campagio.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://campagio.fr.gd/
Submission: On January 28 via api (January 28th 2024, 9:05:57 pm UTC) from US — Scanned from US

Summary HTTP 222 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 41 IPs in 3 countries across 40 domains to perform 222 HTTP transactions. The main IP is 193.238.27.28, located in Germany and belongs to IPX-AS15598, DE. The main domain is campagio.fr.gd.
TLS certificate: Issued by R3 on January 22nd 2024. Valid for: 3 months.

This is the only time campagio.fr.gd was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	193.238.27.28 193.238.27.28	15598 (IPX-AS15598) (IPX-AS15598)
19	2607:f8b0:400... 2607:f8b0:4006:821::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3037::ac43:cc74	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	18.173.241.55 18.173.241.55	16509 (AMAZON-02) (AMAZON-02)
2	178.162.223.113 178.162.223.113	28753 (LEASEWEB-...) (LEASEWEB-DE-FRA-10)
1 9	2607:f8b0:400... 2607:f8b0:4006:822::2002	15169 (GOOGLE) (GOOGLE)
2 2	2a02:cb40:200... 2a02:cb40:200::242	20546 (SOPRADO-ANY) (SOPRADO-ANY)
1	2a0b:4d07:2::3 2a0b:4d07:2::3	44239 (PROINITY ...) (PROINITY PROINITY)
1 1	142.132.247.201 142.132.247.201	24940 (HETZNER-AS) (HETZNER-AS)
45	2606:4700:20:... 2606:4700:20::681a:48f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	176.9.183.55 176.9.183.55	24940 (HETZNER-AS) (HETZNER-AS)
3	3.75.56.58 3.75.56.58	16509 (AMAZON-02) (AMAZON-02)
14	2607:f8b0:400... 2607:f8b0:4006:81c::2001	15169 (GOOGLE) (GOOGLE)
3	2607:f8b0:400... 2607:f8b0:4006:824::2002	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4006:822::2006	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::200a	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:817::2003	15169 (GOOGLE) (GOOGLE)
1 3	52.57.118.173 52.57.118.173	16509 (AMAZON-02) (AMAZON-02)
6 8	142.251.40.130 142.251.40.130	15169 (GOOGLE) (GOOGLE)
4 8	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 6	68.67.179.166 68.67.179.166	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.251.35.162 142.251.35.162	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
2	142.251.41.6 142.251.41.6	15169 (GOOGLE) (GOOGLE)
2	18.164.124.5 18.164.124.5	16509 (AMAZON-02) (AMAZON-02)
12	2600:1901:0:5... 2600:1901:0:5987::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
16	2607:f8b0:400... 2607:f8b0:4006:807::200e	15169 (GOOGLE) (GOOGLE)
1 2	35.157.83.91 35.157.83.91	16509 (AMAZON-02) (AMAZON-02)
8	2600:1901:0:c... 2600:1901:0:c07c::	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
8	2607:f8b0:400... 2607:f8b0:4006:80e::200a	() ()
1 3	2607:f8b0:400... 2607:f8b0:4006:816::2004	() ()
2	2607:f8b0:400... 2607:f8b0:4006:808::2016	() ()
2	2600:1901:0:1... 2600:1901:0:1e38::	() ()
3	2607:f8b0:400... 2607:f8b0:4006:80a::2008	() ()
1	18.164.124.85 18.164.124.85	() ()
11	18.153.7.152 18.153.7.152	() ()
4	18.238.49.53 18.238.49.53	() ()
1	2600:9000:210... 2600:9000:210b:4200:15:a0d3:77c0:93a1	() ()
1	2600:141b:1c0... 2600:141b:1c00:258b::1931	() ()
6	2620:1ec:c11:... 2620:1ec:c11::200	() ()
1	2a02:6ea0:c40... 2a02:6ea0:c400::11	() ()
1	18.238.63.215 18.238.63.215	() ()
222	41

1 193.238.27.28 (Germany)

ASN15598 (IPX-AS15598, DE)
PTR: fr.gd

campagio.fr.gd	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2607:f8b0:4006:821::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::ac43:cc74 (United States)

ASN13335 (CLOUDFLARENET, US)

asrv205.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.173.241.55 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-173-241-55.jfk52.r.cloudfront.net

logv145.xiti.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.223.113 (Schwerte, Germany)

ASN28753 (LEASEWEB-DE-FRA-10, DE)
PTR: misc.webme.com

theme.webme.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:822::2002 (Colchester, United States) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:cb40:200::242 (Germany) 2 redirects

ASN20546 (SOPRADO-ANY, DE)

t.adcell.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a0b:4d07:2::3 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)

nextlevel-f353.kxcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.132.247.201 (Pullach im Isartal, Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.201.247.132.142.clients.your-server.de

nextleveldefend.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

45 2606:4700:20::681a:48f (United States)

ASN13335 (CLOUDFLARENET, US)

www.foboxy.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 176.9.183.55 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.55.183.9.176.clients.your-server.de

fwdtrk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.75.56.58 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com

visifeed.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2607:f8b0:4006:81c::2001 (Colchester, United States)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:824::2002 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:822::2006 (Colchester, United States)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::200a (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:817::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.57.118.173 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-118-173.eu-central-1.compute.amazonaws.com

api.yieldads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.251.40.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 172.64.151.101 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 68.67.179.166 (North Bergen, United States) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.35.162 (United States)

ASN15169 (GOOGLE, US)
PTR: lga25s78-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:81e::2003 (Colchester, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.41.6 (United States)

ASN15169 (GOOGLE, US)
PTR: lga34s40-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.164.124.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-164-124-5.jfk50.r.cloudfront.net

tag.researchnow.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2600:1901:0:5987:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

app.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
privacy-proxy.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2607:f8b0:4006:807::200e (Colchester, United States)

ASN15169 (GOOGLE, US)

www.youtube-nocookie.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.83.91 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-83-91.eu-central-1.compute.amazonaws.com

findarios.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:1901:0:c07c:: (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)

api.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4006:80e::200a (None, )

ASN- ()

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:816::2004 (None, ) 1 redirects

ASN- ()

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:808::2016 (None, )

ASN- ()

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1901:0:1e38:: (None, )

ASN- ()

consent-api.service.consent.usercentrics.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:80a::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.164.124.85 (None, )

ASN- ()

integrations.etrusted.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 18.153.7.152 (None, )

ASN- ()

widget.superchat.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.238.49.53 (None, )

ASN- ()

widgets.trustedshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:210b:4200:15:a0d3:77c0:93a1 (None, )

ASN- ()

www.clickcease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:258b::1931 (None, )

ASN- ()

s.pinimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2620:1ec:c11::200 (None, )

ASN- ()

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6ea0:c400::11 (None, )

ASN- ()

cdn.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.238.63.215 (None, )

ASN- ()

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
45	foboxy.de www.foboxy.de	2 MB
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	413 KB
22	usercentrics.eu app.usercentrics.eu — Cisco Umbrella Rank: 8851 privacy-proxy.usercentrics.eu — Cisco Umbrella Rank: 30785 api.usercentrics.eu — Cisco Umbrella Rank: 7790 consent-api.service.consent.usercentrics.eu	246 KB
19	doubleclick.net 7 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 260 ad.doubleclick.net — Cisco Umbrella Rank: 163 13489214.fls.doubleclick.net Failed	132 KB
16	youtube-nocookie.com www.youtube-nocookie.com — Cisco Umbrella Rank: 3344	2 MB
11	superchat.de widget.superchat.de	141 KB
10	gstatic.com www.gstatic.com fonts.gstatic.com	143 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 28 jnn-pa.googleapis.com	83 KB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 622	5 KB
6	bing.com bat.bing.com	16 KB
6	adnxs.com 4 redirects ib.adnxs.com — Cisco Umbrella Rank: 253	6 KB
4	trustedshops.com widgets.trustedshops.com	82 KB
3	googletagmanager.com www.googletagmanager.com	255 KB
3	google.com 1 redirects www.google.com	40 KB
3	yieldads.net 1 redirects api.yieldads.net — Cisco Umbrella Rank: 120597	15 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
3	visifeed.org visifeed.org — Cisco Umbrella Rank: 119580	2 KB
2	ytimg.com i.ytimg.com	6 KB
2	findarios.com 1 redirects findarios.com — Cisco Umbrella Rank: 555242	2 KB
2	researchnow.com tag.researchnow.com — Cisco Umbrella Rank: 4341	870 B
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145
2	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 336	39 KB
2	adcell.com 2 redirects t.adcell.com — Cisco Umbrella Rank: 57836	690 B
2	webme.com theme.webme.com	130 KB
2	xiti.com 1 redirects logv145.xiti.com	1 KB
1	amazon-adsystem.com c.amazon-adsystem.com aax-eu.amazon-adsystem.com Failed	4 KB
1	exactag.com cdn.exactag.com m.exactag.com Failed	6 KB
1	pinimg.com s.pinimg.com	2 KB
1	clickcease.com www.clickcease.com
1	etrusted.com integrations.etrusted.com	2 KB
1	fwdtrk.com fwdtrk.com fwd.fwdtrk.com Failed	2 KB
1	nextleveldefend.com 1 redirects nextleveldefend.com — Cisco Umbrella Rank: 347178	660 B
1	kxcdn.com nextlevel-f353.kxcdn.com — Cisco Umbrella Rank: 447568	48 KB
1	asrv205.com asrv205.com	1 KB
1	fr.gd campagio.fr.gd	5 KB
0	foboxy.com Failed stats.foboxy.com Failed
0	facebook.net Failed connect.facebook.net Failed
0	svinando.de Failed www.svinando.de Failed
0	Failed function sub() { [native code] }. Failed
0	gmodules.com Failed www.gmodules.com Failed
222	40

	Domain	Requested by
45	www.foboxy.de	asrv205.com www.foboxy.de
19	pagead2.googlesyndication.com	campagio.fr.gd pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
16	www.youtube-nocookie.com	www.foboxy.de www.youtube-nocookie.com
14	tpc.googlesyndication.com	campagio.fr.gd googleads.g.doubleclick.net tpc.googlesyndication.com
11	widget.superchat.de	www.foboxy.de widget.superchat.de
10	app.usercentrics.eu	www.foboxy.de app.usercentrics.eu campagio.fr.gd
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com campagio.fr.gd asrv205.com
8	jnn-pa.googleapis.com	www.youtube-nocookie.com
8	api.usercentrics.eu	app.usercentrics.eu
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net
6	bat.bing.com	campagio.fr.gd bat.bing.com asrv205.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com www.youtube-nocookie.com
5	www.gstatic.com	googleads.g.doubleclick.net www.youtube-nocookie.com www.gstatic.com
4	widgets.trustedshops.com	www.foboxy.de widgets.trustedshops.com asrv205.com
3	www.googletagmanager.com	campagio.fr.gd app.usercentrics.eu www.googletagmanager.com
3	www.google.com	1 redirects www.youtube-nocookie.com
3	api.yieldads.net	1 redirects visifeed.org api.yieldads.net
3	www.googletagservices.com	campagio.fr.gd googleads.g.doubleclick.net
3	visifeed.org	fwdtrk.com visifeed.org
2	consent-api.service.consent.usercentrics.eu	app.usercentrics.eu
2	i.ytimg.com	www.youtube-nocookie.com
2	findarios.com	1 redirects api.yieldads.net
2	privacy-proxy.usercentrics.eu	www.foboxy.de privacy-proxy.usercentrics.eu
2	tag.researchnow.com	campagio.fr.gd
2	ad.doubleclick.net	campagio.fr.gd
2	www.googleadservices.com	campagio.fr.gd
2	s0.2mdn.net	googleads.g.doubleclick.net campagio.fr.gd
2	t.adcell.com	2 redirects
2	theme.webme.com	campagio.fr.gd
2	logv145.xiti.com	1 redirects campagio.fr.gd
1	c.amazon-adsystem.com	campagio.fr.gd
1	cdn.exactag.com	campagio.fr.gd
1	s.pinimg.com	www.googletagmanager.com s.pinimg.com
1	www.clickcease.com	campagio.fr.gd
1	integrations.etrusted.com	www.foboxy.de
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	fwdtrk.com	asrv205.com
1	nextleveldefend.com	1 redirects
1	nextlevel-f353.kxcdn.com	asrv205.com
1	asrv205.com	campagio.fr.gd
1	campagio.fr.gd
0	m.exactag.com Failed	cdn.exactag.com
0	aax-eu.amazon-adsystem.com Failed	c.amazon-adsystem.com
0	stats.foboxy.com Failed	campagio.fr.gd
0	13489214.fls.doubleclick.net Failed	www.googletagmanager.com
0	connect.facebook.net Failed	campagio.fr.gd
0	www.svinando.de Failed	findarios.com
0	fwd.fwdtrk.com Failed	fwdtrk.com
0	Failed	campagio.fr.gd
0	80.190.202.79 Failed	campagio.fr.gd
0	www.gmodules.com Failed	campagio.fr.gd
222	53

This site contains links to these domains. Also see Links.

Domain
www.xiti.com
dunet.fr.gd
www.ma-page.fr

Subject Issuer	Validity	Valid
fr.gd R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
asrv205.com GTS CA 1P5	`2023-12-04` - `2024-03-03`	3 months	crt.sh
misc.webme.com R3	`2024-01-22` - `2024-04-21`	3 months	crt.sh
foboxy.de GTS CA 1P5	`2023-12-07` - `2024-03-06`	3 months	crt.sh
fwdtrk.com R3	`2024-01-20` - `2024-04-19`	3 months	crt.sh
visifeed.org R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
api.yieldads.net Amazon RSA 2048 M01	`2023-10-04` - `2024-11-02`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.researchnow.com Amazon RSA 2048 M03	`2023-09-13` - `2024-10-11`	a year	crt.sh
app.usercentrics.eu GTS CA 1D4	`2023-12-07` - `2024-03-06`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
findarios.com Amazon RSA 2048 M02	`2023-08-27` - `2024-09-25`	a year	crt.sh
api.usercentrics.eu GTS CA 1D4	`2023-12-05` - `2024-03-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
consent-api.service.consent.usercentrics.eu GTS CA 1D4	`2023-12-12` - `2024-03-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
integrations.etrusted.com Amazon RSA 2048 M01	`2023-03-07` - `2024-04-04`	a year	crt.sh
widget.superchat.de Amazon RSA 2048 M03	`2023-12-22` - `2025-01-19`	a year	crt.sh
widgets.trustedshops.com Amazon RSA 2048 M02	`2023-06-25` - `2024-07-23`	a year	crt.sh
clickcease.com Amazon RSA 2048 M02	`2023-11-26` - `2024-12-24`	a year	crt.sh
*.pinterest.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-07` - `2024-08-07`	a year	crt.sh
www.bing.com Microsoft Azure TLS Issuing CA 02	`2024-01-21` - `2024-06-27`	5 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2023-04-03` - `2024-05-03`	a year	crt.sh
c.amazon-adsystem.com Amazon RSA 2048 M01	`2023-12-30` - `2024-12-04`	a year	crt.sh

This page contains 26 frames:

Primary Page: https://campagio.fr.gd/
Frame ID: 8FB10E905F1DA1485215BE1FFAE5B81E
Requests: 13 HTTP requests in this frame

Frame: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Frame ID: A2533C7FDB0CF2BC936BBDFF208CC3EE
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: 369AA054E0D4090148534316EB4CD24C
Requests: 1 HTTP requests in this frame

Frame: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Frame ID: 071974E2C15E9FBBC2951EAB64D10A36
Requests: 89 HTTP requests in this frame

Frame: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTcsImNyZWF0aXZlX2lkIjoyOCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ3NTk1MX0%3D
Frame ID: 916BB45562F4C8237CC552CD4C275AD1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4220122264332463&output=html&adk=1812271804&adf=3025194257&lmt=1706475951&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fcampagio.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706475951232&bpp=9&bdt=362&idt=479&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7754919421281&frm=20&pv=2&ga_vid=1117577882.1706475952&ga_sid=1706475952&ga_hid=1549556944&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080591%2C42531705%2C95320894%2C95321626%2C95322163%2C95323006&oid=2&pvsid=4230589919140647&tmod=1070898589&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=500
Frame ID: 992C0DBFF0D05BBE2652C9CA218636AF
Requests: 1 HTTP requests in this frame

Frame: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89ec0&ci=yCbt2Uv%3C&its=9F%5Bt%2ALp5e%3CbB%7DQD%3BukPWbWY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Frame ID: AC80EA8BECE11AF9C782EC7A714B58EB
Requests: 2 HTTP requests in this frame

Frame: https://www.svinando.de/?awc=28767_1706475956_912aa486d31f7531446a43728045072f
Frame ID: EDF7B4B015933BCC103B8D41784AF786
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D882C40B2B7B4772C589718F0C51DFA5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D445FED862415ED64ED97B80E4D2008C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 6B5D2F82CAA9D27A3DC4EFF1D41AA95E
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNXHr0ASREDCJZUJMiC2rbGcmQRePBM_RPHCV3HwBwePArU8eOSRNKCI0aoK3Ms-CuRjSymajG6T9pRrozSMKHkShwwXsQ
Frame ID: D7B769DA0F9A3EF61F13D6951E32DF5A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js
Frame ID: 4280EF55500123BE6454ABC3FE189F46
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNUGbEpKBQzpCNuMn32sfJS-gFzL1ZlCvj08GUb1K4ggCXiqGRgbRE8WiRX3BrXsjFWXa4Z9r7hSr_ItetmDnBSYzWC_TA
Frame ID: 6D8A6810F28F52C4FAA46602CF43C4C0
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/simgad/11447508629039149190
Frame ID: B372A39918239655C2EEAB05249249D1
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 4589AEE2B55A78804C16D4058CC6C009
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 37C5EA0AE53565CAC0589254B0B8E0A7
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js
Frame ID: 9D40E1831A310FBC788BF40B571CBF7A
Requests: 1 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
Frame ID: 0339B1FD397B9B44150ABCCA65EC896F
Requests: 16 HTTP requests in this frame

Frame: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
Frame ID: 9B2D7D41C3A53E4C233F86777B238E00
Requests: 16 HTTP requests in this frame

Frame: https://app.usercentrics.eu/browser-sdk/4.32.0/cross-domain-bridge.html
Frame ID: 21AC1C071B91EC65CACFC6B95E3AD4FD
Requests: 1 HTTP requests in this frame

Frame: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Frame ID: 0978DEEF108B9D95ADAA25B35DD80541
Requests: 11 HTTP requests in this frame

Frame: https://13489214.fls.doubleclick.net/activityi;dc_pre=CNq5i6r-gIQDFZMKTwgdv9ADDA;src=13489214;type=retar0;cat=fobox0;ord=4932632014464;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-
Frame ID: 4504BB534B4E01D013551D14665CD8B5
Requests: 1 HTTP requests in this frame

Frame: https://13489214.fls.doubleclick.net/activityi;dc_pre=CO2zi6r-gIQDFUel0QQdVfMENw;src=13489214;type=visit0;cat=fobox0;ord=1;num=8939062016596;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-
Frame ID: C00A6E4A29BD02E17596E44E25BED867
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/iu3?pid=14ed3f90-024e-4175-a9b9-9515cf9b59fb&event=PageView&ts=1706475957132
Frame ID: FE43D1382737622DFD48E15CA36B3998
Requests: 1 HTTP requests in this frame

Frame: https://m.exactag.com/pi.aspx?campaign=2ce382c0fc3bf43448f34b462c06ecc7&pitype=Content&convtype=&rnd=GgyBLD1nghgh&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22https%3A%2F%2Fasrv205.com%2F%22%2C%22host%22%3A%22www.foboxy.de%22%2C%22site%22%3A%22%2F%22%2C%22search%22%3A%22%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%222ce382c0fc3bf43448f34b462c06ecc7%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22gk%22%3A%22%22%2C%22trackingURL%22%3A%22https%3A%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22https%3A%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22default%22%2C%22subid%22%3A%22foboxy%20Fotobox%20mieten%20%7C%20Rundum-sorglos-Paket%20zum%20Festpreis%22%7D
Frame ID: 7BEBAF5BB2AD1B3F11048474B4FF2732
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

alimentation et santé - Page d'accueil

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

AT Internet XiTi (Analytics) Expand

Overall confidence: 100%
Detected patterns

xiti\.com/hit\.xiti

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

222
Requests

88 %
HTTPS

57 %
IPv6

40
Domains

53
Subdomains

41
IPs

3
Countries

5642 kB
Transfer

16985 kB
Size

18
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.xiti.com/xiti.asp?s=356022
Title:  Mesure d'audience ROI statistique webanalytics par <img width="39" height="25" src="http://logv145.xiti.com/hit.xiti?s=356022&p=" alt="WebAnalytics" />

