ec7ba35ed117fdef019c170683bf260013053db236f81bac821a92fb03b
076bd8e25840756e5b469c7de6cdeda3db1bda1f75a9674eb10ce7ecbd9bc063
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
09309ddb733a7c98fba0d2d5a245e3eea11f6eedae44ca55f08027659a614d14
09647504671a7ef9bb925c74c26e6be969edc1ded8ef8a94aa4b1ab1cdfc60af
099ce1978d4230161806b44653ef5759990833e345290b738a8c8ffaa372df38
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0dbd4e4fd5ed44142a5f750462ffd86db00aaa51ba5990381c4740d21b4478f7
0ea20bedd24c2721275fc920672ccf787385ec6b8cb5ccbfc6682aeee658e78b
0f76db861ea62081cb86d08f74cdf710135f9159a7231402addb533e0d9410f8
1083d32b6bd31c5bb8b662eb0bd3840484d66a62b699da6acd56b83f7ba05a5a
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13d5c0f2451f0a14104098f72c6f3334114a68927e50beb4779a0bf98966d9f5
14b908c4a215ea0f392ce1419e99a1b5c16dceb6c3601e6079707e250439c708
163861ba1f99a5f399021588724bc0930e9de7f7dea9c4a5d8d06e03f169f30c
17b74954021249d3b59e7ab8c8248edc265666ee65127c8f01825f0ada0adcc2
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19574a085ff7e5b1cf7c134b7465e0e8e08219a90a50cc2d2197e90c55eeeaec
195e6636d3f6dce1239d1ee3a5b5d3833baa50b3248934f29a60618f5d9fb35a
1a57db2d20d256da701a75ba8d9ab28c27e9b98a25bd39f7f683efde70e2328b
1a752f8106cb345b9c97a6ba4a5de223c067abadf16d9834e00ba848043aa3bf
1a9cba16c5a30dc7cc3bdcbba2a45e9e2e28ec4437894302c6676369ed0ec732
1e3de06b5f7e5c4a3d028100f2f6e1fd8bd93ee42db004943e0c3aff93cb8ae9
1e40230d0fcdc8b17761057ef9a4ba8ddd82fae97e3777d68af0c23451ce9c35
212a2954bd370a297cf8ce033cfa4ea93bd16bb03f94203ae112e26ec5bba910
241081e8e0cad022ed43273a2203a43b7e35b60d22be538235588a0a87873be1
241bb801b29748e542884f7b902c02f12f6a318ba97f70224986634926dbc433
2572f519f65a33cc40e047bdb1bbca13a71aa664f7d59bc877ec6b0428837ed9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26d41e091f53db35f627949f43ea95f33b0b197929e3af4cc65cf02025e23f04
2a41aea58330ae3f0c8ee4b3786cf9f01ead7f61c3880b0ca756a0789b8cdfd1
2ae072b67edb6016f6425f5d59b9ffd393f38f1d631d108a6dd05339cc726835
2d8e203ee50b347070544c75f35ef84146ca1fda8bc0820b9d324770b1fd5c72
2fb9fc988225b098817eee893f5073f56d7cc1252651aea3fa14f321ea53b70b
30fa33af4612abc3b244120992e191a8a471d3b20611a6bea1cc773843c7fc1d
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
31d02f43dd0c7fc5c0d95db087a23f1c2d729c93f10450884c8da6b415f7839b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
365fc555dbd2149871a77b9485dbb0cbd487a0553f7a90163444349fee756f60
3675364ba9ea9ba32452452621c86f0ef235bb47d9035a1eff6312822efb1386
3883c7cf17a384ac10b612a2f0f52b1f2a805b929fe1f4927a138bfefba6bab1
3ab7853ddfc8ef3468082187bff5636436df85cd9d1e54653530c018cf9d9280
3bf54f61d2278d7585f1b3ec288714819c347c98721f30f4368a06f19aefbad2
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
458ffa79be39b821ad6564044f26293dd23b48b36d7c56b2a55b05046820e573
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49162c0e234cfb9aa412e99fe5f3ad4e8b703518f0e3f4ed39ad6d8ed19bc239
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a774eee2325be3cf1bba0140cdf621babe3263e8314a27d1580fc0a7d283f09
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b61f735ba127d88a8673f26e34a79bc25968d5be1bb43004958065526d28bb9
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5045b62d20857679ee1a466ea800b26aa5e9a608768a8ce553b21233b268e947
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506807daf2b505515dc00f384cbc1c45494a764e6c847896a1c9f8508087235d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