Search URL Search Domain Scan URL

URL: http://dunet.fr.gd/Contact.htm

Search URL Search Domain Scan URL

URL: https://www.ma-page.fr/?c=4000&utm_source=selfpromotion&utm_campaign=overlay&utm_medium=footer
Title: Ce site web a été créé gratuitement avec Ma-page.fr. Tu veux aussi ton propre site web ? S'inscrire gratuitement

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://logv145.xiti.com/hit.xiti?s=356022&p=&hl=11x5x50&r=1600x1200x24x24&ref= HTTP 302
https://logv145.xiti.com/hit.xiti?s=356022&p=&hl=11x5x50&r=1600x1200x24x24&ref=&Rdt=On

Request Chain 11

https://t.adcell.com/p/image?promoId=340834&slotId=105746 HTTP 302
https://nextlevel-f353.kxcdn.com/foboxy/Standard/Banner_foboxy_static_300x250.jpg

Request Chain 12

https://t.adcell.com/p/view?promoId=360463&slotId=105746&pv=1&htlp=1 HTTP 302
https://nextleveldefend.com/click?CID=65__nxt__BID=0__nxt__SRC=584__nxt__SUB=SUBID__nxt__CLK=CLICKID__nxt__URL=https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746- HTTP 302
https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

Request Chain 55

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1

Request Chain 56

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbbBsQnGEJJW5dRfPft87wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1

Request Chain 57

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1

Request Chain 58

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D

Request Chain 59

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1

Request Chain 60

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbbBseYv.OEtLyS3hZdDTgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1&google_hm=2

Request Chain 61

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1

Request Chain 62

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D

Request Chain 68

https://googleads.g.doubleclick.net/pagead/adview?ai=CGb4mr8G2ZdyWNcrRoPMP6Z-t4ArH1KbAddz_qqCxEbGM-qDnCBABINLWgaABYMmGgIDco8QQoAGOw5zWA8gBCagDAcgDywSqBN8BT9CIQEVbVthexoIjUPJzA152LYOW1imFfV24wvcZS69BhRb0PcRwCE5LB6ycIGYr_py5D10smCEQheWYdF5zfsApCL-T3ChMjHVIWS0-SRFBOwLkl_smNuQCDfMqbwX9HKTchIEiF7AZFbr2DndCRqN6dseX8tYZDO_10s661gUJaSpLrUeD2Jdn4IKC3rQBpfruNjkiJAw7xp1k6k_GAD6Y650D60oPi9Cr9pMAnCMzJAPW7g1b7fTtPUhqOWWbcuttJUSI6eRzJDICjlIlNuL0cuAMQtPprBp8qa2rKsAEnKbcwoEEiAXP-KPIQJIFBAgEGAGSBQQIBRgEoAYugAexkIKaAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEJmeBNIIHwiAYRABGB8yAooCOgSAQIBASL39wTpY5PO2p_6AhAOaCVRodHRwczovL3d3dy5jdnMuY29tL3Nob3AvaGVhbHRoLW1lZGljaW5lL2FsbGVyZ3ktYXN0aG1hP2NpZD1wc191cl9sb2MmY2lkPXBzX2ZzbG9jYWyACgHICwGYDL68j4uCBKIMCCoGCgSsurEC2gwRCgsQoO3Nnde5nc6SARICAQO4E4ME2BMO0BUBgBcBshccChoIABIUcHViLTQyMjAxMjIyNjQzMzI0NjMYAA&sigh=c2jMsfpp1dA&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTgAvHhf_alIb1hRGFnpBt8sj-hJxdoOmpojQ-QgwBnffM3epQT_s08kXiiLwd0OBB_vK8n4hhc9ktfZuisVfGG61S87aRV3kTUrb0iMDdhgB&template_id=515&cbvp=2&vis=1 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x310c2b5fa3bacf160000000000000000%22,%222%22:%220xad2c048510dead570000000000000000%22,%223%22:%220xe89ac9b66a3067af0000000000000000%22,%224%22:%220xcd97bec26bd7a6ce0000000000000000%22,%225%22:%220x6eea7cb410f803480000000000000000%22},%22debug_key%22:%229093257444324869450%22,%22debug_reporting%22:true,%22destination%22:%22https://cvs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22986128782%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210672464807396473169%22}&andc=true

Request Chain 132

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e&fp=W3sia2V5IjoidXNlcl9hZ2VudCIsInZhbHVlIjoiTW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEyMC4wLjYwOTkuMjI0IFNhZmFyaS81MzcuMzYifSx7ImtleSI6Imxhbmd1YWdlIiwidmFsdWUiOiJlbi1VUyJ9LHsia2V5IjoibmF2aWdhdG9yX3BsYXRmb3JtIiwidmFsdWUiOiJXaW4zMiJ9LHsia2V5IjoicmVndWxhcl9wbHVnaW5zIiwidmFsdWUiOlsiQ2hyb21lIFBERiBQbHVnaW46OlBvcnRhYmxlIERvY3VtZW50IEZvcm1hdDo6YXBwbGljYXRpb24veC1nb29nbGUtY2hyb21lLXBkZn5wZGYiLCJDaHJvbWUgUERGIFZpZXdlcjo6OjphcHBsaWNhdGlvbi9wZGZ%2BcGRmIiwiTmF0aXZlIENsaWVudDo6OjphcHBsaWNhdGlvbi94LW5hY2x%2BLGFwcGxpY2F0aW9uL3gtcG5hY2x%2BIl19LHsia2V5IjoianNfZm9udHMiLCJ2YWx1ZSI6W119LHsia2V5IjoiYXBwX2NvZGVfbmFtZSIsInZhbHVlIjoiTW96aWxsYSJ9LHsia2V5IjoiYnVpbGRfaWQiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoicHJvZHVjdCIsInZhbHVlIjoiR2Vja28ifSx7ImtleSI6InZlbmRvciIsInZhbHVlIjoiR29vZ2xlIEluYy4ifSx7ImtleSI6InZlbmRvcl9zdWIiLCJ2YWx1ZSI6IiJ9LHsia2V5IjoiYXBwX3ZlcnNpb24iLCJ2YWx1ZSI6IjUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIwLjAuNjA5OS4yMjQgU2FmYXJpLzUzNy4zNiJ9XQ%3D%3D HTTP 302
https://findarios.com/y?t=svinando.de&cid=1f839c8ae3a8ec808773028d5bbaa749fb298471155b3db1f8832ac6e791db80&identifier=da1f6ec6f064d0cb HTTP 302
https://findarios.com/search/svinando.de

Request Chain 177

https://r.linksprf.com/v1/redirect?url=https://svinando.de&api_key=46fd76778392715900a5c22e8500423a&site_id=624d696b024f444681c6425df495a369&type=url&source=https://findarios.com/de/search/svinando.de&yk_tag=1f839c8ae3a8ec808773028d5bbaa749fb298471155b3db1f8832ac6e791db80 HTTP 302
https://r.linksprf.com/v2/go?t=et.pd%3Aa%2Fiws.2wFn%25.3os%2Ftwhlpcm.chs%3Fiia%3Dn8f61%26edp193365%264ldc2r6f1f6n4afi2sbc9mdc2i-k8e920vc3a480e1b312458ac826294a038b420d070a09%3D9c4admcciskiea3n6f446e6k0i4c494385c44d52f691a664%26fl2cbr9fd%3D2i%3Ddfrroc.lo%26%268w9r0vc3a480e1b312458ac826294a038b420d070a09%3D9f4rdc6l4%266o6.0o4r4d4i8%3Dce4k5ifc96a464%26%3Drif7%3D7i2ddrmop.pok%26i%3Dctapm%25cA12i%25aFwvwn%2Fnsotdh&e=1&ai=aa5a70e9f5414bf995118af2422c5f00&sct=0&ct=1706475955992&cu=054a2826c98a431bb2ed87aac909948d&sr=1&ykuid=e50c7ae2afa649f396f7abb3c41fb9ec&sc=1&cs=ec67a9c4b149b7f6492b0300893f5dc3 HTTP 302
https://www.awin1.com/awclick.php?mid=28767&id=143466&clickref=findarios.com&clickref2=v030400014382054a2826c98a431bb2ed87aac909948d&clickref3=624d696b024f444681c6425df495a369&clickref4=findarios.com&awcr=v030400014382054a2826c98a431bb2ed87aac909948d-624d696b024f444681c6425df495a369&pref1=findarios.com&p=https%3A%2F%2Fsvinando.de HTTP 302
https://www.svinando.de/?awc=28767_1706475956_912aa486d31f7531446a43728045072f

Request Chain 208

https://www.google.com/pagead/landing?gcs=G111&gcd=11n1n1n1n5&rnd=1207248994.1706475957&url=https%3A%2F%2Fwww.foboxy.de%2F&dma=0&tcfd=10000&gtm=45He41o0n81KJ96X95v812101894 HTTP 302
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1n1n5&rnd=1207248994.1706475957&url=https%3A%2F%2Fwww.foboxy.de%2F&dma=0&tcfd=10000&gtm=45He41o0n81KJ96X95v812101894

Request Chain 214

https://13489214.fls.doubleclick.net/activityi;src=13489214;type=retar0;cat=fobox0;ord=4932632014464;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746- HTTP 302
https://13489214.fls.doubleclick.net/activityi;dc_pre=CNq5i6r-gIQDFZMKTwgdv9ADDA;src=13489214;type=retar0;cat=fobox0;ord=4932632014464;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-

Request Chain 215

https://13489214.fls.doubleclick.net/activityi;src=13489214;type=visit0;cat=fobox0;ord=1;num=8939062016596;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746- HTTP 302
https://13489214.fls.doubleclick.net/activityi;dc_pre=CO2zi6r-gIQDFUel0QQdVfMENw;src=13489214;type=visit0;cat=fobox0;ord=1;num=8939062016596;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-

222 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
campagio.fr.gd/ 13 KB
5 KB 1388ms
181ms Document
text/html 193.238.27.28
IPX-AS15598

General

Check archive.org

Show headers Download Go to

Full URL: https://campagio.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.238.27.28 , Germany, ASN15598 (IPX-AS15598, DE),
Reverse DNS: fr.gd
Software: nginx /
Resource Hash: 61471942707b575ea24b5e3bae90f5950b8091c334bc38c0dd11db6b33b1493d

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Accept-Ranges: bytes
Age: 0
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=ISO-8859-15
Date: Sun, 28 Jan 2024 21:05:50 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
Vary: User-Agent,Accept-Encoding
Via: 1.1 varnish-v4
X-Varnish: 125875742
X-wm-1: 64ef455219bf45ba236b8d390f06c9ce
X-wm-VIP: 193.238.27.28
X-wm-req.backend: SitesGET
X-wm-req.backend.healthy: true
X-wm-req.restarts: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 237ms
102ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4220122264332463&host=ca-host-pub-1483906849246906

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d4d24159d9036a7bf22463dd2314a50a2f40ccc9d17b4ae5293413e6157e453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campagio.fr.gd/
Origin: https://campagio.fr.gd
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51110
x-xss-protection: 0
server: cafe
etag: 3029302971837833207
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sun, 28 Jan 2024 21:05:51 GMT

GET
H2 200 eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0= Show response
asrv205.com/adframe/ Frame A253 2 KB
1 KB 449ms
331ms Document
text/html 2606:4700:3037::ac43:cc74
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Requested by: Host: campagio.fr.gd
URL: https://campagio.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::ac43:cc74 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f90ee7376e6891807fffc2ed16757bf1fd1b010aab236625e31521a334d0300

Request headers

Referer: https://campagio.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 84cc3225fe3fb3d7-MIA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:51 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0RxyhGjbYi8r%2FJtZPiuiNmpV1qmQOjXrSq3kPZpbG8JLDYl8RZ4oKMllKZpwZMoo%2FJBF4DML%2FfM8fNynDFZxTHgqJkx35PWymmrryW5qmfp3zp5xOLpg4C9qXFrF708nusmF1by%2BiIcGnw%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET ifr
www.gmodules.com/ig/ 0
0

GET
H2

200

hit.xiti
logv145.xiti.com/
Redirect Chain

https://logv145.xiti.com/hit.xiti?s=356022&p=&hl=11x5x50&r=1600x1200x24x24&ref=
https://logv145.xiti.com/hit.xiti?s=356022&p=&hl=11x5x50&r=1600x1200x24x24&ref=&Rdt=On

373 B
645 B

97ms
97ms

Image
image/gif

18.173.241.55
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://logv145.xiti.com/hit.xiti?s=356022&p=&hl=11x5x50&r=1600x1200x24x24&ref=&Rdt=On

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Server

18.173.241.55 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-173-241-55.jfk52.r.cloudfront.net

Software

Resource Hash

86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campagio.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:51 GMT
via: 1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
strict-transport-security: max-age=15768000
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: no-store
content-length: 373
x-amz-cf-id: DSdfkx5d2bPg4kOP8ZzC0lZRBmODOlfQreCfY23nU32qGwH1WJaLcg==

Redirect headers

date: Sun, 28 Jan 2024 21:05:51 GMT
strict-transport-security: max-age=15768000
via: 1.1 c06dccfbc9bb974276058f2bb42421ea.cloudfront.net (CloudFront)
x-amz-cf-pop: JFK52-P1
x-cache: Miss from cloudfront
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: /hit.xiti?s=356022&p=&hl=11x5x50&r=1600x1200x24x24&ref=&Rdt=On
content-type: text/html; charset=utf-8
cache-control: no-store
content-length: 105
x-amz-cf-id: dfYih6Xk3RWgj-C4n5B37YBgXvAeguW8RyGZis9U40W_9i94NjkF5Q==

GET dunet.gif
80.190.202.79/pic/d/dunet/ 0
0

GET
H/1.1 200
OK hawaii-theme3_02.jpg
theme.webme.com/designs/urlaub/Bilder/ 129 KB
129 KB 1011ms
326ms Image
image/jpeg 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/urlaub/Bilder/hawaii-theme3_02.jpg
Requested by: Host: campagio.fr.gd
URL: https://campagio.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 5df273e074cefcbb052322340be47d8d0bb6f805f3aca32d0916734d5e1aadb3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campagio.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 21:05:51 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Wed, 23 Sep 2015 10:37:11 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 74842
Content-Type: image/jpeg
X-Varnish: 1064328430, 472826224 458489514
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 131684
Expires: Sun, 10 Mar 2024 00:18:29 GMT

GET
H/1.1 200
OK hawaii-theme3_04.jpg
theme.webme.com/designs/urlaub/Bilder/ 879 B
1 KB 835ms
148ms Image
image/jpeg 178.162.223.113
LEASEWEB-DE-FRA-10

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theme.webme.com/designs/urlaub/Bilder/hawaii-theme3_04.jpg
Requested by: Host: campagio.fr.gd
URL: https://campagio.fr.gd/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 178.162.223.113 Schwerte, Germany, ASN28753 (LEASEWEB-DE-FRA-10, DE),
Reverse DNS: misc.webme.com
Software: nginx /
Resource Hash: 04430765e15f831e2858b2766fdcaa0694ff9e61027a4be719b747339947d3e8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campagio.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Date: Sun, 28 Jan 2024 21:05:51 GMT
Via: 1.1 varnish-v4, 1.1 varnish-v4
Last-Modified: Wed, 23 Sep 2015 10:37:11 GMT
Server: nginx
X-wm-VIP: 193.238.27.17
Age: 72305
Content-Type: image/jpeg
X-Varnish: 1069702000, 472826222 459696203
Cache-Control: max-age=3628800
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 879
Expires: Sun, 10 Mar 2024 01:00:46 GMT

GET offline.gif
/Users/MARIAC~1/AppData/Local/Temp/Low/__SkypeIEToolbar_Cache/18ec7742fdda2ad4cdfd1daa2d0aad46/session/GIF/ 0
0

GET arrow.gif
/Users/MARIAC~1/AppData/Local/Temp/Low/__SkypeIEToolbar_Cache/18ec7742fdda2ad4cdfd1daa2d0aad46/session/GIF/ 0
0

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 405 KB
137 KB 300ms
170ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4220122264332463&host=ca-host-pub-1483906849246906

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70d6aa69f492c02bbce4cfe00cd7dc8b26601f03467d08473a9707832f26fb4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campagio.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:51 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140712
x-xss-protection: 0
server: cafe
etag: 15518177094572251369
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:05:51 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame 369A 9 KB
5 KB 491ms
93ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-4220122264332463&host=ca-host-pub-1483906849246906

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campagio.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 61957
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 03:53:14 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 03:53:14 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

Banner_foboxy_static_300x250.jpg
nextlevel-f353.kxcdn.com/foboxy/Standard/ Frame A253
Redirect Chain

https://t.adcell.com/p/image?promoId=340834&slotId=105746
https://nextlevel-f353.kxcdn.com/foboxy/Standard/Banner_foboxy_static_300x250.jpg

48 KB
48 KB

150ms
34ms

Image
image/jpeg

2a0b:4d07:2::3
PROINITY PROINITY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://nextlevel-f353.kxcdn.com/foboxy/Standard/Banner_foboxy_static_300x250.jpg
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Server: 2a0b:4d07:2::3 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software: keycdn /
Resource Hash: 008382d255b4c06cdae8f7307e154c31cfeb9bfa0824951c80088e07ddef4cb9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://asrv205.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:52 GMT
last-modified: Tue, 25 Apr 2023 11:08:57 GMT
server: keycdn
x-edge-location: usmi
etag: "be74-5fa2726500440"
x-cache: HIT
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
link: <https://media.imocash.com/foboxy/Standard/Banner_foboxy_static_300x250.jpg>; rel="canonical"
content-length: 48756
expires: Sun, 28 Jan 2024 22:05:52 GMT

Redirect headers

date: Sun, 28 Jan 2024 21:05:52 GMT
strict-transport-security: max-age=15768000
server: myracloud
content-type: text/html
location: https://nextlevel-f353.kxcdn.com/foboxy/Standard/Banner_foboxy_static_300x250.jpg
cache-control: max-age=0
content-length: 0
expires: Sun, 28 Jan 2024 21:05:52 GMT

GET
H2

200

/ Show response
www.foboxy.de/ Frame 0719
Redirect Chain

https://t.adcell.com/p/view?promoId=360463&slotId=105746&pv=1&htlp=1
https://nextleveldefend.com/click?CID=65__nxt__BID=0__nxt__SRC=584__nxt__SUB=SUBID__nxt__CLK=CLICKID__nxt__URL=https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=ban...
https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

108 KB
21 KB

803ms
524ms

Document
text/html

2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dd8983616e8614c60e0048433e700381a1e0eaa8ff158cae1b49e9ca2f39124b

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 84cc323498fd4bff-MIA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:53 GMT
last-modified: Mon, 22 Jan 2024 13:30:13 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=59rixb8MsTeuo%2FYaOS38e33vjMcWYTtUyOJBDJ6b8ptTczH6XfaKrHv6%2FnvdSiWZyTcDOh9FKqjXXlbXduiOP3u5DYWywAT6UrHvWBT%2BDVFTA%2FEko6JlcMHBWZX%2Fb4iDbrlOVj01YwKhJX4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding,Origin

Redirect headers

content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:52 GMT
location: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
server: nginx/1.18.0 (Ubuntu)

GET
H/1.1 200
OK eyJjYW1wYWlnbl9pZCI6MTcsImNyZWF0aXZlX2lkIjoyOCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwN... Show response
fwdtrk.com/track/ Frame 916B 1 KB
2 KB 549ms
162ms Document
text/html 176.9.183.55
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTcsImNyZWF0aXZlX2lkIjoyOCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ3NTk1MX0%3D
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 176.9.183.55 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.55.183.9.176.clients.your-server.de
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed

Request headers

Referer: https://asrv205.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-cache, private
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Jan 2024 21:05:51 GMT
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 992C 460 KB
113 KB 638ms
618ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4220122264332463&output=html&adk=1812271804&adf=3025194257&lmt=1706475951&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x675_l%7C308x675_r&format=0x0&url=https%3A%2F%2Fcampagio.fr.gd%2F&host=ca-host-pub-1483906849246906&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706475951232&bpp=9&bdt=362&idt=479&shv=r20240122&mjsv=m202401230101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7754919421281&frm=20&pv=2&ga_vid=1117577882.1706475952&ga_sid=1706475952&ga_hid=1549556944&ga_fc=0&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31080591%2C42531705%2C95320894%2C95321626%2C95322163%2C95323006&oid=2&pvsid=4230589919140647&tmod=1070898589&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=500

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

265f3b749343ddc678cc652d18d39f3cfb059eb7fa8bbf591d5186ecc6d2bb6b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campagio.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 115560
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 21:05:52 GMT
expires: Sun, 28 Jan 2024 21:05:52 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 180ms
180ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=A&id=selfpromotionOverlay&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campagio.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:51 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET track
fwd.fwdtrk.com/ Frame 916B 0
0

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame AC80 403 B
735 B 604ms
168ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: fwdtrk.com
URL: https://fwdtrk.com/track/eyJjYW1wYWlnbl9pZCI6MTcsImNyZWF0aXZlX2lkIjoyOCwicHVibGlzaGVyX2lkIjo0LCJ6b25lX2lkIjo2LCJmcmFtZV90eXBlIjoiRnJhbWVzIiwiZnJhbWVfZ3RtZG9tYWluIjoiZndkLmZ3ZHRyay5jb20iLCJmcmFtZV9jYW1wYWlnbmlkIjoiNjBjOTEwNmEtZGQ3Yi00ZjNiLTk3ODktNDQxNTIzZGQzYzVlIiwiZnJhbWVfdGFyZ2V0IjoiOEZZIiwiZnJhbWVfdGFyZ2V0X2lkIjoxLCJmcmFtZV9hZGRjb3VudHJ5IjowLCJjb3VudHJ5IjoiVVMiLCJ0cyI6MTcwNjQ3NTk1MX0%3D
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 88a36aaf7346a67a24484a0dc0b3305b88031e82515b1c9d0f79fc71194ada3d

Request headers

Referer: https://fwdtrk.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Jan 2024 21:05:52 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H/1.1 200
OK i Show response
visifeed.org/ Frame AC80 408 B
736 B 155ms
155ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89ec0&ci=yCbt2Uv%3C&its=9F%5Bt%2ALp5e%3CbB%7DQD%3BukPWbWY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=8FY&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: 8c10766a91925657ebcdf5f19eeaa3ff697cc22ccbfbb52b42f6c493ece87690

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Jan 2024 21:05:52 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/ 165 KB
56 KB 132ms
129ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00f1cb5ed71f5ce99826748a3a2224e0fc78b53f039eb23d85713b73c978b723

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campagio.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:52 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56990
x-xss-protection: 0
server: cafe
etag: 1017193734138914924
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:05:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 130ms
129ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31080591%2C42531705%2C95320894%2C95321626%2C95322163%2C95323006&hl=fr&pvc=4230589919140647

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://campagio.fr.gd/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:52 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK d Show response
visifeed.org/ Frame EDF7 347 B
671 B 171ms
171ms Document
text/html 3.75.56.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&ci=yCbt2Uv%3C&its=9F%5Bt%2ALp5e%3CbB%7DQD%3BukPWbWY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Requested by: Host: visifeed.org
URL: https://visifeed.org/i?n=1&t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89ec0&ci=yCbt2Uv%3C&its=9F%5Bt%2ALp5e%3CbB%7DQD%3BukPWbWY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 3.75.56.58 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-75-56-58.eu-central-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / PHP/7.4.25
Resource Hash: a590dacc7e008407d8763f8397247e8283fec12740446c9a502329569a29ad92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, max-age=0 post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Sun, 28 Jan 2024 21:05:53 GMT
Pragma: no-cache
Referrer-Policy: no-referrer
Server: nginx/1.18.0 (Ubuntu)
Transfer-Encoding: chunked
X-Powered-By: PHP/7.4.25

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame D882 9 KB
4 KB 63ms
63ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campagio.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 00:31:28 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 00:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame D445 9 KB
4 KB 64ms
63ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campagio.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 00:31:28 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 00:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 6B5D 9 KB
4 KB 65ms
64ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401230101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://campagio.fr.gd/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

age: 74064
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 00:31:28 GMT
etag: 3890843268177463596
expires: Sun, 11 Feb 2024 00:31:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame D7B7 624 B
246 B 93ms
92ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNXHr0ASREDCJZUJMiC2rbGcmQRePBM_RPHCV3HwBwePArU8eOSRNKCI0aoK3Ms-CuRjSymajG6T9pRrozSMKHkShwwXsQ

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 21:05:53 GMT
expires: Sun, 28 Jan 2024 21:05:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 4280 23 KB
9 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:14:25 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame 4280 8 KB
3 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:06:51 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 4280 41 KB
14 KB 355ms
63ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 18:14:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4280 3 KB
1 KB 460ms
169ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 23:54:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 4280 20 KB
9 KB 431ms
140ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 23:54:38 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4280 205 KB
65 KB 386ms
95ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:05:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4280 42 B
63 B 127ms
126ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DyO4k-KP3efRF0wlV0926fC9wpWFWIy5F5DeHjcIWFv5emCxYK078aod4oW7cplKPsUPU27CHS5tOmomBomubmILHLseIeLCEDYXUxjSeVwDDRP88

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 11447508629039149190
s0.2mdn.net/simgad/ Frame 4280 19 KB
20 KB 356ms
66ms Image
image/png 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11447508629039149190

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 05:55:37 GMT
date: Fri, 26 Jan 2024 05:55:37 GMT
x-content-type-options: nosniff
age: 227416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19711
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6D8A 624 B
242 B 94ms
91ms Document
text/html 2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNUGbEpKBQzpCNuMn32sfJS-gFzL1ZlCvj08GUb1K4ggCXiqGRgbRE8WiRX3BrXsjFWXa4Z9r7hSr_ItetmDnBSYzWC_TA

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 21:05:53 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 11447508629039149190
s0.2mdn.net/simgad/ Frame B372 19 KB
19 KB 331ms
88ms Image
image/png 2607:f8b0:4006:822::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/11447508629039149190

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2006 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 05:55:37 GMT
date: Fri, 26 Jan 2024 05:55:37 GMT
x-content-type-options: nosniff
age: 227416
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19711
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 20:50:03 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
allow-fenced-frame-automatic-beacons: true

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame B372 23 KB
9 KB 65ms
65ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:14:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53488
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:14:25 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/ Frame B372 8 KB
3 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240122/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:06:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 53942
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3206
x-xss-protection: 0
server: cafe
etag: 12640889860211258669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 06:06:51 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame B372 41 KB
14 KB 315ms
77ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 18:14:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 269493
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 24 Jan 2025 18:14:20 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B372 3 KB
1 KB 420ms
183ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 23:54:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame B372 20 KB
8 KB 380ms
143ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 23:54:38 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame B372 205 KB
65 KB 448ms
212ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:05:53 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B372 42 B
63 B 126ms
125ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ACwUJTwsCpHh6GNMWKLWuUSPsIPWKnwaT1qR2i3gl0scTAdoJ9uTpqe_NvRiGkagZ2jOd7ZXLSAYMqz8exAuOMTm3RQBcuYRKWC6FpV4aqUEbPppE

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6B5D 14 KB
2 KB 299ms
79ms Stylesheet
text/css 2607:f8b0:4006:823::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::200a Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 28 Jan 2024 21:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 19:28:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 28 Jan 2024 21:05:53 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6B5D 2 KB
903 B 395ms
184ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 00:00:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75902
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 11 Feb 2024 00:00:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/ Frame 6B5D 23 KB
9 KB 379ms
169ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 16165788300067284045
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 23:54:38 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6B5D 3 KB
1 KB 389ms
181ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 23:54:38 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 6B5D 20 KB
8 KB 363ms
155ms Script
text/javascript 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sat, 27 Jan 2024 23:54:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 76275
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 23:54:38 GMT

GET
H2 200 nessie_icon_tiamat_white.png
tpc.googlesyndication.com/pagead/images/ Frame 6B5D 225 B
355 B 373ms
165ms Image
image/png 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/nessie_icon_tiamat_white.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 06:11:32 GMT
x-content-type-options: nosniff
server: cafe
age: 53661
etag: 14085932017949564970
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 225
x-xss-protection: 0
expires: Mon, 29 Jan 2024 06:11:32 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6B5D 205 KB
65 KB 459ms
252ms Script
text/javascript 2607:f8b0:4006:824::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:824::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 28 Jan 2024 21:05:53 GMT

GET
H2 200 5ff8bb2821e31fbf08fa14f5007a6efe.js Show response
www.gstatic.com/mysidia/ Frame 6B5D 37 KB
16 KB 269ms
62ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5ff8bb2821e31fbf08fa14f5007a6efe.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226534
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15476
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 22:40:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 25 Apr 2024 06:10:19 GMT

GET
H2 200 7167769925268475647
tpc.googlesyndication.com/simgad/ Frame 6B5D 2 KB
3 KB 366ms
162ms Image
image/jpeg 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7167769925268475647?w=100&h=100&tw=1&q=75

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ba4031306fea150ce0863608c2185c66d2b464eba049fbb198a2fb2b46354af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: Sat, 25 Jan 2025 06:05:08 GMT
date: Fri, 26 Jan 2024 06:05:08 GMT
x-content-type-options: nosniff
age: 226845
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2370
x-xss-protection: 0
last-modified: Mon, 08 Mar 2021 17:01:18 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
DATA 200
OK truncated
/ Frame 6B5D 195 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 6B5D 336 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 redirect Show response
api.yieldads.net/ Frame EDF7 2 KB
2 KB 622ms
152ms Document
text/html 52.57.118.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Requested by: Host: visifeed.org
URL: https://visifeed.org/d?t=101&ts=e_60c9106a-dd7b-4f3b-9789-441523dd3c5e&l=k%7B&phash=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&ci=yCbt2Uv%3C&its=9F%5Bt%2ALp5e%3CbB%7DQD%3BukPWbWY&an=l0%3FGo%2CBt&ve=8DY&ppos=ww2G&wm=%7Eu0Zq%23Sv6p
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.118.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-118-173.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/8.2.15
Resource Hash: 05f7e7fb3a6865d9cf13d50556c53cbcea309c1a2f0704b0a7937227e4c63d0b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:53 GMT
server: nginx
x-powered-by: PHP/8.2.15

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D7B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1

43 B
763 B

79ms
78ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNXHr0ASREDCJZUJMiC2rbGcmQRePBM_RPHCV3HwBwePArU8eOSRNKCI0aoK3Ms-CuRjSymajG6T9pRrozSMKHkShwwXsQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hE9n28AKDz71wyNkapc3lIjLJvxusu4s0JQrOj0UDeKuZQCUiBwxtFLghm8o1EhK5z%2BpYiDGHa4lbIegTaOstaZBGlNh2KnMSTK27Hj0eDnUqEFcv1OBCGAsFGlJVS2OAQjhOF7Ks0FtaQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84cc32365e0d0329-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame D7B7
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbbBsQnGEJJW5dRfPft87wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1

43 B
735 B

74ms
74ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNXHr0ASREDCJZUJMiC2rbGcmQRePBM_RPHCV3HwBwePArU8eOSRNKCI0aoK3Ms-CuRjSymajG6T9pRrozSMKHkShwwXsQ
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VXWgrgNS%2B0%2BKU18bAfnWhwldDcADf2exQL%2B%2BEWt0pNJGObq4C9zRQc2LZnNnvVEXuyAIjussHh8lMZukM8HDvQ73tQ5DRNnYLn2UgPaJPdmRkqD3JUUpd%2Fa2eQLhs0TG2EUxy1JTU3ukMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84cc3236eed00329-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame D7B7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1

43 B
1 KB

87ms
86ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNXHr0ASREDCJZUJMiC2rbGcmQRePBM_RPHCV3HwBwePArU8eOSRNKCI0aoK3Ms-CuRjSymajG6T9pRrozSMKHkShwwXsQ

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
an-x-request-uuid: b2309854-5dee-4bdd-a3c9-e6b2def6ddc3
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame D7B7
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D

170 B
232 B

84ms
83ms

Image
image/png

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D

Requested by

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
an-x-request-uuid: 6a6b40e5-8b3f-4f04-aa84-034922853422
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D
x-proxy-origin: 38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6D8A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1

43 B
736 B

86ms
85ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNUGbEpKBQzpCNuMn32sfJS-gFzL1ZlCvj08GUb1K4ggCXiqGRgbRE8WiRX3BrXsjFWXa4Z9r7hSr_ItetmDnBSYzWC_TA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ZJE1nWvXXtg7IZwX0ETN6wHyCUhSs5YA%2FQRjADWrePwJU8YKQ0x6%2BB3eJuXpSnCc14orbD1jfR4xmvBred6KKpD9ihstiBHIMwLjlL%2BwJCJjQCfcDkJkdWWQzt%2BE68pUp6h%2FrEWwwI6gA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84cc32365e0c0329-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 6D8A
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZbbBseYv.OEtLyS3hZdDTgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1&google_hm=2

43 B
733 B

80ms
80ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNUGbEpKBQzpCNuMn32sfJS-gFzL1ZlCvj08GUb1K4ggCXiqGRgbRE8WiRX3BrXsjFWXa4Z9r7hSr_ItetmDnBSYzWC_TA
Protocol: H3
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FsZakZYUXIW4Zlfk%2FolGfZYgW5401I1X%2FNonqsD7KH27C3H29jmjbuBF%2B3hSStKcCiV3aleA035IZdt5w9aMxKVGjsiXUVne5PfAI3Y2yJ2G99gO3y1tUgRhkm%2F7icA03A1VExVnLDLb%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 84cc3236eecd0329-MIA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEFR-q4A1kLee0w28Ppx8Cso&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame 6D8A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1

43 B
1 KB

70ms
68ms

Image
image/gif

68.67.179.166
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CMGuFBCz0J0CGL74s-cBMAE&v=APEucNUGbEpKBQzpCNuMn32sfJS-gFzL1ZlCvj08GUb1K4ggCXiqGRgbRE8WiRX3BrXsjFWXa4Z9r7hSr_ItetmDnBSYzWC_TA

Protocol

Server

68.67.179.166 North Bergen, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
an-x-request-uuid: 474e96be-1c74-4b63-8278-c5d875fe254a
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEObA6Cn_u_pCg0QDhkt79kU&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 6D8A
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D

170 B
243 B

84ms
82ms

Image
image/png

142.251.40.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D

Requested by

Protocol

Server

142.251.40.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:53 GMT
an-x-request-uuid: 67c2f591-e34b-4c12-bfc5-12e9f3214e5d
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NDU2NzY1NDU4OTEwMTQ1MjYyNg%3D%3D
x-proxy-origin: 38.132.118.76; 38.132.118.76; 575.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 4589 38 KB
13 KB 91ms
90ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 227550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 05:53:23 GMT
expires: Sat, 25 Jan 2025 05:53:23 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame 37C5 38 KB
13 KB 67ms
63ms Document
text/html 2607:f8b0:4006:81c::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81c::2001 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 227550
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 05:53:23 GMT
expires: Sat, 25 Jan 2025 05:53:23 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 6B5D 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7fd73d3801e84afe66c3ff844bc391d49738aeec2cbde21500b41bff3fc0dd9b

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 4589 39 KB
15 KB 64ms
63ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:10:35 GMT

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 37C5 39 KB
15 KB 63ms
63ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 06:10:35 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 6B5D
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CGb4mr8G2ZdyWNcrRoPMP6Z-t4ArH1KbAddz_qqCxEbGM-qDnCBABINLWgaABYMmGgIDco8QQoAGOw5zWA8gBCagDAcgDywSqBN8BT9CIQEVbVthexoIjUPJzA152LYOW1imFfV24wvcZS69...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x310c2b5fa3bacf160000000000000000%22,%222%22:%220xad2c048510dead570000000000000000%22,%223%22:%220xe89ac9...

0
0

262ms
126ms

Fetch
text/css

142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22aggregation_keys%22:{%221%22:%220x310c2b5fa3bacf160000000000000000%22,%222%22:%220xad2c048510dead570000000000000000%22,%223%22:%220xe89ac9b66a3067af0000000000000000%22,%224%22:%220xcd97bec26bd7a6ce0000000000000000%22,%225%22:%220x6eea7cb410f803480000000000000000%22},%22debug_key%22:%229093257444324869450%22,%22debug_reporting%22:true,%22destination%22:%22https://cvs.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22986128782%22],%2222%22:[%22true%22],%224%22:[%2201-28%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2210672464807396473169%22}&andc=true

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"aggregation_keys":{"1":"0x310c2b5fa3bacf160000000000000000","2":"0xad2c048510dead570000000000000000","3":"0xe89ac9b66a3067af0000000000000000","4":"0xcd97bec26bd7a6ce0000000000000000","5":"0x6eea7cb410f803480000000000000000"},"debug_key":"9093257444324869450","debug_reporting":true,"destination":"https://cvs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["986128782"],"22":["true"],"4":["01-28"],"6":["true"]},"priority":"500","source_event_id":"10672464807396473169"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 28 Jan 2024 21:05:54 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 28 Jan 2024 21:05:53 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"aggregation_keys":{"1":"0x310c2b5fa3bacf160000000000000000","2":"0xad2c048510dead570000000000000000","3":"0xe89ac9b66a3067af0000000000000000","4":"0xcd97bec26bd7a6ce0000000000000000","5":"0x6eea7cb410f803480000000000000000"},"debug_key":"9093257444324869450","debug_reporting":true,"destination":"https://cvs.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["986128782"],"22":["true"],"4":["01-28"],"6":["true"]},"priority":"500","source_event_id":"10672464807396473169"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 6B5D 33 KB
34 KB 208ms
63ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:53:12 GMT
x-content-type-options: nosniff
age: 227561
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:53:12 GMT

GET
H3 200 i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js Show response
pagead2.googlesyndication.com/bg/ Frame 9D40 51 KB
19 KB 67ms
67ms Script
text/javascript 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/i_I7gtk5u389ZGUJiYlLngBTR4no54KgcGkAXYvtCUw.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:53:30 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19704
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 05:53:30 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 411ms
126ms Preflight
text/html 142.251.35.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.35.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s78-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:54 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B372 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7cf5c0ec05458fc0c9198e70a1e91347d0682105531980f239eec29a42ead23

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 4280 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7c508fc8775d1df7eaef4660ffccb526ee61052c263ecc7cb08049b4a92f219