587f39bb0de7373101a83306b044fa569d817b1bae971b35ae4df5a3de4e445b
5a7e33ca6b767ab56c0289efac373481cbb2ceab838f7e506ac00be6c601c10b
5ae35307130aa78d63a9fe2cb12a20a2248e844aa51f4266deb650cb908e97e4
5cbe136f1ba8a98109b4d6daddd4babdf20b1a1f9a15dedfb9acd3c2a0d27abf
5db43dfc18e22f338047eb4393993f313139c7a1a6854f137b07b2b387c97cfa
5f04a67133e8d41a751e2030f0c3492cd7438868d74e850b94007eb12805e6d7
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
627198b7d91a39abfd32c4ccea0c34093b5031e48b77d092865b758f656b73c3
63b41a8345664bf6831b001714dc902cd6f41a4d4ee5ef151a539d3b790e670e
644aace6e359180bf6b29b4a7b172f7b6cb8c937fa531eed22a6447fab6a2c8c
64902ec21be8580587f7940d93357cad631a498df0b36351477da22c8e6fcf61
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
694b6450626d638e5e2d71ce0807d8279b4578c2cff45f4ccf5a4a76f18a2528
699ad0977ade1c52eb5f1214e634d7ebb6dfa494c6af475f8bed6acb21154994
69fa4215009a4325ef2d8ed36a318853ec8597bfa8fc52197de529582b85a965
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d48f2ebe99c14c230a12f30f8b41e9bc82028bf86a7019639dee2aa096a49d4
6fe52b8948eb3c4c7099dd4c310216f06ca646e5f8e0b7fd06dcb78a09e73f87
7327225cdf3eb28cd7f8ed4ab98de9d079fe2f007c3d73fd58dc4c757cf6b4cf
73c9693eebe5e91d665357626da38cbe8d34297fae4464b4061ecb261deddeed
76dd721fc149430c015f21324227424990504515cbf5ff04f365fcb8e93b85ec
78ae55fc0ceb8ac07f56b87f7886371e91a57dafb6ee5154f317b7bb11da12a7
7b06599a4c6a4e4cca154ea20824a4a14409ea9acf9d5d0230ccac1c7d866458
7c7a7d725a1e6833639a4f835aac2eb8248a8647219c27b58cd3b1d2dc88b0cb
80164afd06a67645c5029987fa97d71e4a7d3363d5fc5e9feffc5e39ad3641db
80a61fdf6adf9c3e4a65f372d1f60872ab88aeadb54ed114da17a53ae2f4e962
811fe124f8e6286d52df8f0085ea943162552ecd462162f8685f06a104fef0ad
821da8af52f9abd6ed4c5148caee6e2cf2188c9ca01a0008a5a1ce789ce7d99b
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85a7af7754a6537256c34a8cba717dd7135b94d22018936510d7ed743dc70e14
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
8cb66130bb95c8bce9aa7f6323a1bf97137a4c34dd4752bd0292146af5942bfe
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df5691a16c5560a40f00e7ddc53c79d5eed0cd43b22188fd465350a2f412f62
8e3b0117f4df4be452c0b6af5b8f0a0acf9d4ade23d08d55d7e312af22077762
8ebae2adcd582095934d1a634749aaf03010c548e010dec8c212cb2f0404406f
91e8a4fd7873722a78783321ba6e6e05d8f48454f9c3f3a0fbe71762efb57f43
92836f98daa00abaf02d3ea5c06f766c40da6dcb434ae1f18bad54d9675002f2
93d3d447e9ecf43739a32818dfd8ff6bb02d5221aae0d82b24a5c9c0f796e7d2
9532a5212db16e49789e83687cb5d1e4cfa75757ab657edfeccc2e5bd190da4d
957135063edbb7272a9f5247b887095262f77644fa42419381bf7ca2b0622bb8
96e63c15f34da25eba21f6f0c6c36eb5fea5e27a3bcf5ad5fa94562c49c015a2
97091ddf0eb5f1ba3d693d51b4a9a5dd0a914997371150a2eae9eb88ebff51a7
9881cc643232b5487a882670adbc23bd1bb7e7050175d5c8bbcce9ffbaad0c9c
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9af7fd8d18e80b0ac79b602081f75c658a17a7b4599674bf3822bacc9eec5f79
9bc147189922e69bb8162e64a86b223280ad3549a743ada86b5ee06eb6dbe133
9c988e280a9af2e0bfc476f7ada40e1984db51651029927933b16de44400c28b
9fdcd812e3e8f8e4b7f7f53a8d5b223fd715fc1b72c5e1006b0ae8b746b0de4c
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a38eef5f193880aabb75ca9e2b527a67bec7effef3f6556bb4158f7a26f06060
a4338b399e437bda69b997b7de46a7869b9244a1f7cebc91ddaf57329c41e7ae
a56bbb4199232f466109c81aad2004410c5d35567ebb59c1a0aef0f9f79b91dd
a6d36aa3d742ccd6f1ca3c76dcf885af72f7bebe2fcc001ea011a7aea2f55678
a6eda84e469463424ebf458949c409a82ee31d042cf3c8e84978658832f634c5