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame B372 0
0 356ms
115ms Fetch
image/gif 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjstPRHcO1H_-_V8O850QYwtmOiz5M1oGtOEkZwuZT5JEyw7B9wB048a3R5aI9Q23Uw85ZRRxbCEvf6dxEkOk4FjywJKQf4V0jLq3KVOfbxZxBt70gChB0utFVL_O4pYwtWBv9HIbJp8l8jAA2oPck8qxoUGrJtYC2oy1T4Oe-yJYUYHCRdcdSCmwkwxntnR_Vva4pPOrZZvHBAKfrTiZiRwpBwr1nwtKlAL6UTUzRwnz8bdqi5UwMBYdQwnjgS_No098WYHqYSzoXDx5-DO48aWdAFP0pp1uMGz1-POgWyjx5N__EOpu7kMBVdyS0kSRlAjelgk6e2fPn9L7bS5iBm4QQa6azgS4Uq9JXPr_RHh7MyMoYDIszHlhJasVugaP6FfgQTPqfSGfnnuGDdgKox9tx9SM0110C6UI-9mEmJ6642MLRaXB1869t5VGBQxJWQj_E4d8pYLuXlO4T22mZKsoZ5Gv4qHhdqIMSuiFtz7sGFWop3EdrSUGyWZ5TNJ6mglDEDYNlZKcICqrSwtZGdyNEmkJcQj3VIPbt7NgTE-cvD6scVphJmsLX5lHGdXfCqboH-5E4tr0rXMwNGsn6vEPBJS1DcA9kGPFoB745_7J7YYNoHxImCxj13kz_T95vT0WzATihHivo5XO-KKFUZ0Uap4wnBW6-Uk7dKAhyEC-lUk7Mh1mZVbfnEeFKvVLePO3uH2MiePYsAC7XLKftk5jMUDN1EQ-wwvzFvLcrIjk4BlZQH2ZI5DmZvo0cOdo05rRR2IjEqRnu3JwHk4YYkT5FO3vwL_VYX_db3GBGhaklJ3_YQMNfaykivwD6eP80wSatrSbGOH9YO3qFoCs64TNCu5jCcLyBFNVtIDXGY9e7HytZNLrgDGlQs4Yc00w123fdLhBJLe6N7zvgUIxrk8Mvngm1VvCq-XTxAIpE3kLKdrtc9qmy4yTEdxsLPPwr6Fy8aGZwcK9HrfwKFVQAqCGzPlkSSpfVdOBMGSNsiWou7ckFXYOD9_RhnhYW46fu-nUjs9fERtEymCxk3xsvbOuuSIMP48JGGsn7Co8yifxaRkWIW0OM2fdaxAtVB46ty_euLKA72f2urORjqmRUdmOgZMMtGsVtpJfHCEYacyuhepeZnsaGa7qVkWpUZzypnXZUwtsAB8OB4UUvzkDbFeHJNy5Q3PjJeV6HFjYsp-AORt4kPx6xj_1Aym11Np8JtAuIhAfWQUvT5AE58gTF3DjZCLZNE43jTSMNfhq_dP1m9rWH-ego4JVmlJh5ZkmbHxl4xvjTiKDVHBoUG7UklMgl-lBixtA4TH_leupBK0JG-8vf9yf&sai=AMfl-YSotgZ2SwWNKe_qDSSOkS68wB4j79o6B4SMaB1uRo5TNgStA5Vo_wcQTs_Vs6dB4_yb_VN8cqWKAEevaoi4FDIBCYbrlwwSQo6LrC93L2Cf1wglUsgj9Meom8yUSng8thaFaP5_EeyMp5u6n_YoAj83JjguUlj4PivuM1lSdCc0-cKKOglbq69U-ncCA37zcb1u6K6BFZSuIV2ZgMzwztzT3CivX2K-T9LUaupVVoduOeNW3NAFt01cKZ-Sdk5d2INNpbQ-A1CBCxLxpx73MSNAMrE9zG2MQs5YSVmGj0ZmW8wJ9IewsoCN45-T5MXic3lOv6U9stmi-Yj2vwHT4BlLOlGbyM1ZRZgtT4cxbGSz4_lUHrYODxhYyK_Men-p4rYwJC6DAS8IkYZYrzWkPudSJ4iEY7KUyEZDpjGJkNkHAJP-Tec_boEx1Q7hq8bcUeOl9mvcj3S0ajIaRiBQKo9xw_wzhaVRtGWRtADKM_NYbPzS1PIgLhvDSNoy2WgSj3CShg&sig=Cg0ArKJSzG9OA_RkdrMhEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=780&cbvp=2&dett=2&cstd=0&cisv=r20240122.47084&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 28 Jan 2024 21:05:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 beacon
tag.researchnow.com/t/ Frame B372 42 B
435 B 304ms
64ms Image
image/gif 18.164.124.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288230&adn=3&ca=29702965&si=3554638&pl=365167024&cr=191021523&did=ADID&ord=912179250&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: campagio.fr.gd
URL: https://campagio.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-5.jfk50.r.cloudfront.net
Software: Apache/2.4.57 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 20:30:45 GMT
via: 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server: Apache/2.4.57 ()
x-amz-cf-pop: JFK50-P7
age: 2109
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: _XBFj1qmKg-JuPBQHdz5cWUjAtOixeCiw5mP684pmkEsV6C991wldg==
expires: 0

GET
H2 200 hfklw.css
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/98y17e8d/ Frame 0719 131 KB
19 KB 47ms
43ms Stylesheet
text/css 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/98y17e8d/hfklw.css
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d944234187dbf2eb669ba1bb9d0a7934ffe96ce9deceb7d464d6b400f6a84b5

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hEOUxoh47g%2B3dPH1DGCtHwSQQdDCxjrG6kCl2lilJgYqffv4haQ33VCrGMMpBXq3s2zmPB4PszjioizI58okgFuKPxlEysSGnZ6y9yBsGR8FQrCHbWgd1vwNJvr1hfXXNRuo8VJjRoOPnWY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 84cc32389f604bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.css
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/2e4ghfeu/ Frame 0719 909 KB
108 KB 86ms
81ms Stylesheet
text/css 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/2e4ghfeu/hfklw.css
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ac907f9f8df49b4b3239122d1535bee7406bf4f6b0d8779547bc339f0f126882

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N24rC581z5%2BOiUKEp%2BuBiiAdt%2FoT5MWzjL48KdSO9vhU6Tnt%2BrtSOAVWlZ%2Fc65xv%2Bsj1hxU8RZESSi123WUWgat3oH%2B69%2BTKlsXnaRbTv3z3pKfb1k4IUY2KM6%2BqlTwy9gF67PLuhYKmRS0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 84cc32389f614bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.css
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/k1qru7nn/ Frame 0719 298 KB
34 KB 82ms
78ms Stylesheet
text/css 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/k1qru7nn/hfklw.css
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bd68931a535bd65365e2a09c0fd2e089c13125e88e390cec0c24dd5d64c290b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IFhyEbEvonLHxpsQuIwrvzVZ%2FbysLloxqMpmZcN5NqOJ9IAYFA8k6ilUNQcSS%2B9%2FvgRSeyPPShDsg0Pv1vhl%2FZcRoc9WD4b2QEQnQ4hHtwHLntx%2Bpq2fmQpOZtiwtcmGI3nlwZPWAi3E7T0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 84cc32389f634bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.css
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/fdy8l0wh/ Frame 0719 37 KB
8 KB 49ms
46ms Stylesheet
text/css 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/fdy8l0wh/hfklw.css
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4dbc0add19325d82bfd675bc1ed5067997396d1b74e9645822fce0179bf48ce4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g54kHNvb85xkCXdMZzLtHo22heVXvWiJfrc47nwNUy0em8hrn5U5pCsCBl3AQySUYorbnTItzDqD9oFGef92n2dxn0SW%2BW4bG3PbuHoSLNQYT5V9v4po1JXbieWIluzT%2FcfYEe8XgSwhphc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 84cc32389f644bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.js Show response
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/7zkqng7l/ Frame 0719 99 KB
35 KB 51ms
47ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/7zkqng7l/hfklw.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff25123cd071aaa610c0dae7ee31a45eb1fd7bef8959e9e1692f3d8b65b4670b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8r84BRS%2BT36l0VxVjkBJab1Zu9cvbuVOkv13i1cCo%2BQcFq2RWMEoBy1ZOvFwQZgc%2BB66SnyWGNkAdNMTs9dIvCISCwspJl7OJgBdq1NS6QZlfjw8W3MlSwTvUhsg9cSg8IemhugCZQMyh%2Bc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc32389f664bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.js Show response
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/f3gotsiy/ Frame 0719 13 KB
5 KB 48ms
45ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/f3gotsiy/hfklw.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6cf9cccbbcf7d0d6f6ebd3727a284870a985bdce7f5216223bf3f33df0bc894b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nqHh1iOlsKva98%2B1hq3HCCKRRi9DgI0k3ti0zzaVL8Bx7ryFPceBor6J3e4w7FBwHPcd%2Bx3ctR5zRuDFJ6%2B1HQWAOX7E7M6VXRIusFyPgDqAjSOpnW0x1Z9cF5QHRaaYbzM%2Fusy4jKVeS%2Fc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc32389f684bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.js Show response
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/100ryb6h/ Frame 0719 3 KB
1 KB 49ms
47ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/100ryb6h/hfklw.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ea44a4f5cdb32fed99bb5335de8fa3b24034f581a8209d93428cd0b88bf47bd4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FaNyoGDLPHNcshZmmrnZ1Fj9WjeP0vQGE4Wy6CqJBaGjY9hKzSlyHdEcREVaA%2BR4W2Ny40%2BWJ5iGXAk%2Bw1LfwC8FxZeSvb3MWn0Cg7ld9FAdfbp%2BY7a7Ed3s%2Fah94nHUVXwvgWSOaX5aj98%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc32389f694bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.js Show response
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/eeukl87p/ Frame 0719 119 KB
26 KB 83ms
80ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/eeukl87p/hfklw.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffe930f9758afceef7661d372e0432d268cb7dc0b366b375aeae440a5175048e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T21nRwgbg2XoM0eOnQ8FxUARKLfbcNBf%2FanmjRu7qixlLy%2BSDR0orWYu9xfeXAf%2B%2BRSPlpZ5fwFhAjdSDrG44t8nqvw%2FVNFo%2FngXwZ9m0iMtsqSCR4e4X1ImhQ5MLasFNZqpHbBJuv1nUyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc32389f6a4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 hfklw.js Show response
www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/eh2y3qwz/ Frame 0719 2 KB
1 KB 46ms
44ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/eh2y3qwz/hfklw.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0112554fb03e7988395617d40bb6771437b4fa8e3d7ad3b7fca1efc598704af

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jan 2024 13:26:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gnvs6w%2F2uX8VsyZhbhwjskZAEDVEwndassGqDJm38jSPkRR4OXe1K738rsR%2FXZxhoT3V0%2B7T7zIUXhj9hM%2Fh78%2B45B0VkxEeweaI7bEKwzq5W7uaYUo33P6DvDIASe9sig%2BqM8opnK9TRXI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc32389f6d4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 loader.js Show response
app.usercentrics.eu/browser-ui/latest/ Frame 0719 31 KB
8 KB 188ms
36ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/latest/loader.js

Requested by

Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

c56b931b013622874bcdbd130958a92afae7fd7f62780a7efb7c55ba1bfe80e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:44:27 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1287
x-guploader-uploadid: ABPtcPq5kyFO8cPusbNxE7_W3B_q8htxRCWirNUdlrpZIKKFwYDnGdLxn5LGq3DhPC7rBE-w3Bzzq3hQRA
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8102
last-modified: Thu, 11 Jan 2024 12:40:17 GMT
server: UploadServer
etag: "05eca58cba059996c229e2172431b9ec"
x-goog-generation: 1704976817820544
x-goog-hash: crc32c=MGZXgQ==, md5=BeyljLoFmZbCKeIXJDG57A==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
cache-control: public, max-age=3600, no-transform
x-goog-stored-content-length: 8102
accept-ranges: bytes
content-type: text/javascript
expires: Sun, 28 Jan 2024 21:44:27 GMT

GET
H2 200 uc-block.bundle.js Show response
privacy-proxy.usercentrics.eu/latest/ Frame 0719 102 KB
30 KB 186ms
35ms Script
application/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js

Requested by

Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ff38d8cc5d4386b873613a02d276f54ccdb620fae3f522ed9bb541d3e3f2548d

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:09 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
x-goog-meta-version: 3.3.5
age: 45
x-guploader-uploadid: ABPtcPrCn5HkHlCSeFAdLg8jVp9MdxW_d-BySmLEUjEaZurULKZDuwgTLA646ZU1b9m85foUVWE
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29927
last-modified: Thu, 25 Jan 2024 07:54:38 GMT
server: UploadServer
etag: "345669ec82bbb28e65a0e4dc1b5646b5"
vary: Accept-Encoding
x-goog-generation: 1706169278764075
x-goog-hash: crc32c=z0j8Hg==, md5=NFZp7IK7so5loOTcG1ZGtQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Transfer-Encoding
cache-control: public, max-age=3600
x-goog-stored-content-length: 29927
accept-ranges: bytes
content-type: application/javascript
expires: Sun, 28 Jan 2024 22:05:09 GMT

GET
H2 200 foboxy-logo.svg
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 21 KB
5 KB 82ms
81ms Image
image/svg+xml 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/foboxy-logo.svg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90afb6d321282a04290b00562b03ff854b2b01263feb16b8f1999f1ee723c741

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 542745
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i33w5lk%2FQ0e3AVxH9RLwEaYOdS1LVUWolojTKuVUf1TFolxBCd2L9LX0KkZ3sH0FQOQ48FQWHxkYtzJbpuVfGQDfeUaTBZJDlWK3%2BCjYVIZbxWSo7zBRwFaxrFeiWmuKcL6aO7AIiKBgd44%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/svg+xml
cache-control: max-age=16070400
cf-ray: 84cc32389f6f4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 foboxy-fotobox.jpg
www.foboxy.de/wp-content/uploads/2021/02/ Frame 0719 103 KB
103 KB 76ms
32ms Image
image/jpeg 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/02/foboxy-fotobox.jpg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4fda0729c5af106a739a6dd7bcbcb7999816030af99dc82a8c63ddc4044875d2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 105280
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wQoAZf0meG7zZfQt1wsR6mD%2B9ptMWQTHd2nVZl8JAbslw5eb9ugaiuXmnS95fdKMZW%2BE83EAXqOd723V4NCBSgUGZto1ASEVJuta2W5%2FWGOrk1vVgX2s7r9aUkvU%2FiU465aHCBdFPbC2jJM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a454bff-MIA
expires: max-age=A10368000, public

GET
H2 200 ausloeser.png
www.foboxy.de/wp-content/uploads/2021/02/ Frame 0719 82 KB
82 KB 70ms
27ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/02/ausloeser.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5239edec28e81019987392b6e88c9a9f5f661ae1470a5a0135323a9579af3cd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=94695, status=vary_header_present
content-length: 83688
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dajLJLVRIKQryt%2Bp%2FfMMpaazjstT6JTDEqn%2FmYqR4xh2r50f3uNRzLKGV%2BCyyGWslrsrQb17mL7NRELFvYuds3mEs2qKEjqiDIUhqzDm7b6saQbGlZ09urHHZRJAUfQhZF3foAU3Qa8uMB8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a464bff-MIA
expires: max-age=A10368000, public

GET
H2 200 kinderleichte-bedienung.png
www.foboxy.de/wp-content/uploads/2021/02/ Frame 0719 2 KB
3 KB 78ms
35ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/02/kinderleichte-bedienung.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f0f32ed2b0e4eabc75161737794c58a5642ed8f3c7c54aa6a65232e4f95bf46e

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 2511
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CEs2ktgM8iJuSV7yG0dAlj7OFQQG4sleUBPFBJ3Q0qb3K%2BuDscsLrWIf24LRQpcgKUefjw6SJVET3TqF0HrK1W3p7lOt6HFiTRyvsHw0UqpMolGnwEz%2FeWKPaY4xjBb3F1Jem5O1jiHdEvo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a484bff-MIA
expires: max-age=A10368000, public

GET
H2 200 foboxy-live-smartphone.jpg
www.foboxy.de/wp-content/uploads/2021/08/ Frame 0719 106 KB
107 KB 79ms
37ms Image
image/jpeg 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/08/foboxy-live-smartphone.jpg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2041a20fff155b1321ba813d1f6598f7a9e512f9aa849dca3503b176379264e4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=108941, status=vary_header_present
content-length: 108894
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:19 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h%2B8HajHw2IBsybwUE2B7dV0wKBbvKUZ3Lc05wJlChVyBNbcSxjGJgoijKth6qpwu%2FWYwIl0vFH1nut0RWmj2Uuw9EETUwpH90HJTEMZ4Wh6m4ju0zAUzoSKB7isKa1%2Bw9oQ383zBmXvSGbU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a494bff-MIA
expires: max-age=A10368000, public

GET
H2 200 emotional.jpg
www.foboxy.de/wp-content/uploads/2021/02/ Frame 0719 173 KB
174 KB 80ms
39ms Image
image/jpeg 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/02/emotional.jpg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48130491a79ec2b69ab13488d5aae4b4c37df6c98a1f9f2fa87fd8c77684258f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 274060
cf-polished: status=not_needed
content-length: 177617
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=domynuVsut18uXn%2BUGiQpWBreksCLIJHggGg0%2F2RNa16meIU1jJAIrxy3SAZ7vGFNG2Pdo5wmnNKBF7aHyhrJEEkP8m5qF9kwd3KckgJ44KRkxsm4%2F6JOfsus7GE3IJcqAOUpQx%2BDsL9mXA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a4a4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 einfach.jpg
www.foboxy.de/wp-content/uploads/2021/02/ Frame 0719 86 KB
86 KB 69ms
33ms Image
image/jpeg 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/02/einfach.jpg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ad17a8cb0a40dc43f76b25ad3f7d24142b99a2cd4584c15ebda7514619b7c679

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 87929
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mMbq5PDE%2BSkiowOeftlpLwitiqth8Ac%2BGH49omPLxIbKD%2Fm0XnYFPstBqfAy1OvZSiniwxIjJDupMDMuhRyMKF9LhBpNJ9%2F4F69OPtEITpbcz4md8mRMasBsq73ZAI%2Bk1EPgF5OztHNqLHA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a4b4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 einfach-serie.jpg
www.foboxy.de/wp-content/uploads/2021/02/ Frame 0719 31 KB
31 KB 82ms
46ms Image
image/jpeg 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/02/einfach-serie.jpg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f9d74c4ceafb9af7b16d0301ee24a6bdb2835b06b3f91bb9f012f2792efddcf

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 31288
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=StgymDV5ywX7eo08vxRXIj%2BniDOzmfFUE%2FPyV079DCpszAXH2%2FHaf6fqL2MSzjMt1gwKGAtG%2FLb4HZG329uu3GwYnHKJosA1PfYhB9WL9j8ZiAiTI2IpO1RB2roAiccT2ACqcla3AiED5uI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a4d4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 verschiebegarantie.png
www.foboxy.de/wp-content/uploads/2021/03/ Frame 0719 8 KB
8 KB 113ms
112ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/03/verschiebegarantie.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 635aad20a17719612452d1a83717cb4f8b2263c6cfd873ce86fd24561de75d50

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 542742
cf-polished: origSize=19970, status=vary_header_present
content-length: 8214
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:21 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ssi6IF7MUiab7UFf8LMaFv1Hspo5jyTsZY%2FzMid4GgJ1pd488SiQnEpYVhKeFKQEzgXGJq02n0OxuXkU7x6vDfJ78ODnEhcQFww1mbSCxWgFYnNKBTOc3M4oAAw15jKZ%2BFlXfQrCeR%2BaniE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc3238cfc94bff-MIA
expires: max-age=A10368000, public

GET
H2 200 erfahrung-100k.png
www.foboxy.de/wp-content/uploads/assets/ Frame 0719 25 KB
26 KB 83ms
82ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/assets/erfahrung-100k.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d18b129ec5b1df45af518f59f2cd828af2a6726214371df7bf82bc5db16566f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 542743
cf-polished: origSize=26104, status=vary_header_present
content-length: 26068
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:29 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D06eJcJ%2B1NmhM%2BnZMQV1x2zNBYi1ocseqcFElxv0XXqDRZR7KIW%2BjhoCuzZYXK1Nss1Cyi8mDgoOxqgVwoaC9y%2FxDwOlP%2BxY5VPLzkXhvzdWbhk9khpJbn%2Fl%2F7i66DRYB0ebd8ChV8uVnv4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc3238cfcc4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 foboxy-fotobox-beispielbilder-lg.jpg
www.foboxy.de/wp-content/uploads/2021/02/ Frame 0719 40 KB
41 KB 76ms
41ms Image
image/jpeg 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/02/foboxy-fotobox-beispielbilder-lg.jpg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba6277e11aada9b7d18c376899bb100602a40fa5aee5b580afc72e2d01efc63b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 41234
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:20 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CZO%2BBQU9fge3ENJS8yTOGgX4%2Bz82DSH1cF1xWY8f%2FDKXmeOIYZScxKXwoEQ9TjL3tL2u7Tzf9aQZgE18%2FUOaPvAnjpC9%2Byi4%2F%2FyaTDcRwU1dGUi7rKpt4DVJGyRDt9X%2Bfpi67HdVfqTTCYc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a4e4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 foboxy-fotobox-beispielbilder-sm.jpg
www.foboxy.de/wp-content/uploads/2021/03/ Frame 0719 22 KB
22 KB 57ms
31ms Image
image/jpeg 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/03/foboxy-fotobox-beispielbilder-sm.jpg
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f671c5482d38386296e4b303955e549f8ffd9217038997e41e4109ce52a63317

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 22630
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:21 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ck6ydE4%2By5Y%2FrLagTTx1E2Edf6oeO2jZIwfpa93OCYkDW6tHShRtsiXqUEjTA9MMxSOChUQhv4A9iOSsmAOeC7nx%2BnSXYjMF2N4this107h47Qb8OMskkEqOtzY6WJ5T5quaM6fA%2FDgEag0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a4f4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 druckflatrate.png
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 66 KB
66 KB 62ms
36ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/druckflatrate.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e1cb85ebd9a0f820a4da2be1a964c1933d7ada017dc964078a55abff3cbeb8

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 67629
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zJ5iWJMzpVsROqBKG2zqIAI9p4TkZyyDIURdO1AF0vn01YuJwgBJR3AJmjOQ4Rpg4Z0U7pSjRwWtMLD2GCIJIWQdRyzuSHtIjWLEV5TQfRqQCARHTJS9qMpnIO4l%2FD8AlpRXZm6NLTNqjDg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a504bff-MIA
expires: max-age=A10368000, public

GET
H2 200 fotobox-absicherung-inklusive.png
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 18 KB
18 KB 63ms
38ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/fotobox-absicherung-inklusive.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c794205cfbae7ef5515edfa8f84de7308f4a133fc17805b7ad1c7b178992ea6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 18445
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=udaLa7hGitYTmYG%2F%2BQ4Sq68DmRgUcJZ34fs3Cvxw1fTm%2FoBBvIivVwe3PRs%2B%2Fz8D1fZcaCxm9DXz7zMW0%2FCPOXBpyCZHn1%2FI8j4gyH8C2S2vTtRfRvscp%2B7TFD%2B3UF%2BwHKFgPKTecEhrD48%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a514bff-MIA
expires: max-age=A10368000, public

GET
H2 200 foto-flatrate-e1643217826758.png
www.foboxy.de/wp-content/uploads/icons/ Frame 0719 10 KB
11 KB 45ms
43ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/icons/foto-flatrate-e1643217826758.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7906bae2f5af623aad5893b1da37b3d3d681a35b7dfeafb51977b0305fa9f246

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=14063, status=vary_header_present
content-length: 10456
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:06 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F0sI84UqHRV3eVi%2FBK3Z5oGGfF43OOZfsY0F1bH2bSFbdRhq%2B4yQL4LJVjSPd0jGsRqz%2F87GpC64M%2F6lySFU7K522WomDADLHX1vGN4nmj9yxokxqCPBuqxcxOoEpjzi9uiQ9EQdnXlMGzc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323958bf4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 usb-stick.png
www.foboxy.de/wp-content/uploads/icons/ Frame 0719 8 KB
9 KB 41ms
41ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/icons/usb-stick.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5310e5cb53769c1fa1ac3b24f254a733bb18f6bb6309d10e455fb2b3a2c285a0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=18984, status=vary_header_present
content-length: 8380
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:06 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BEfTJ0Fwuf36njE%2F5%2BTluEo%2FVhKPqEkAztN%2BdXOqUcGj8x3Gvivxz0sPg14T81zCD7FOPqIwF7%2F8L9ya3CCvBOQu5cfOqXJSJAxQdwYol3CHoqjPPc7mJg1UJbMQMXk7p2ftqTL%2BWXl948U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323988ee4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 drucklayout.png
www.foboxy.de/wp-content/uploads/icons/ Frame 0719 8 KB
8 KB 63ms
38ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/icons/drucklayout.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d8c6994a8fdbca1445c5004a63b7a3898856bffb818e2cf22da694dc2d90bff9

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=17367, status=vary_header_present
content-length: 7763
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:06 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t5AiK6vWy0PaIqpwwsJtOWJUUa6NOtEuMZ%2F6g0GTjYXJD3V0OK%2Bo9O9JLxjpbvAMjlTALLGKHJAMXvGRbrAd%2FSoTjq2ttVw7vCZzAd%2FkFzb%2BC84ISarJHk8g%2FLlCdlGXbV%2BNrKxCT50BO6Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a524bff-MIA
expires: max-age=A10368000, public

GET
H2 200 requisiten.png
www.foboxy.de/wp-content/uploads/icons/ Frame 0719 11 KB
11 KB 64ms
40ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/icons/requisiten.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 65beb34dea0bd33222efdb1a0511d5f2b9b9bd5fedd8cdf9a50fbac791b69982

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=28887, status=vary_header_present
content-length: 11337
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:06 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvmAbzFNIs6cY7v4BDpAsC56LNCZaYK9VDGOl%2Fggz2WuWwZB6mR5iXlMR7gUAf2kFZJlvSfEJGyKDog2pLQSiz%2BAn2SOtnATf6Rrqk5xWk7BXgQI%2Bo71NbhCP%2FmSeeBdY0Y3c%2FYBm8HmlZo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a534bff-MIA
expires: max-age=A10368000, public

GET
H2 200 versand.png
www.foboxy.de/wp-content/uploads/icons/ Frame 0719 7 KB
7 KB 65ms
41ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/icons/versand.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 50acf75b3a92779e3bb467fd45e1d2209aa0faabddb34e17e164165f5ec96cd2

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 383751
cf-polished: origSize=15972, status=vary_header_present
content-length: 6686
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:06 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DQSPpURFFidU6uIrSl%2F5rSUIoGazIqUQlCcA9%2Ff5C7WLd2Hlk6%2F%2FgZisvMpvFXYqlbronWNGNYPAHkch3HUd87nz722BY0Ax7U%2B3KkXo%2BDMiRcq8sytVMkBt5JWrKJY4CThETXyz9%2FzdbiQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a544bff-MIA
expires: max-age=A10368000, public

GET
H2 200 foboxy-live.png
www.foboxy.de/wp-content/uploads/2021/08/ Frame 0719 10 KB
10 KB 64ms
40ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/08/foboxy-live.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: be0cd70793f003af0ac0d84ae3a0ce039269e04aea3ebc2c220595a476a7aafa

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=14869, status=vary_header_present
content-length: 9879
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:19 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E8wmx4ubBHmXCOCaWMGEnVM5DBwSeT%2BxKY2B4CkKR4VVn5LbZgL3zTaSPaJ5UDd8hmsuaPG8%2BQEZESOdBqezG6ZSr2qaySlDxAqNg9LuXHM2VRzarQM7FEYGxJKvmk95v8dpf3wHvxAFsBg%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a554bff-MIA
expires: max-age=A10368000, public

GET
H2 200 foboxy-logo-white.png
www.foboxy.de/wp-content/uploads/2021/03/ Frame 0719 8 KB
8 KB 63ms
39ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2021/03/foboxy-logo-white.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7264fba26067a2ef45823f70ddbacc964be4892cd7ab49f52efdd59d2daf47c7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=7883, status=vary_header_present
content-length: 7781
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:21 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w70USrdEx7psbCUCBUj1i6zVBB0hxHm%2FxpDombVOCE8llRD1mJqVT6CNCXLcM2mxU3UIdSc8Ix8gMO%2FAulR5vbY65SVflELBwe9eoZ7cwUyw2xiBxb2UzgWZnjzwI6GIk31hnDC2lMxf8sA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a564bff-MIA
expires: max-age=A10368000, public

GET
H2 200 de.png
www.foboxy.de/wp-content/plugins/sitepress-multilingual-cms/res/flags/ Frame 0719 199 B
540 B 60ms
37ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8600d2466c423fe29e86b35c1a728b16dbff177b186632a3827858ad6c2b58d3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=250, status=vary_header_present
content-length: 199
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:35:37 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6qxDB4evIuUGYXDzsjGI1rZpcNgY908qTws1ZLqDYdKICOtVQkGjRllyFzFTAXqvDYKooh%2BVKEMkucTfpr7f6PSeY%2FMQ7PmJJTG8mGB6pYcoo3M%2FcT2JwLKCCuzmOtACbNpe79dVs9UqyU8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a5a574bff-MIA
expires: max-age=A10368000, public

GET
H2 200 at.png
www.foboxy.de/wp-content/uploads/flags/ Frame 0719 212 B
658 B 93ms
70ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/flags/at.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c3e7e87700869f6e7f00db6fb08f7c463a6181f71af23c2eb5580f3a6fa5cf1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: origSize=418, status=vary_header_present
content-length: 212
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:29 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=okpczkPhBIXfgMB67LnWXrdwM8dDhBXwg174ygX12UNJKh5PiIf7CcAEtnduTknx3v53lE3Ndf0Z93nYcchYWN5iMZdD5AYp8UvmEPtkTU5BwCkxlk0HQIPKWLWWjLRcKSP4N4JiJzLtxPY%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a8ac34bff-MIA
expires: max-age=A10368000, public

GET
H2 200 tuev-kundenzufriedenheit.png
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 44 KB
44 KB 87ms
65ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/tuev-kundenzufriedenheit.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80f7b16e3aa399b73c0a60366d5ae7ca446b327c69f64f825f3b9b9870459724

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 45231
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LMo%2B%2FC8G%2FtQT8yQiVvowJ89eW0qmb1YQL%2FMQH%2F01TQUEMcUxtMrpDZcjqYlL34GS6KHdhmWFbqhtQdkLm0MqNCinN1ahmZ9yll0dbotyYd1YI2Koc7gIzQs2QACkMUlQYCvIjEAjkmqa3GQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a8ac44bff-MIA
expires: max-age=A10368000, public

GET
H2 200 script.js Show response
www.foboxy.de/wp-content/plugins/foboxy_calendar/assets/js/ Frame 0719 2 KB
1 KB 42ms
42ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/plugins/foboxy_calendar/assets/js/script.js?ver=6.4.2
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8a9a2641f1cad72291d5e09f000a8610d877777f9eb35a3d15af918ee5887d7a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:36:03 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543728
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=llOj1WTieDgWOxJoA0haFRwnwwG%2FSUEYg%2FA5ADHFSG0crxYvYOo%2FFbimOE2YvF9NJG7l217mHX2H6QnYrOW%2FGiYkcvtXuCOeQZp61fvLFvrZ01mJeleqh0PAre%2BLlORIyEIRV4Qr1DF9o3c%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc3239a9174bff-MIA
expires: max-age=A10368000, public

GET
H2 200 plugins.min.js Show response
www.foboxy.de/wp-content/themes/uncode/library/js/ Frame 0719 777 KB
211 KB 59ms
58ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/themes/uncode/library/js/plugins.min.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e958357a69869103eeb968dee3d0965ecddf52c1fffe70332fba4a585bbecb93

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:36:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543728
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AnxE7OdLoiVlbF9fl1VU3tn%2BfvA4Q0ubOQWgJ3gD06hQc3nmnbG%2F%2BEOxCK%2BCZ2j%2B6pkE30rI6QwITXgCc2SFtalJ2sin7IxufqaNz39tytFvt15m2FKF8aKfGWmyeGg9Z%2BkoBdKztkjRuW8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc3239d9514bff-MIA
expires: max-age=A10368000, public

GET
H2 200 app.min.js Show response
www.foboxy.de/wp-content/themes/uncode/library/js/ Frame 0719 265 KB
57 KB 69ms
69ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/themes/uncode/library/js/app.min.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e94eea915588a6fab98c233eb6015e8d31633109f8a6380ea330452642f98c5c

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:36:04 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543728
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O3CGL5BmTVcCY1nR2dqufbgbwpd7nMftvKTqvfRq2gjyzZJBopNUspOXRh1PqaOJYWMvWjFI4rCC5dEIK%2FNjbtoPJKBMRTYh6nrquvySa%2Bovs9hXS8OAQDev7ga3Hsj8KhHeA5N53iz8wrY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc323a099d4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 layerslider.utils.js Show response
www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/js/ Frame 0719 120 KB
42 KB 92ms
47ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.utils.js?ver=7.7.7
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a33be881a092c901050ff9fc9d8224a0334b1224a49fb03aae64ea7a358e1e5f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:35:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543727
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omG0gcPMqd7r8QyFUXqw1VLedZWcGO0jtL4KGfcRVpc4i6xLqcN1JqYfzTCmVF6H%2BaAtExvLZUtDmTl51ugGX4tL6crRl1wF6B%2FkhmGbAGaL74rtgphJSNeXqH7VeAXHDP%2Fq7bRhXFN7%2BFU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc323a5a3e4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 layerslider.kreaturamedia.jquery.js Show response
www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/js/ Frame 0719 249 KB
59 KB 90ms
45ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.kreaturamedia.jquery.js?ver=7.7.7
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c266fb4259407127f85c7e4eff4583a15bf49ae66df6f944456aa20c0a216e2f

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:35:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543727
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SSuNmUQYsO3ok2%2BCuw%2BaFdhDFiuY%2B603GpaInyCQRxiJYnExp9e2kyvqadWEl9sTLgJjuHkq47K2D8NIibGi4VK%2F%2BXIffRVVbADg86gp70Q%2FBG%2F0uzxU4pX5dB%2BphZpdAmQmKaKUP9ldSFI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc323a5a414bff-MIA
expires: max-age=A10368000, public

GET
H2 200 layerslider.transitions.js Show response
www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/js/ Frame 0719 55 KB
4 KB 80ms
36ms Script
application/javascript 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/js/layerslider.transitions.js?ver=7.7.7
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2d8d21e33a114642bd67bc55352d33c0a99d4bc1ca4c504179f40a0394719fb

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:35:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543728
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yw%2FYTQB1smbOjrZQp%2BG0O842csh%2F5EcLnCvGsNBeVb4CvVVCqfbmuMGT7FMryPFgGHfJSEsLMPqCg%2BoxG%2BV%2Bcc0AA0uYBsPCr4bCTsApjeDe2XWe54m7z6bdv1VXM%2BDHw6reWgMNFpzA1hc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=16070400
cf-ray: 84cc323a5a424bff-MIA
expires: max-age=A10368000, public

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 4280 0
0 252ms
114ms Fetch
image/gif 142.251.41.6
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsv8WChQ5t29G6NPfLuaRIjCtR7b-wUTTMngQxYCOShAad99_dVxhIJ3hxuWMbSMsfDQx-DeSrk-xftZgjkl5lt_gyoblgtzN_LoxU8CCF9_o0senXddcvadyJpGG17-kTp4jDE4ofs4q3RBGGLx2xJKao73gDgj31EasNov91RtSCra-Tx9kJfRXAjXq04VwH37oMAzqTIxXD0JY_8aEYPqueDwxYJD7h_bv9-5jlTkF4OkzqzSQg4n7BnvusxN4DQhmFoC64Dh8e35nE__57bw9JlxwddPljyJkj93widjyC0AJvej03-0kIn9nKTNDM8OXREcOGzruRW-tUe6SCp4FZsrl-CLakZF7EENP9BMQBxi58gwnGq3GJnyWJI_n4Tjuy2RUcwyHWs1nqZUDagAyHmsEtvSzL7ctsJzeJksHGM3xo1cS56nSgn0veFMXck03fdrc4RE9gQJ-s1cCebyPxrSv-w5M9OVcS442R7krm239KyGsAmBm24txHvu3JzWvTvPj_7SCgXV9vXxpSJahOgjMmOw22PoufTYPuIdBlC-Sa4hYOJVZWf-iy5NhnokK6PgwyDAnn2bBNZWfK44MkiEvNeJwkm9ML-GAmkMyQ14x4zrxVXyXAUbzZ_W9_wTYYefcNk8w75YaitTbRnQWdJg6C2husstKkdNaryT7fV2jF7J8WHgDdw_M29S6ePTsxWdljXFoFSN2MPygbQhFBadzRFgZlBCAAEl2ymPiSjitK4S3jj7TmwKRhaasB6la2a3hLNdJbs7L_JqEBMtiuVH3jsjdtBHKMhs2lqonh1ezWehD79T5e-7406h1LKFu7GflG8gv4xkSUKFUGGHbEvQEQiIYF6WeaAqs3k9p54N7ajg1PfO7-6Htv4LR7LJfLPMvwpLcEJZXIreQw6UJM8tL0AOKKHHzQwamir4NX_oxglShxU8eQthMBHv6u8C9rwYI1BLNBD9opYc9uN_IVznm2EJ5yyzQ8JKVtaVhgZd91bnQEk4bBT7vdg5zKcUBRP6wt4FbnjqWPALX-gqwxHiWJoK4yBaMkWXpIOzlT0h3gZut3w79yIxtTEM_ISpXXBJmnKMDbEaUjqAvuE7wALT2ClJz7dXrRalLi7pwA0K-ktrpfz_ZcArvVqmy3Lb6HjEzMqGN3IkDnYxt9M_o108_nBKNln7Avn0RoHkY_5FuQICRcbiLw3fcoIQC69S6QTxbArrvriZj1wptEREJVaOxzYNR-iPuZTw_j1vHGh59lIa8YN-xPHSPOzQGs3HJMmOErpWSZG8LgwqJkZx9j4EDD_cD3bBJtK42gSe12WyRK_l&sai=AMfl-YQS_NiFd9vyKTO3-1LYZEHKZHBJxHxW3Jz0Dm7HFdod5SOI9YSUw9ldYvDpnaq88O1aWij0sYr1B7kYTnRT3HoH7Xv0w_BiPbBayGSbZlaPTTXX0dOQKIt-KZl6vBn6p1oqtktr7Lo8Ler6e0u6g39vtcvYZ5-n458UvWG8hCP_fCzDrFsXR_GOvLec0uktgiLi3EM9tU9FNW3s3-EjnABH_q1yrYssFPyH3o5URbw9sS6raZr3t5bYRegkMhZqLqEecUDaWEE6De-Xer_iGeu3L-jmf-uHTOHdHfzz_8ChrZvmg3LXLOmSUVU8ShYfBONm_VtaC8kVUQw757MZMCkAkcNZbb08ulenSp-bbAySfBBNUFpLTDCJqFAaVFXFsgt3GrhqZwYNjsb25_CPoukcFcdlSp0RXlwKFk0sx-kcCqs48uDAbSov60upLiDzgDUCoIpjBA505tqnCSKIZyS5Q_uwuKEwgAgGERDlp-xEEtSmGZ5vxhaUebDm_lOgf46KOQ&sig=Cg0ArKJSzA6PQhLuRxUaEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9jYm9lLmNvbQ&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=939&cbvp=2&dett=2&cstd=0&cisv=r20240122.91094&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.41.6 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga34s40-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 28 Jan 2024 21:05:54 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 beacon
tag.researchnow.com/t/ Frame 4280 42 B
435 B 202ms
65ms Image
image/gif 18.164.124.5
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tag.researchnow.com/t/beacon?pr=288230&adn=3&ca=29702965&si=3554638&pl=365167024&cr=191021523&did=ADID&ord=3646534308&gdpr=&gdpr_consent=&us_privacy=${US_PRIVACY}
Requested by: Host: campagio.fr.gd
URL: https://campagio.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.164.124.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-164-124-5.jfk50.r.cloudfront.net
Software: Apache/2.4.57 () / PHP/7.2.34
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 20:30:45 GMT
via: 1.1 33b70e58e860e3444a806072eb0401a6.cloudfront.net (CloudFront)
server: Apache/2.4.57 ()
x-amz-cf-pop: JFK50-P7
age: 2109
x-powered-by: PHP/7.2.34
x-cache: Hit from cloudfront
content-type: image/gif
p3p: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 42
x-amz-cf-id: LP57s-5Bn6yg3bM3O7XEaJCpkQ3467RPDhvCvSLWtNXoys3prVqOvw==
expires: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4589 0
20 B 131ms
130ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=B5hU9r8G2ZdqWNcrRoPMP6Z-t4AoAAAAAOAHgBAI&bg=!0dKl0p3NAAa8BdJLnAU7ADQBe5WfOM_tD-WxQzJqcXSTBnFRJF8fbTcC7LTWbgXwkdbPcf2Bg3b3Mbv89FMaPVbK8TtFAgAAANpSAAAABGgBBwoAWgd0p-77wo1chLONvyWJeqUH9OIhgzzKzyqX9OBzgR3NpaYQiuGmReTurYVxrz-iVFvNhuzfZ2Yty2fApqHSO8i8TqE76tbfb-yhBZ41t1sr5luNEFIDfcHMvpkDCQyhl4HsPRUFUHolnBSoG04UOB_rXeeiBjczq5aZ8Xd3Za7brw5qedqAwZKPuFrpQBaY2KWT3FU_7Se5iUhDycZlGPQMlXcV7ubm_qAz_-vvRNjvBR9x9n90-uFjsVRshPP1AaqyGWY3aYxv04NMUL-5pvD0TNmPFbafKTE80-hrtO-iAtP4VheIVAtIrl8tTSKPVTYoUoSMz88-Hy-BQBvDTO9CpJSkr7Lb4q68I2ornYAK5DPdmDvkbma38-TV7MnzSVrb_u-qPKrwwqEWwyJrtmuPVoXyXdLHGvaPSO57J0b8SIPio6Z_SrqmX2qgaRFsWVeenn6ndHioCWk14g5xrOifaMorU8BvMSsL4nwuQhB19rkm1kLeA4_iHeTPZXDmQxkEaFQCYh3gNpgoQeXsZta1WqwMoNzrFfK7Su8xcXan8NiQP2YtOEpbj-X1jkNRh9PDJcYGVZp5oDSww8fBYTX6NPEXIr-mpK1vGG5LPvbg7-SEBnKxZRpxxRWMIjTGtiWakJw9GqNcQ2nRWiLeBmS8bEq2bW33UKlY7iwWLNwEUJXVef5siRH_9va64t5X7LYdhQVGXjBMMaflC4QvYwLqNm8U-m0ng7LHDt0s0V2ASjjfR82cCf4rAnO8JgODrHTxt-Lke4ceRLrTWhkwUmnKMsg2bRs8aMKZYop9VaUZNc_rk289wv-8FjJAGpcI6SgoyHt7Fmxx_f1f-2n3YOMCNXFFK_9KZIzicmEQFPKbm02hTEKGq1qU60q1agsYrSZJrZSvGgcQZ0n3YS2FzgmgACs2Toadyars8hCUmX9Pu7t5DkKMr-kE0ss-idnsKf2-x5H3aXgVVHLTtRbVbQeZzU-VCU2iQTG2qKN_fCsVl3bmeafEacUBb6yXODihQNhWttrJpbzCtrqEr0AVhFQ8nJ2I0mpf7qQUAnhH8t5t7HJPmJ7916jVw8v8VWHdKtgxjVE-aB7jHJglTuPhljNxeR32lzsh7N3LV6oK07fAgn9mCrSGdRJJJRWCxyfrHzdbiJBRQA