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
aec3d419d50f05781a96f223e18289aeb52598b5db39be82a7b71dc67d6a7947
afae6747ae2ed5a8a6f6669fd9b99fcdcf405f2f18656c1a340a6c1498f1f760
b0cbbfe7e06fd7a9274bcdf96bde690f294cdef1ba01f2f20c9a9bd09eb1502b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1ede5f6c20a18e0e28467f98d21dc394f6dce158cdf898610ca109867eba989
b1fe6456a4e2d8871862a70a1d1ad7dee8887643ee994ad850ee0a30072cfbd2
b2d149d82e375036bed39d307750ec01189d003b0e644336827624681d875ae9
b4f6ff7812ac79cfc45ad93f38ea5d5182bc313c529466dbc51bdf300689cb7b
b5921a88d975cd06e472d39db8123d6cdf35edb9a96a6f72c124f0478d78273c
b78f3c0d944d3abf459bc3d507ad9ea00f6eca99f327d69678b3b2660574365c
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
bf56b14d330ae25ccd631572b03088cf4982d39bea9aaf39df953c1777d94ee6
bfc29c17292ecabcf6ac3123497ef8e0684c078f1b2a58cdd65da41fc29b28fd
c205c874491530a4288b8f643e5da8fbcf7c54bee71bb787f4444e77de90e821
c3b7bf416424abed17314649bb71a1de7a3afc6af66840d04b730e69652e27ac
c411f2d04872ff57ce67b6eea232aa25a839c3b122f7bfe36b4c117ffb52757a
c6aec9a9b42dac0263b43f585d0b8fe660524d3a4f8c4659d15693159e3c7d4b
cce3fd72fd0eef163bb64840913ef660d008bf7dc92c4ea70fee9fe931627d9a
cd5e51e4be28957472ed34851536685ff162bb43dec37c9a7be46de1c1b72ee9
cef005a7925817203365e696b47631a1bb7741d6b22f19399f5b958069a09eda
cfbba3e93a3e05503b015dce83557ac4b2fab7169912e0b984d84e05e8235802
d0d80991c6e4b62d5c77985c1e293aad44cc120e03aee7ae6936c79d25a0e467
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d2c0219b3f79f1fd076f7baa05762920ebc07e47291b09b466245cc3934ee5be
d33d3e50faf1a2ae9178f115a8633deffe5577894ab3a303fb42bbf10f7073fe
d51ae4a1096fac36fe9055d5c3f4daa85de0120b567636c89327b544a2a6a795
d5ae5049686cf9a5ef6e9ceeae1c67619f218fd1694d39648b13607db871a3bc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
dd1b7672c39771921a3a71e1e7b7560e58853f65a93164def2fe40d88a0e2428
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
deee99d9237a62175dd73f926937b73b43ff2d299162d4d3f8cae02296a8f885
e2e6443f2e88331f08abd67e2c2a060c1dfa898deb6ba735237f9a8711e7a192
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9122e2dbf1fbe809c32141c6beb40d0075cd6fb40aebeb4ec0be227875bc7d9
e93636d3ef399dc7d33a87e01495e525303cdcb7f443dbfa77f05e4c80825407
ec140ae8baa4b61226d96beba9277a0072e45b805004b8ea983c5d43402aeb66
ed359c91fe5a461160e0785a0469a2b19a6d4e8134d00cdac071f16c38baef33
ee5d0a9209783fc331f5b3afac4a9750c5ca24af580a8102eb9192ded52f3f53
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef68d7966f283bff353a821f8ec09477cf02fc499420d5d49915bdb1f4d028b9
ef7192bf2c6dbef1bb27d2673a22610dfdbf6b9322e4b9aa45009c207d7b7699
f590e3aa9bebdd34a9d53cf74102a719417add18a7038869a26ac4a250c98dc4
f5e670413119ec12082e70b8ebde5cf8aa6b609868054fb5cb2b34fce22540b1
f6dba17f780cea3c7541ec040f86cfa4cf60d483f0282151c09eb717e922a9b1

www.dailydaily-up.com Open in urlscan Pro 2606:4700:3034::6815:af3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

311 Requests

92 %HTTPS

38 %IPv6

43 Domains

72 Subdomains

58 IPs

11 Countries

15524 kBTransfer

19843 kBSize

45 Cookies

7 Outgoing links

Redirected requests

311 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

www.dailydaily-up.com Open in urlscan Pro
2606:4700:3034::6815:af3 Public Scan

Screenshot
Live screenshot

Full Image

311
Requests

92 %
HTTPS

38 %
IPv6

43
Domains

72
Subdomains

58
IPs

11
Countries

15524 kB
Transfer

19843 kB
Size

45
Cookies

311 HTTP transactions
10 data transactions