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fp.min.js Show response
api.yieldads.net/js/ Frame EDF7 34 KB
12 KB 149ms
148ms Script
application/javascript 52.57.118.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.yieldads.net/js/fp.min.js
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.57.118.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-57-118-173.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07

Request headers

accept-language: en-US,en;q=0.9
Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: gzip
last-modified: Wed, 24 Jan 2024 15:47:06 GMT
server: nginx
etag: W/"65b130fa-864c"
content-type: application/javascript

GET
DATA 200
OK truncated
/ Frame 0719 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
DATA 200
OK truncated
/ Frame 0719 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ Frame 0719 34 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 37C5 0
20 B 130ms
129ms Image
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BN85sr8G2ZduWNcrRoPMP6Z-t4AoAAAAAOAHgBAI&bg=!KimlKWbNAAa8BdJLnAU7ADQBe5WfOKOD8hdNJ0mjcNkqzw1fmVHv_rJm9JESuWUhgMrJ6Qnt4DL8YL6G86hKLeBjN_-9AgAAAR5SAAAAAmgBB5kDAtNJmWDVAMO9QK0f4EPFff-qhd62E0ZOzUD_J-9OfVq4GL40n2FgsRLZJOXrThIkrr_XHU5cTM06VnJvLXfMaZfLnOtqd2pFvEt-fOhCDkFlEk3HqOm3s6zbWJLf1MfcLI33VWBtTqHEHA-28u0ti5jpq1fp7LFZFsst412kXs8gCSKhMTrME32mZcmY8vSFYOQUp3A8SSzVwYkYP6LGNDxa0ijvQBQEUp_NWbphKfGS2tnA6ogCZ-ZlpDqKjNT3naN6R3PGNq5tq3bCmbpOZhE3eESPCrKnQuES6jS9FMsy82rauViPjseGjYwpkhSxDYX0gJbE7ZORm5iMLvqMtMkDF7E1gCm7zS5_2oxx8LZ2WYVvc_vKeG52lAVHv47D_zvsJek7992c-LBUtsxE1Ty_slc1Vha3GYVxH9nfkhLFZZusapIsCjHyRPSF4Gh6JXThUzfKTMaQuQoj-LpdjHaCHhlvJgfpjorZn0pryG1IW9HbdiVOYSzjpI872ypT3k2RcMto1renatnNgw4wr6ZKzGG7V4GJF8-V2hb21oRqZU68odTuTI5xoLDD5pXVYAoBELuDRIoYn6Hk0bPD3Ma99yrUwEpsDvVflIcG08nORGGdOklmmuIB8VLTxbenarQcRaXxoJs1IqDuNghaoeT4TdkBPbvhggzAOkuU4mmu15xrgFfclMVYq6mKSgQmD21PPlN3UP-PfpK3cyMRL3SawgHZcNk_UWeGX9iTNbwTpXkMp9QW3AXffvJzzLElTdBChQWo74DsIIebRkf9H9OV5LORu9QQS6rqiRjW8euvzZESQ8j66G4we0s08riK5v36SaJlB24I7mGFGEnYtMMKMR4RplSXRqgQdsbxYfSDHKSrtU7d7U6Cb-wJYh8LbbpIYOdd2vq6vN3ZGrCEgEcMD7I4wwt3_cyJm6D0s3scciKS5I1KpcruqPCyn-C8hGzt2SCbOcD4io9m-ue8USKe07mTR5CJ6IBEkRSRegx7qdhhZfcW4fC4ZvaqDQaMy5KK

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 index.module.js Show response
app.usercentrics.eu/browser-ui/3.34.1/ Frame 0719 358 KB
103 KB 117ms
39ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/latest/loader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

0165e3e123442d569ab5aa2b4a5676bd4c28e35c8b9091b008f49000c9cee3b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.foboxy.de/
Origin: https://www.foboxy.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 23:04:06 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 770508
x-guploader-uploadid: ABPtcPqzImpY59b-pE4hiKEB6LafhAln9GOos2YnaPUZa9wXhVDGOGY1XcgHEXXSxQfVEYgOCCY
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 105636
last-modified: Thu, 11 Jan 2024 12:39:54 GMT
server: UploadServer
etag: "73b306e974dc041282ac795a04f209fe"
x-goog-generation: 1704976794821043
x-goog-hash: crc32c=A8MN8A==, md5=c7MG6XTcBBKCrHlaBPIJ/g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 105636
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Jan 2025 23:04:06 GMT

GET
H2 200 fotobox.png
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 47 KB
47 KB 98ms
76ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/fotobox.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5618c9256c68d8019fa7111b6e0494024a3f034ac4d1fb16d65d45eae80643e0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 48166
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YOgwcZAIQCxjLi42d192F1lv7P4iQuFGqRcM1f8xQ2mdJYSww9YvZwyG5lb0sQTWXFQ8jWTy5PhjvuiAXcxYWuP5By35DgFdXnQVJ5mYnC2BdRfBmJJAbmqYDU3Yf4Y3M9Kubbws2jb1UVE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a8ac64bff-MIA
expires: max-age=A10368000, public

GET
H2 200 einfach.png
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 38 KB
38 KB 86ms
64ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/einfach.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 20a4c3d68e5653b7b9a5b24796a25f9971b6857c18676e4a17ed4a95985dfdf4

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 38442
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7nn2lXjYwyfpGYIF4ffJ9Nrq3A%2BiKBxKACUrvTA0AbL6FmwXPOtYkP6dN5dZLutmNjrXVM2%2F%2B28LmM8xCZxJA84nbWgyIU14EAmvmVhxz%2FFjCnieDVZ2N9HJqWYqUai%2B6G4CT5PT0HfAWXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a8ac94bff-MIA
expires: max-age=A10368000, public

GET
H2 200 service.png
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 8 KB
8 KB 87ms
65ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/service.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2cf798f733c885cffbcaf3a2964ba614ba4760690a33a7204b5fb45f83ed2503

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 7684
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fz1ggkj3ZBF33ptbFvJzS5JVX1BNshk42zAsofxvRFWhbenpZDFGzQvu2XMEGv7CPM2yhqX5R7T6lQpD%2FNrdHGwq%2Bb4UpRbsOtcygJQ0Duj441DJU8eHPXLxF%2Bz9OBGhgVMZ4wSpVQdOQ%2F4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a8aca4bff-MIA
expires: max-age=A10368000, public

GET
H2 200 GQuG3_4SHiQ Show response
www.youtube-nocookie.com/embed/ Frame 0339 91 KB
39 KB 354ms
209ms Document
text/html 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Requested by

Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bb32f991345085a148e29504be330a695f20919d8cfd84064cc1d10ce9754ab0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foboxy.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 21:05:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 KVMJh-j9XKU Show response
www.youtube-nocookie.com/embed/ Frame 9B2D 91 KB
40 KB 274ms
129ms Document
text/html 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Requested by

Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8b8dbc6db2edbb75a2d608d2a64c8ca568a267cf87e0113d4764e1ee321a407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.foboxy.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
cross-origin-opener-policy-report-only: same-origin; report-to="YOUTUBE_NOCOOKIE_DOMAIN"
cross-origin-resource-policy: cross-origin
date: Sun, 28 Jan 2024 21:05:54 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
origin-trial: AmDnk0SIEsH4Bi0uvITor+113VdZiHamGsT0EG6UHXgEXROwfKYSeE1NWAqwKRr6CFPJ/xqXmMgs+r58fAMEMQgAAACBeyJvcmlnaW4iOiJodHRwczovL3lvdXR1YmUtbm9jb29raWUuY29tOjQ0MyIsImZlYXR1cmUiOiJXZWJWaWV3WFJlcXVlc3RlZFdpdGhEZXByZWNhdGlvbiIsImV4cGlyeSI6MTcxOTUzMjc5OSwiaXNTdWJkb21haW4iOnRydWV9
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"YOUTUBE_NOCOOKIE_DOMAIN","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/YOUTUBE_NOCOOKIE_DOMAIN"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 fotobox-absicherung-inklusive.png
www.foboxy.de/wp-content/uploads/2020/12/ Frame 0719 18 KB
18 KB 75ms
69ms Image
image/png 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.foboxy.de/wp-content/uploads/2020/12/fotobox-absicherung-inklusive.png
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4c794205cfbae7ef5515edfa8f84de7308f4a133fc17805b7ad1c7b178992ea6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 543727
cf-polished: status=not_needed
content-length: 18445
cf-bgj: imgq:100,h2pri
last-modified: Thu, 20 Jul 2023 05:36:23 GMT
server: cloudflare
vary: Origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OaL%2BzLDJNth7M3vafV4K4zxipZ4RZaBK501Fr6Fa%2F1Uwds0zamIQfX6l5shrm71mwq%2FIpiOfpJ7fevtt2zMPDidngA2RvgcGIa0fgLR6BDrzqbsyjlpHghziDGylaygOjJnSuK%2BQRPlCcH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 84cc323a8acb4bff-MIA
expires: max-age=A10368000, public

GET
H2

200

svinando.de Show response
findarios.com/search/ Frame EDF7
Redirect Chain

https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c...
https://findarios.com/y?t=svinando.de&cid=1f839c8ae3a8ec808773028d5bbaa749fb298471155b3db1f8832ac6e791db80&identifier=da1f6ec6f064d0cb
https://findarios.com/search/svinando.de

530 B
1 KB

171ms
171ms

Document
text/html

35.157.83.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://findarios.com/search/svinando.de
Requested by: Host: api.yieldads.net
URL: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.83.91 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-83-91.eu-central-1.compute.amazonaws.com
Software: nginx / PHP/7.1.33
Resource Hash: ac18785d1f2e5954f79aaed1e5e36a751bcd7ca912e7d63c6228d392b1299bf1

Request headers

Referer: https://api.yieldads.net/redirect?publisherId=45bc403dq64rzpuj&market=de&placementId=e746e9a42980ebfd4d520e2788c45dd67b367a25876dca24443c19ad17c89e00&placementId2=60c9106a-dd7b-4f3b-9789-441523dd3c5e
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

Redirect headers

cache-control: no-store, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:55 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
location: https://findarios.com/search/svinando.de
pragma: no-cache
referrer-policy: no-referrer
server: nginx
x-powered-by: PHP/7.1.33

OPTIONS
H2 200 languages.json
api.usercentrics.eu/settings/RiP8URUeM/latest/ Frame 0
0 216ms
143ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/RiP8URUeM/latest/languages.json

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.foboxy.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:54 GMT
expires: Sun, 28 Jan 2024 21:05:54 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPp4Wt5klGGk9sJKkeV3xHAdjB4B1B4g1gFyVMQPPpQ4Hxk3ZjCYlGMM14tOcqc5YIPNenI17phbug

GET
H2 200 languages.json Show response
api.usercentrics.eu/settings/RiP8URUeM/latest/ Frame 0719 66 B
600 B 164ms
162ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/RiP8URUeM/latest/languages.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.foboxy.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPqbK9_V7FJyfVG6WuJ0XUG2Xl5XAgsCzlGqcCny9nw566Qdj7GoMuZZn7cNHwMmb1K_q16YArbdaA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71
last-modified: Thu, 21 Dec 2023 17:31:17 GMT
server: UploadServer
etag: "645afc9e7aa2c884f8a470fd78671460"
vary: Accept-Encoding
x-goog-generation: 1703179877376497
x-goog-hash: crc32c=VEQXGw==, md5=ZFr8nnqiyIT4pHD9eGcUYA==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 71
accept-ranges: bytes
content-type: application/json
expires: Sun, 28 Jan 2024 21:06:54 GMT

GET
H2 200 www-player.css
www.youtube-nocookie.com/s/player/cb886c6c/ Frame 9B2D 359 KB
47 KB 107ms
106ms Stylesheet
text/css 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0927d0eb1802a65f1b033034b2d947118d176148381dce25c885d9deb94b9d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47487
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 06:11:54 GMT

GET
H2 200 skin.css
www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/skins/v5/ Frame 0719 3 KB
1007 B 46ms
45ms Stylesheet
text/css 2606:4700:20::681a:48f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.foboxy.de/wp-content/plugins/LayerSlider/assets/static/layerslider/skins/v5/skin.css
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/wp-content/cache/www.foboxy.de/wpfc-minified/7zkqng7l/hfklw.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:48f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b05c5ace089a65ba0cd345cdda18e3474d45689ed22bb85abf0711dfe47569ac

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:54 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 20 Jul 2023 05:35:50 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 543726
vary: Accept-Encoding,Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ju0bfJlEMOe%2BjSm13qo%2BnifWVm72Pf3DIHaCcwGBwTsGvReurb5OYOfbp5VAbEqq5yJLBhlUeDxhlM1fjWX7YqPmU7cm2gLl8zGALQ47eWlmWiSgRspzmi61jO8SsWxX6ZwIwwfvUO1UXnA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=16070400
cf-ray: 84cc323c5dd14bff-MIA
expires: max-age=A10368000, public

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B2D 15 KB
15 KB 65ms
63ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:57:15 GMT
x-content-type-options: nosniff
age: 227319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:57:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 9B2D 15 KB
15 KB 77ms
76ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:12 GMT
x-content-type-options: nosniff
age: 226602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:09:12 GMT

GET
H2 200 embed.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/ Frame 9B2D 53 KB
16 KB 84ms
83ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7094277e4e28f5c0b9637ae7d27d7fe100fd9492d39624d633f035742c5065c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16707
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 05:53:37 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/www-embed-player.vflset/ Frame 9B2D 319 KB
95 KB 114ms
113ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5904ac053ee5163169774e5563cc32a2c458a4ce0e8b4e76e173998f4d01d580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97391
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 05:54:26 GMT

GET
H2 200 base.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/ Frame 9B2D 2 MB
770 KB 101ms
101ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131ea1565000c0ee64a76bce491a2fd20a84490afe9550a7d3fd9666190543dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788169
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 06:10:15 GMT

GET
H2 200 www-player.css
www.youtube-nocookie.com/s/player/cb886c6c/ Frame 0339 359 KB
46 KB 240ms
239ms Stylesheet
text/css 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/www-player.css

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0927d0eb1802a65f1b033034b2d947118d176148381dce25c885d9deb94b9d7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:11:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 226440
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47487
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 06:11:54 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0339 15 KB
15 KB 65ms
63ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:57:15 GMT
x-content-type-options: nosniff
age: 227319
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 05:57:15 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 0339 15 KB
15 KB 83ms
82ms Font
font/woff2 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube-nocookie.com/
Origin: https://www.youtube-nocookie.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:09:12 GMT
x-content-type-options: nosniff
age: 226602
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2025 06:09:12 GMT

GET
H2 200 embed.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/ Frame 0339 53 KB
16 KB 225ms
224ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/embed.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7094277e4e28f5c0b9637ae7d27d7fe100fd9492d39624d633f035742c5065c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:53:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227537
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16707
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 05:53:37 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/www-embed-player.vflset/ Frame 0339 319 KB
95 KB 226ms
226ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5904ac053ee5163169774e5563cc32a2c458a4ce0e8b4e76e173998f4d01d580

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:54:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227488
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97391
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 05:54:26 GMT

GET
H2 200 base.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/ Frame 0339 2 MB
770 KB 228ms
227ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

131ea1565000c0ee64a76bce491a2fd20a84490afe9550a7d3fd9666190543dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 06:10:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 226539
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 788169
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 06:10:15 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6B5D 42 B
174 B 131ms
130ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstENz1JkH1p2KsjegpeeGRjbMoXe3cYztNKaLP2EqNgr6hgmszs-MrO96A7_A7ldsTH_QqV6Fv6kjYw4K4jrJAwfHLDCzf6PEJze-COJ7lCFuOCDeVDdQZ3xFP11MzhQnDDdDrJYBq4jpUILbXxnJPSGeOd0PZ_V1rY-kvRqX_VBKRX8nSgTPnSOt-BNK-GBIvs04IhDh5yfFxK--L6-nPLSiIj9jdA3vFT99RMb3V-FNLbDs81joA_HFLsAYWd1CNt5HEgEMBKgoIhC-F11YLDaMhpA62hEpv00Sg9TwszxFR7g2k_pvD4puNseBx8jHfOfsTYlf_YbCc4sdDbVXYMI0McaUN4_AgOzBsJAqIv7454IXx0vMwd2jUNEbSNAJuRNoYx-TC2WJCBmdbhezJuvAUk-syojeX0Cv45qwdpc5j3r9n0Owuua8TV1KhUyZbM5RbUEuelQNzSHAprODea1ScSi68ogEVSXYZG-fPh_uOgrBZbNlK0sF_hDbpctlJ3Abq0VzPRFxRAktuZDS6jwQn-h6rsCAzCAlW9T0V54C94YcL52vIFqn2DIL0411Hj5bA_chNgDQcZHGRRt2zaquBs06noJe-cp8BUgGcW8wJ3yaghR-lymShr6s5hc1gwE57DcyIkA8WTDw0oTOC5IdE7QB2FEwf2Tu1Vvd8ss4P1cOIbxXXY4K07EAlAjObKl043JLZInWOZnNsp00klbL5oDlyVzrtE2XN1VhcJiApsUPWi9BN30S_71oTBOpJGvdqe-oSieR--6j-EM3-eS2PPoNQWUQ1O-VD6TkcB73GmUQNKDoOpeWLzKZ5CTYCJqA9Le7oESngP3uxSlM7h8Cg--24U6gEVpAFLIo4pkqv81eXBIRvqcmVknwWj9jynoyzrRC7UrEh8yZym-4xoKaAK9QY7v3aRxEsKBbUSnRGh3qGb-W2OcN9ZvmThyLaK5LRP66bYu7D3Uv84n5RQUOm_kfKsMUnN6AI-QNidkbdm2hiEie55n7yeAu26kxpNshQNNbwhvJkxER3kScKsJYICAJmXcGqOPI-0UtTYdi240X1cgEkqMyPcQfSDWdDhOU0JAvOqS-5BMH5EMT0f4vd9dgQ9e4eEt-dh0zrm7YTe9WD8iJHdnuJWdCzyY9L5bJlfsmaLvAQhLTkbuTZySHbpLwqOQAAtPqE_GwYFQxSfaiGXCiSxic2FE6Hb86wpM57bEKC_yHcEWKUUE5pTUivYcIDj3VUhRhqNmb5ORGwS__orKnukyOEmAUTZfnv6z1eGcLpbDoX9ZgM-90lAZuonCZBCLFbBqAE&sai=AMfl-YQ-jY-vz4Fo2u4bwRdXV6J8G732jeQzQnDE4vKtPRUudaI2hS9tRtK7wdGfe9FacN_QO-BhLG4JtTb4V7R_2VXRYD9iitifne60wduuiiOdUTV1qKm1BoDZNajzPGRGcqcrPPNWzCxCichYi9OF5TCd4S_zJgfmP1Olaw&sig=Cg0ArKJSzMocQP2t1uYPEAE&cid=CAQSTgAvHhf_alIb1hRGFnpBt8sj-hJxdoOmpojQ-QgwBnffM3epQT_s08kXiiLwd0OBB_vK8n4hhc9ktfZuisVfGG61S87aRV3kTUrb0iMDdhgB&id=lidar2&mcvt=1002&p=0,0,124,1005&mtos=512,1002,1002,1002,1002&tos=512,490,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170647595300&rst=1706475952921&rpt=839&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0719 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 de.json Show response
api.usercentrics.eu/settings/RiP8URUeM/latest/ Frame 0719 35 KB
9 KB 162ms
162ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/RiP8URUeM/latest/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a86e33e39507927bb2006c78a28c3d92965570ef1f686e9dfc8191b948395b40

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.foboxy.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 0
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPq-4P1iCV9vjJgizxlOtQhQJ2CHLDnT860IvOE4VE1HclhmWwSpdzM8bTD93mDeH02hCDpBlK2Iug
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9367
last-modified: Thu, 21 Dec 2023 17:31:17 GMT
server: UploadServer
etag: "be95ef6314ace8974d97c72146635245"
vary: Accept-Encoding
x-goog-generation: 1703179877379063
x-goog-hash: crc32c=zUJ3rg==, md5=vpXvYxSs6JdNl8chRmNSRQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=1800, s-maxage=60
x-goog-stored-content-length: 9367
accept-ranges: bytes
content-type: application/json
expires: Sun, 28 Jan 2024 21:06:55 GMT

OPTIONS
H3 200 de.json
api.usercentrics.eu/settings/RiP8URUeM/latest/ Frame 0
0 154ms
153ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/settings/RiP8URUeM/latest/de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.foboxy.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:55 GMT
expires: Sun, 28 Jan 2024 21:05:55 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPqg5Wl_VHjuLkFQo0TGgSVuJw-5-JnCYXY2dNfxjGNsG_YEWU6s5sXJyouQ6LaBeALAj5DYv3U20Q

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B372 42 B
64 B 135ms
134ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstMSue3zLCIIo_IvQLpop9Tc6MaH9X-7Q1WS9rbk4TAhd74N439QY8EdLda-DbBiRctrJN3NIjYTRYG4oV1VthD2usj7zYZr6DtccDeNFNIBnaaN6V84gXjl9OzcnySuUXM8cOYGXQ_mnNfhDBg38_gl02N&sai=AMfl-YQsjj-DtPyt_edQjBmaEMINKHsAsTNTCJ7im-D15zf5BNIK0rIjj2roTxIWi8BUW-_HgU9c3O6exLZGV9haZWsFMR8kok8EqD58lDkNKzy9eSDfEEjveNKq4H4Qvgwnn1Qm0LK-i9rHw93CY-Z8&sig=Cg0ArKJSzC5ng5J9h1-mEAE&cid=CAQSTgAvHhf_alIb1hRGFnpBt8sj-hJxdoOmpojQ-QgwBnffM3epQT_s08kXiiLwd0OBB_vK8n4hhc9ktfZuisVfGG61S87aRV3kTUrb0iMDdhgB&id=lidar2&mcvt=1029&p=0,0,600,160&mtos=1029,1029,1029,1029,1029&tos=1029,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170647595300&rst=1706475953097&rpt=766&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 298ms
73ms Preflight
text/html 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 28 Jan 2024 21:05:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9B2D 87 KB
40 KB 84ms
82ms XHR
application/json+protobuf 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

24a65d92bebb84b0337689592f1f908cbdc5ae37e9df93557f52f881d8f36308

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41059
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/ Frame 9B2D 117 KB
33 KB 66ms
65ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e2aad44f2a313aee96c76a201977d6ce582e7d798bb11c0fd39e4ede27aa93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33678
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 05:58:18 GMT

GET
H2 200 cHoal1GHrde4YWVmtNRS7rfNld6iV6ittWnnuOkThR0.js Show response
www.google.com/js/th/ Frame 9B2D 51 KB
20 KB 275ms
71ms Script
text/javascript 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/cHoal1GHrde4YWVmtNRS7rfNld6iV6ittWnnuOkThR0.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

707a1a975187add7b8616566b4d452eeb7cd95dea257a8adb569e7b8e913851d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19856
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 09:09:23 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/KVMJh-j9XKU/ Frame 9B2D 3 KB
3 KB 238ms
70ms Image
image/webp 2607:f8b0:4006:808::2016

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/KVMJh-j9XKU/default.webp

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2016 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

38633b8bdc4be607b01596d25377ed6102e72a6ccd5b3b877228350efe56ff04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:13:34 GMT
x-content-type-options: nosniff
age: 3141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2886
x-xss-protection: 0
server: sffe
etag: "1496397002"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 28 Jan 2024 22:13:34 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4280 42 B
64 B 132ms
132ms Fetch
image/gif 2607:f8b0:4006:821::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvoyYYjkxUqVt3Pnpvq0BYuzNVlO5VsVc7nP0vxEnkA2mE4dTWZ303p4eP5ypFf2G3_w5MJ-zIGYzBKG8qu2FUCR2to1M6Lg2-pbCfsjUbMdi6HHYg5JShFP2sBaSSeRlGnjzK7H0aJliig1F5PbbJ5foQ3&sai=AMfl-YSUw1bOzFHBGf8MgzhjAuCIwwno5zXUWinMogOqBl0_E5NlhZkGw9Ehl24aYQg5TbTy4ye_EL--8tnl5CRGRZPUtjHrKpCvevDAgwmtE6pRPR9QTbE4O1YfhN-lmAx9RN3rIFVal5VNv0VeNk37&sig=Cg0ArKJSzL5ahoXBgw4HEAE&cid=CAQSTgAvHhf_alIb1hRGFnpBt8sj-hJxdoOmpojQ-QgwBnffM3epQT_s08kXiiLwd0OBB_vK8n4hhc9ktfZuisVfGG61S87aRV3kTUrb0iMDdhgB&id=lidar2&mcvt=1101&p=0,0,600,160&mtos=1101,1101,1101,1101,1101&tos=1101,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170647595300&rst=1706475953024&rpt=844&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:821::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0339 87 KB
40 KB 157ms
155ms XHR
application/json+protobuf 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

322d7746078e8dbb44201668443a0b80cd456c0162578bd22155993d57d6cbe1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 41230
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/ Frame 0339 117 KB
33 KB 66ms
66ms Script
text/javascript 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/remote.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e2aad44f2a313aee96c76a201977d6ce582e7d798bb11c0fd39e4ede27aa93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:58:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 227257
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33678
x-xss-protection: 0
last-modified: Wed, 24 Jan 2024 05:49:18 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sat, 25 Jan 2025 05:58:18 GMT

GET
H2 200 cHoal1GHrde4YWVmtNRS7rfNld6iV6ittWnnuOkThR0.js Show response
www.google.com/js/th/ Frame 0339 51 KB
19 KB 185ms
94ms Script
text/javascript 2607:f8b0:4006:816::2004

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/cHoal1GHrde4YWVmtNRS7rfNld6iV6ittWnnuOkThR0.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:816::2004 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

707a1a975187add7b8616566b4d452eeb7cd95dea257a8adb569e7b8e913851d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 09:09:23 GMT
content-encoding: br
x-content-type-options: nosniff
age: 42992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19856
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 10:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 27 Jan 2025 09:09:23 GMT

GET
H2 200 default.webp
i.ytimg.com/vi_webp/GQuG3_4SHiQ/ Frame 0339 3 KB
4 KB 123ms
64ms Image
image/webp 2607:f8b0:4006:808::2016

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/GQuG3_4SHiQ/default.webp

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:808::2016 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

c01720b2b7f38f35b76a02851d18e1c825a71fff02e4dd1a83f550c8d2272523

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:13:34 GMT
x-content-type-options: nosniff
age: 3141
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3278
x-xss-protection: 0
server: sffe
etag: "1472899727"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 28 Jan 2024 22:13:34 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 180ms
73ms Preflight
text/html 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 28 Jan 2024 21:05:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 cross-domain-bridge.html Show response
app.usercentrics.eu/browser-sdk/4.32.0/ Frame 21AC 5 KB
1 KB 38ms
38ms Document
text/html 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-sdk/4.32.0/cross-domain-bridge.html

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.foboxy.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: Content-Type Content-Length Transfer-Encoding
age: 212765
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=2592000, no-transform
content-encoding: gzip
content-length: 1123
content-type: text/html
date: Fri, 26 Jan 2024 09:59:50 GMT
etag: "b30f44c78e8cb3ac5655580614084e8f"
expires: Sun, 25 Feb 2024 09:59:50 GMT
last-modified: Thu, 11 Jan 2024 12:39:37 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-goog-generation: 1704976777634959
x-goog-hash: crc32c=HTnIJw== md5=sw9Ex46Ms6xWVVgGFAhOjw==
x-goog-metageneration: 2
x-goog-storage-class: STANDARD
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1123
x-guploader-uploadid: ABPtcPptYuA3Tjqm3qsg8ZFzMCQ4aKU1VSkNuDEJlilVsWKKoUVEzN4__SSYB7nwU-S03cPyserwaB3eHA

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 9B2D 4 KB
2 KB 92ms
91ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Jan 2024 21:05:55 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 0339 4 KB
2 KB 101ms
100ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 28 Jan 2024 21:05:55 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame 9B2D 0
10 B 65ms
64ms Image
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?-XjgWA
Requested by: Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 9B2D 50 KB
14 KB 65ms
64ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 29 Jan 2024 05:53:25 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/120/ Frame 0339 50 KB
14 KB 67ms
66ms Script
text/javascript 2607:f8b0:4006:817::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/120/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:817::2003 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 05:53:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54750
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14705
x-xss-protection: 0
last-modified: Mon, 23 Oct 2023 15:04:43 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 29 Jan 2024 05:53:25 GMT

GET
H3 204 generate_204
www.youtube-nocookie.com/ Frame 0339 0
10 B 69ms
69ms Image
text/plain 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube-nocookie.com/generate_204?fUC0mg
Requested by: Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 72ms
71ms Preflight
text/html 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 28 Jan 2024 21:05:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 9B2D 90 B
133 B 75ms
74ms XHR
application/json+protobuf 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

4d65f2a8019de1ddeef0f10a83f8dfb79630735f8ccb87c07a2463a7cfc0e464

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0339 90 B
133 B 75ms
75ms XHR
application/json+protobuf 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/player_ias.vflset/en_US/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c80495cdff4933d980cdfb07d0305dcd4fbdcb325c6b28e189153a7d6f2fd0a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube-nocookie.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Sun, 28 Jan 2024 21:05:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 110
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 71ms
70ms Preflight
text/html 2607:f8b0:4006:80e::200a

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:80e::200a -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube-nocookie.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube-nocookie.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 28 Jan 2024 21:05:55 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 1px.png
app.usercentrics.eu/session/ Frame 0719 489 B
551 B 37ms
37ms Image
image/png 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://app.usercentrics.eu/session/1px.png?settingsId=RiP8URUeM

Requested by

Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:44:05 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1310
x-guploader-uploadid: ABPtcPrbEl3_q1-zI_XlVsp1uj0OrL1Ag1g4oY2x8reI-kY1QdIK5GjndA4ZB-b9IU9U7r3pAfQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 522
last-modified: Fri, 08 May 2020 09:06:13 GMT
server: UploadServer
etag: "3702ada73b8951017b8451cbd6a96523"
x-goog-generation: 1588928773413784
x-goog-hash: crc32c=pFwm0Q==, md5=NwKtpzuJUQF7hFHL1qllIw==
content-type: image/png
cache-control: public,max-age=1800,no-transform
x-goog-stored-content-length: 522
accept-ranges: bytes
expires: Sun, 28 Jan 2024 21:14:05 GMT

GET
H3 200 TcfData-c245ceb1-ffc42cce.js Show response
app.usercentrics.eu/browser-ui/3.34.1/ Frame 0719 26 KB
7 KB 35ms
34ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.34.1/TcfData-c245ceb1-ffc42cce.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

763140216572eae537b4c2ac32d96d2db6383c1a69800adcfd82c58d5e835430

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js
Origin: https://www.foboxy.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:42:43 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1498992
x-guploader-uploadid: ABPtcPqtHGlyqJFkDm2ZqQLwWieHh3EohhuWM8s3EhTtQmPcZvMoCmfeZ0BtCRl2lJnIXto4XJ8
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7028
last-modified: Thu, 11 Jan 2024 12:39:49 GMT
server: UploadServer
etag: "391096cb482676350617b8a42627018e"
x-goog-generation: 1704976789703609
x-goog-hash: crc32c=pE/9hA==, md5=ORCWy0gmdjUGF7ikJicBjg==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 7028
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 10 Jan 2025 12:42:43 GMT

GET

/
www.svinando.de/ Frame EDF7
Redirect Chain

https://r.linksprf.com/v1/redirect?url=https://svinando.de&api_key=46fd76778392715900a5c22e8500423a&site_id=624d696b024f444681c6425df495a369&type=url&source=https://findarios.com/de/search/svinando...
https://r.linksprf.com/v2/go?t=et.pd%3Aa%2Fiws.2wFn%25.3os%2Ftwhlpcm.chs%3Fiia%3Dn8f61%26edp193365%264ldc2r6f1f6n4afi2sbc9mdc2i-k8e920vc3a480e1b312458ac826294a038b420d070a09%3D9c4admcciskiea3n6f446...
https://www.awin1.com/awclick.php?mid=28767&id=143466&clickref=findarios.com&clickref2=v030400014382054a2826c98a431bb2ed87aac909948d&clickref3=624d696b024f444681c6425df495a369&clickref4=findarios.c...
https://www.svinando.de/?awc=28767_1706475956_912aa486d31f7531446a43728045072f

0
0

GET
H3 200 DefaultData-6c4a9f0c-136e5ec3.js Show response
app.usercentrics.eu/browser-ui/3.34.1/ Frame 0719 2 KB
1000 B 38ms
38ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.34.1/DefaultData-6c4a9f0c-136e5ec3.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.34.1/TcfData-c245ceb1-ffc42cce.js
Origin: https://www.foboxy.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:44:00 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1498915
x-guploader-uploadid: ABPtcPoZ8UJ1CV3zD0MobnXERhzlAO04Bg5GvVR_MOKPqd8Bit0RIocJqvZcbUjUJ6vdDKfxMZo
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 969
last-modified: Thu, 11 Jan 2024 12:39:47 GMT
server: UploadServer
etag: "da73fb71831183fa611ad38c5334f1ea"
x-goog-generation: 1704976787060273
x-goog-hash: crc32c=F3cFEg==, md5=2nP7cYMRg/phGtOMUzTx6g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 969
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 10 Jan 2025 12:44:00 GMT

GET
H3 200 translations-de.json Show response
api.usercentrics.eu/translations/ Frame 0719 8 KB
3 KB 36ms
36ms Fetch
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

d4921e6caf1dfe28190143aa7cab9addbed7127f03827e73a7cdc56032c25610

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://www.foboxy.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
content-type: application/json

Response headers

date: Sat, 27 Jan 2024 22:58:21 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 79655
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPqPMk8U3hE8OdTigVjJOOsnav2I5OqXV4B37OF38MKrkzc4QdAYCepuPfHD2J5eBh1emGEosvtAmA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2821
last-modified: Mon, 11 Sep 2023 07:33:50 GMT
server: UploadServer
etag: "444ecfbe97bd66d8afcd89c7c6b29da5"
vary: Accept-Encoding
x-goog-generation: 1694417630874466
x-goog-hash: crc32c=yy8WTw==, md5=RE7Pvpe9ZtivzYnHxrKdpQ==
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=86400, s-maxage=86400
x-goog-stored-content-length: 2821
accept-ranges: bytes
content-type: application/json
expires: Sun, 28 Jan 2024 22:58:21 GMT

OPTIONS
H3 200 translations-de.json
api.usercentrics.eu/translations/ Frame 0
0 146ms
145ms Preflight
text/html 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/translations/translations-de.json

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.foboxy.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET,HEAD,PUT,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-length: 0
content-type: text/html; charset=UTF-8
date: Sun, 28 Jan 2024 21:05:55 GMT
expires: Sun, 28 Jan 2024 21:05:55 GMT
server: UploadServer
strict-transport-security: max-age=7776000
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPoDNt8nqeXvL6utUdiht1p6of6G6heMrYdXpxrpigX943-N-u4awufMi3-ClGmZTy-EWwCArV7ECQ

GET
H3 200 en.json Show response
api.usercentrics.eu/gvl/v3/ Frame 0719 568 KB
69 KB 38ms
38ms XHR
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/gvl/v3/en.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

62e4a09b017b0438191cda12442fa36ccef724b19d6c7fb5e3dea10f049e682c

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 19:59:14 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 4002
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPprne4pjP0Rzzf0HHzG2lvtAdHi2McPy9HkqwNbo3vezRlExKeBpTg9xmLp27MfxTRM3srlc5MyHg
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 70785
last-modified: Fri, 26 Jan 2024 01:00:10 GMT
server: UploadServer
etag: "3da8744b1651c2955d0805f064fce51a"
x-goog-generation: 1706230810298713
x-goog-hash: crc32c=idk2hg==, md5=Pah0SxZRwpVdCAXwZPzlGg==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7200, s-maxage=7200, no-transform
x-goog-stored-content-length: 70785
accept-ranges: bytes
content-type: application/json
expires: Sun, 28 Jan 2024 21:59:14 GMT

GET
H3 200 de.json Show response
api.usercentrics.eu/gvl/v3/ Frame 0719 45 KB
9 KB 35ms
35ms XHR
application/json 2600:1901:0:c07c::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.usercentrics.eu/gvl/v3/de.json

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:c07c:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

a189e6df38d351aa6811b635278498a0cc8b0cc27981d2b921e27a296938f0c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:15:42 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 3014
x-client-geo-location: US,USFL
x-guploader-uploadid: ABPtcPoHnAuKguV6QOsQe3zUGoNLN_RuAhyqPwJYnyLbr10vGmjr2_TGGgDcV0EGsYUr5ErZsKWWEcaufw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9216
last-modified: Fri, 26 Jan 2024 01:00:10 GMT
server: UploadServer
etag: "c78d8c34029481cea19f0f3df230a887"
x-goog-generation: 1706230810202334
x-goog-hash: crc32c=2qKwyA==, md5=x42MNAKUgc6hnw898jCohw==
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=7200, s-maxage=7200, no-transform
x-goog-stored-content-length: 9216
accept-ranges: bytes
content-type: application/json
expires: Sun, 28 Jan 2024 22:15:42 GMT

GET
H3 200 TcfUI-f53cbf4b-f56ded50.js Show response
app.usercentrics.eu/browser-ui/3.34.1/ Frame 0719 1 KB
685 B 35ms
35ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.34.1/TcfUI-f53cbf4b-f56ded50.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

365f56e2f5be7a1b607f4bd54eb55735f2fa6bc9c554152d4188901b676f21c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js
Origin: https://www.foboxy.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 19 Jan 2024 23:18:29 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 769647
x-guploader-uploadid: ABPtcPpzUmcylhYuXHcQ2svqYPIchIkngpPLVp7Wo1b9OCeJvIOIzin4HxS-okyoYMWYP4ACOQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 654
last-modified: Thu, 11 Jan 2024 12:39:49 GMT
server: UploadServer
etag: "56eb12aa8d974100e57d8e902180d2f3"
x-goog-generation: 1704976789927753
x-goog-hash: crc32c=++qopA==, md5=VusSqo2XQQDlfY6QIYDS8w==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 654
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 18 Jan 2025 23:18:29 GMT

GET
H3 200 FirstLayerCustomization-9b6b3341-d1fb6047.js Show response
app.usercentrics.eu/browser-ui/3.34.1/ Frame 0719 3 KB
1 KB 45ms
45ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.34.1/FirstLayerCustomization-9b6b3341-d1fb6047.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b38bc5c7c32bda9f1c6a1bc259e6c8ad20dc7c3d6c701bf56904245515a65975

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.34.1/TcfUI-f53cbf4b-f56ded50.js
Origin: https://www.foboxy.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:53:20 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1386756
x-guploader-uploadid: ABPtcPphVTltA3B32Rm7Brz3aDFNollklsgZrbjTuarjF1R_7Z7QjyaKbXbr2hUbmv6udfpKfoMwiRdlmQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1075
last-modified: Thu, 11 Jan 2024 12:39:48 GMT
server: UploadServer
etag: "9aa2dbaceca2cb72e06855b4150ab385"
x-goog-generation: 1704976788003355
x-goog-hash: crc32c=vpniAw==, md5=mqLbrOyiy3LgaFW0FQqzhQ==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 1075
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 11 Jan 2025 19:53:20 GMT

GET
H3 200 ButtonsCustomization-bc97adad-cb7c10c6.js Show response
app.usercentrics.eu/browser-ui/3.34.1/ Frame 0719 473 B
272 B 45ms
45ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.34.1/ButtonsCustomization-bc97adad-cb7c10c6.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.34.1/TcfUI-f53cbf4b-f56ded50.js
Origin: https://www.foboxy.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 11 Jan 2024 12:40:34 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1499122
x-guploader-uploadid: ABPtcPqFqrJsH6kjulDGfLW05-l_QmC2W4C6tBGL1w5AhliZas6wrEppctV_wYA57gWrxeqBOKM
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 236
last-modified: Thu, 11 Jan 2024 12:39:46 GMT
server: UploadServer
etag: "d0fbca31eb9ccf81195b677b3fdeeee6"
x-goog-generation: 1704976786311695
x-goog-hash: crc32c=spZYTw==, md5=0PvKMeucz4EZW2d7P97u5g==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 236
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 10 Jan 2025 12:40:34 GMT

GET
H3 200 Taglogger-36e26749-73e4c0ca.js Show response
app.usercentrics.eu/browser-ui/3.34.1/ Frame 0719 1 KB
729 B 35ms
34ms Script
text/javascript 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://app.usercentrics.eu/browser-ui/3.34.1/Taglogger-36e26749-73e4c0ca.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Referer: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js
Origin: https://www.foboxy.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 12 Jan 2024 19:57:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
age: 1386521
x-guploader-uploadid: ABPtcPpWpMPnsyLzE6xjJxkjSZyKRHiwvoxg7UgzpuN41QTaJMCWKRR0iUniegzjTrrdvOvZDajxzsLgPQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 689
last-modified: Thu, 11 Jan 2024 12:39:49 GMT
server: UploadServer
etag: "dd2a24fdd4920df955cb49e4e5e125a4"
x-goog-generation: 1704976789477031
x-goog-hash: crc32c=5H7JKw==, md5=3Sok/dSSDflVy0nk5eElpA==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000, no-transform
x-goog-stored-content-length: 689
accept-ranges: bytes
content-type: text/javascript
expires: Sat, 11 Jan 2025 19:57:15 GMT

OPTIONS
H2 204 3
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0
0 217ms
145ms Preflight
text/html 2600:1901:0:1e38::

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: -, , ASN (),

Reverse DNS

Software

Google Frontend /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-origin,content-type,x-request-id
Access-Control-Request-Method: POST
Origin: https://www.foboxy.de
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

access-control-allow-headers: access-control-allow-origin,content-type,x-request-id
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: *
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 28 Jan 2024 21:05:56 GMT
server: Google Frontend
strict-transport-security: max-age=7776000
vary: Origin, Access-Control-Request-Headers
via: 1.1 google
x-cloud-trace-context: 848f773f6afd6a4c3c33b7fe2e4a36c7

POST
H2 201 3 Show response
consent-api.service.consent.usercentrics.eu/consent/uw/ Frame 0719 0
78 B 154ms
153ms Fetch
text/html 2600:1901:0:1e38::

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-api.service.consent.usercentrics.eu/consent/uw/3

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:1901:0:1e38:: -, , ASN (),

Reverse DNS

Software

Google Frontend /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

Access-Control-Allow-Origin: *
Accept: application/json
Referer: https://www.foboxy.de/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Request-ID: 99c39d19-4662-43f8-acf3-6c9a5df92194
content-type: application/json

Response headers

date: Sun, 28 Jan 2024 21:05:56 GMT
via: 1.1 google
strict-transport-security: max-age=7776000
server: Google Frontend
vary: Origin
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: 319255af20711b85b04e86f5970d64c7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 de.json Show response
privacy-proxy.usercentrics.eu/latest/ Frame 0719 3 KB
953 B 35ms
34ms Fetch
application/json 2600:1901:0:5987::
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://privacy-proxy.usercentrics.eu/latest/de.json

Requested by

Host: privacy-proxy.usercentrics.eu
URL: https://privacy-proxy.usercentrics.eu/latest/uc-block.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2600:1901:0:5987:: Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

Software

UploadServer /

Resource Hash

b28b050e82519288328bbfa6aeb5f05ce52b5854b032d444d3b5fa3a8df3058b

Security Headers

Name	Value
Strict-Transport-Security	max-age=7776000

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:19:15 GMT
content-encoding: gzip
strict-transport-security: max-age=7776000
x-goog-meta-version: 3.3.5
age: 2801
x-guploader-uploadid: ABPtcPrZzXhrEUYEnvKI224du2DWk8sUGVFy49wJgFRDMU2QWZzML-yJ4ZgAOJ5HbsQt_ykfVl-8DIO44A
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 914
last-modified: Thu, 25 Jan 2024 07:54:14 GMT
server: UploadServer
etag: "a4a29cb0d7029af89af32c20022844d1"
vary: Accept-Encoding
x-goog-generation: 1706169254966982
x-goog-hash: crc32c=BnB9Zg==, md5=pKKcsNcCmvia8ywgAihE0Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=3600
x-goog-stored-content-length: 914
accept-ranges: bytes
content-type: application/json
expires: Sun, 28 Jan 2024 21:19:15 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ Frame 0719 286 KB
95 KB 494ms
91ms Script
application/javascript 2607:f8b0:4006:80a::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KJ96X95

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

147d26f67f05f970e192d4f2300453b6b25bb4873b9bea77ec899c51f1f50228

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97333
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 21:05:56 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 0719 182 KB
66 KB 586ms
183ms Script
application/javascript 2607:f8b0:4006:80a::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-13489214

Requested by

Host: app.usercentrics.eu
URL: https://app.usercentrics.eu/browser-ui/3.34.1/index.module.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

740dfebba956aff74f6650e1a4ec794d210e20cbeb5167add4196136ceef8b76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 67709
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 21:05:56 GMT

GET
H2 200 v2 Show response
integrations.etrusted.com/applications/widget.js/ Frame 0719 4 KB
2 KB 466ms
64ms Script
application/javascript 18.164.124.85

General

Check archive.org

Show headers Download Go to

Full URL

https://integrations.etrusted.com/applications/widget.js/v2

Requested by

Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.164.124.85 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb

Security Headers

Name	Value
Strict-Transport-Security	max-age= 63072000; includeSubdomains; preload
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: y6m_lv3sPnnC8IKMQAxgSJ.CL61RpuYE
content-encoding: gzip
via: 1.1 a4c7006ff62b5b4c16c58f54fdfeb656.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 02:21:27 GMT
strict-transport-security: max-age= 63072000; includeSubdomains; preload
age: 67492
x-amz-cf-pop: JFK50-P7
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: same-origin
last-modified: Tue, 25 Jul 2023 10:18:33 GMT
server: AmazonS3
etag: W/"d7237287c6c61682525e80a1904e6609"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: vZiB5MDUPtA_QCJdMHeunQD2WmoEw0F2gGqroXmELHwVvSG6LvDptw==

GET
H2 200 v2 Show response
widget.superchat.de/ Frame 0978 5 KB
3 KB 559ms
163ms Document
text/html 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: / Next.js
Resource Hash: 5a3d03a31acf29a27a5aed7fd247e0d8e7fa3ad0607eb94739ce5c7a043276f6

Request headers

Referer: https://www.foboxy.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

cache-control: public, s-maxage=60, stale-while-revalidate=300
content-encoding: gzip
content-type: text/html; charset=utf-8
date: Sun, 28 Jan 2024 21:05:56 GMT
etag: "smn4mnf5zd3o5"
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 XD6167D9815CD3E0043452FB0AB48CC64.js Show response
widgets.trustedshops.com/js/ Frame 0719 2 KB
2 KB 459ms
61ms Script
text/javascript 18.238.49.53

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/js/XD6167D9815CD3E0043452FB0AB48CC64.js
Requested by: Host: www.foboxy.de
URL: https://www.foboxy.de/?fbxtch=affiliate-ban-adcell&utm_source=affiliate&utm_medium=banner&utm_campaign=257824&bid=360463-105746-
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3de2e95f0c6df96ee23c068b76ba39ceec788da847efb09978a1fe11fbfe6d70

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:22:16 GMT
content-encoding: gzip
via: 1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
last-modified: Sun, 28 Jan 2024 05:01:56 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 2661
x-amz-server-side-encryption: AES256
etag: W/"a667194fd3b18f968d373e67b6c93623"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=3600
x-amz-cf-id: iEwqIqve3gxDdeJmdoIlGdCLtRpE29Azt9Z2cN3fmhIBKhc1P7zDtA==

GET
H2 200 trustbadge.js Show response
widgets.trustedshops.com/assets/ Frame 0719 229 KB
65 KB 70ms
70ms Script
text/javascript 18.238.49.53

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/assets/trustbadge.js
Requested by: Host: widgets.trustedshops.com
URL: https://widgets.trustedshops.com/js/XD6167D9815CD3E0043452FB0AB48CC64.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d44f49dbd70337758d6f4d479ef860373f2260710cffbc2d29809fd092ffff3a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 20:48:22 GMT
content-encoding: gzip
via: 1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 13:22:29 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 1055
x-amz-server-side-encryption: AES256
etag: W/"a12aaa3929b52fa3e98649f570a63b3f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=3600
x-amz-cf-id: 6MjUxLx845qfeatXrMM-jMwUUnmXRjHv4tfJ1KLGeuEGGJqQDjp-Gg==

GET
H2 200 192e369fd43210ef-s.p.woff2
widget.superchat.de/_next/static/media/ Frame 0978 20 KB
20 KB 301ms
300ms Font
font/woff2 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/media/192e369fd43210ef-s.p.woff2
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Origin: https://widget.superchat.de
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
cache-control: public, max-age=31536000, immutable
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
accept-ranges: bytes
etag: W/"4e24-18ced994c80"
content-length: 20004
content-type: font/woff2

GET
H2 200 51e0f2d5b6afae25.css
widget.superchat.de/_next/static/css/ Frame 0978 13 KB
4 KB 151ms
151ms Stylesheet
text/css 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/css/51e0f2d5b6afae25.css
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fb1be933c81c256b8f261acbf41499499d62c5fa7ffba732edbdece0c35f05d

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"34a5-18ced994c80"
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 webpack-e6a2c51c771ba246.js
widget.superchat.de/_next/static/chunks/ Frame 0978 5 KB
3 KB 289ms
286ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/chunks/webpack-e6a2c51c771ba246.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"14ab-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 framework-cf0de0a0e0734686.js
widget.superchat.de/_next/static/chunks/ Frame 0978 138 KB
45 KB 290ms
287ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/chunks/framework-cf0de0a0e0734686.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"226e3-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 main-91dbeb72a494c0d4.js
widget.superchat.de/_next/static/chunks/ Frame 0978 108 KB
32 KB 290ms
287ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/chunks/main-91dbeb72a494c0d4.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"1b17f-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _app-c24e3f51840e60ac.js
widget.superchat.de/_next/static/chunks/pages/ Frame 0978 107 KB
33 KB 290ms
288ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/chunks/pages/_app-c24e3f51840e60ac.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"1aa3f-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 874-953255a61105cdd8.js
widget.superchat.de/_next/static/chunks/ Frame 0978 134 KB
0 290ms
288ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/chunks/874-953255a61105cdd8.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"21976-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 v2-a635cdce12d5b973.js
widget.superchat.de/_next/static/chunks/pages/ Frame 0978 2 KB
1 KB 287ms
285ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/chunks/pages/v2-a635cdce12d5b973.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"6ad-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes

GET
H2 200 _buildManifest.js
widget.superchat.de/_next/static/prZtsDMBGB0w8yWYYlGXP/ Frame 0978 919 B
1 KB 285ms
284ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/prZtsDMBGB0w8yWYYlGXP/_buildManifest.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"397-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 919

GET
H2 200 _ssgManifest.js
widget.superchat.de/_next/static/prZtsDMBGB0w8yWYYlGXP/ Frame 0978 77 B
0 582ms
581ms Script
application/javascript 18.153.7.152

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.superchat.de/_next/static/prZtsDMBGB0w8yWYYlGXP/_ssgManifest.js
Requested by: Host: widget.superchat.de
URL: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.153.7.152 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://widget.superchat.de/v2?applicationKey=WCA36v4Zg7dwEA7Or5oGYJpMKq
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
last-modified: Tue, 09 Jan 2024 09:41:36 GMT
etag: W/"4d-18ced994c80"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
content-length: 77

GET
H2 200 de-DE.9655b11c5daedb1e26a8.chunk.js Show response
widgets.trustedshops.com/assets/ Frame 0719 11 KB
4 KB 62ms
62ms Script
text/javascript 18.238.49.53

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.trustedshops.com/assets/de-DE.9655b11c5daedb1e26a8.chunk.js
Requested by: Host: widgets.trustedshops.com
URL: https://widgets.trustedshops.com/assets/trustbadge.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 00bc02e96469775a36dd21479fbb378467dcfce28d5e77ffc35fc80450ac50b1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 12:48:26 GMT
content-encoding: gzip
via: 1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 13:22:30 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 29852
x-amz-server-side-encryption: AES256
etag: W/"3fa0d12653da247d6bcc3e6cd35c10b4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=31536000
x-amz-cf-id: OYbE0o8_goPwoz7iZs2gvib3Qcz_Ge1aXjcx51nTedqgJoth1zU2yw==

GET
H2 200 stat.js
www.clickcease.com/monitor/ Frame 0719 142 KB
0 385ms
76ms Script
application/javascript 2600:9000:210b:4200:15:a0d3:77c0:93a1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.clickcease.com/monitor/stat.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:210b:4200:15:a0d3:77c0:93a1 -, , ASN (),

Reverse DNS

Software

AmazonS3 /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: Cf02rYNryv9UIBzoGOQeQJTZ2QU2vf2Y
content-encoding: gzip
via: 1.1 3ad9c28633c81882cba37baccdcf1c62.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 21:05:53 GMT
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self' https://clickceasebiz.com https://*.clickceasebiz.com; upgrade-insecure-requests;
x-amz-cf-pop: EWR53-C3
age: 7
x-amz-server-side-encryption: AES256
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Hit from cloudfront
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Sep 2023 09:05:15 GMT
server: AmazonS3
etag: W/"e112b8bf96f23bc2970347a3c98e37fc"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: application/javascript
permissions-policy: microphone 'none'; camera 'none';
x-amz-cf-id: 09LN5YIxdWW3kRwrpxnEe-IMUK0nsaocuCnJczjemgAjNhZK-uClDQ==

GET
H3

200

landing
googleads.g.doubleclick.net/pagead/ Frame 0719
Redirect Chain

https://www.google.com/pagead/landing?gcs=G111&gcd=11n1n1n1n5&rnd=1207248994.1706475957&url=https%3A%2F%2Fwww.foboxy.de%2F&dma=0&tcfd=10000&gtm=45He41o0n81KJ96X95v812101894
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1n1n5&rnd=1207248994.1706475957&url=https%3A%2F%2Fwww.foboxy.de%2F&dma=0&tcfd=10000&gtm=45He41o0n81KJ96X95v812101894

42 B
64 B

81ms
80ms

Ping
image/gif

2607:f8b0:4006:822::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1n1n5&rnd=1207248994.1706475957&url=https%3A%2F%2Fwww.foboxy.de%2F&dma=0&tcfd=10000&gtm=45He41o0n81KJ96X95v812101894

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Server

2607:f8b0:4006:822::2002 Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 28 Jan 2024 21:05:57 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=11n1n1n1n5&rnd=1207248994.1706475957&url=https%3A%2F%2Fwww.foboxy.de%2F&dma=0&tcfd=10000&gtm=45He41o0n81KJ96X95v812101894
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js
www.googletagmanager.com/gtag/ Frame 0719 285 KB
93 KB 89ms
89ms Script
application/javascript 2607:f8b0:4006:80a::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-MJ23BNWFEW&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ96X95

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80a::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94945
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 28 Jan 2024 21:05:57 GMT

GET
H2 200 core.js
s.pinimg.com/ct/ Frame 0719 5 KB
2 KB 358ms
69ms Script
application/javascript 2600:141b:1c00:258b::1931

General

Check archive.org

Show headers Download Go to

Full URL: https://s.pinimg.com/ct/core.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KJ96X95
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:258b::1931 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

akamai-x-true-ttl: 7200
content-encoding: br
x-cdn: akamai
etag: "ad1325c16ccac3a8f0f92f032d33fe3c"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding, Origin
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-expose-headers: X-CDN
cache-control: max-age=7200
accept-ranges: bytes
alt-svc: h3=":443"; ma=600
content-length: 1864

GET fbevents.js
connect.facebook.net/en_US/ Frame 0719 0
0

GET
H2 200 bat.js
bat.bing.com/ Frame 0719 45 KB
13 KB 134ms
64ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: campagio.fr.gd
URL: https://campagio.fr.gd/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 28 Jan 2024 21:05:56 GMT
last-modified: Fri, 10 Nov 2023 20:09:55 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 6ACBF7EB48244BEF82C6C779C6508754 Ref B: MIAEDGE1515 Ref C: 2024-01-28T21:05:57Z
etag: "80abcdf1114da1:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 13175

GET
H2 200 exactag.js
cdn.exactag.com/js/ Frame 0719 13 KB
6 KB 365ms
75ms Script
application/javascript 2a02:6ea0:c400::11

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.exactag.com/js/exactag.js
Requested by: Host: campagio.fr.gd
URL: https://campagio.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:6ea0:c400::11 -, , ASN (),
Reverse DNS
Software: CDN77-Turbo /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-77-pop: newyorkUSNY
date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: gzip
x-age-lb: 287
x-amz-request-id: tx0000050c7e677a4b91e7f-00659d7d7f-3f5a3f3-prg
x-77-cache: HIT
x-accel-date: 1706475670
x-77-nzt: A5ySJBY3Nzf/HwEAALk73xQ3Nzf/AQAAAG09Wg0jHh0A
x-accel-expires: @1706476270
x-77-age: 288
x-cache-lb: HIT
last-modified: Tue, 09 Jan 2024 17:08:00 GMT
server: CDN77-Turbo
etag: W/"e413f616404d7c00ab7eaa73e6a42e6a-1"
x-77-nzt-ray: 1e192d086842b672b5c1b6659e3fe619
vary: Accept-Encoding, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-rgw-object-type: Normal

GET

activityi;dc_pre=CNq5i6r-gIQDFZMKTwgdv9ADDA;src=13489214;type=retar0;cat=fobox0;ord=4932632014464;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0...
13489214.fls.doubleclick.net/ Frame 4504
Redirect Chain

https://13489214.fls.doubleclick.net/activityi;src=13489214;type=retar0;cat=fobox0;ord=4932632014464;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uam...
https://13489214.fls.doubleclick.net/activityi;dc_pre=CNq5i6r-gIQDFZMKTwgdv9ADDA;src=13489214;type=retar0;cat=fobox0;ord=4932632014464;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma...

0
0

GET

activityi;dc_pre=CO2zi6r-gIQDFUel0QQdVfMENw;src=13489214;type=visit0;cat=fobox0;ord=1;num=8939062016596;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;...
13489214.fls.doubleclick.net/ Frame C00A
Redirect Chain

https://13489214.fls.doubleclick.net/activityi;src=13489214;type=visit0;cat=fobox0;ord=1;num=8939062016596;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafv...
https://13489214.fls.doubleclick.net/activityi;dc_pre=CO2zi6r-gIQDFUel0QQdVfMENw;src=13489214;type=visit0;cat=fobox0;ord=1;num=8939062016596;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1...

0
0

GET matomo.js
stats.foboxy.com/ Frame 0719 0
0

GET
H2 200 amzn.js
c.amazon-adsystem.com/aat/ Frame 0719 10 KB
4 KB 337ms
68ms Script
application/javascript 18.238.63.215

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aat/amzn.js
Requested by: Host: campagio.fr.gd
URL: https://campagio.fr.gd/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.63.215 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

x-amz-version-id: _yiCvCR02wV3CAAzASFXmfz.fdyYiliZ
content-encoding: gzip
via: 1.1 079cd4553da15b2329bffae6abe6157e.cloudfront.net (CloudFront), 1.1 a09be795efaa72bd6adbcee7b35c4d1c.cloudfront.net (CloudFront)
date: Sun, 28 Jan 2024 09:58:20 GMT
last-modified: Thu, 11 Jan 2024 19:14:49 GMT
server: AmazonS3
x-amz-cf-pop: JFK50-P6, JFK52-P4
x-amz-server-side-encryption: AES256
etag: W/"b1ed6792209bd011e8f82838d3604353"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
x-amz-cf-id: vDICHGWAYr8uJu24KzG6xgx5_sZ8XiXpqCNk7iZdJtGFoEI6nnR8oQ==

POST
H3 200 log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 9B2D 28 B
50 B 80ms
80ms XHR
application/json 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time: 1706475957140
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/KVMJh-j9XKU?rel=0
X-YouTube-Client-Version: 1.20240123.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgsyUkdxbXA3LTRJSSiyg9utBjIKCgJVUxIEGgAgNw%3D%3D
X-YouTube-Ad-Signals: dt=1706475954828&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 200 sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg
widgets.trustedshops.com/assets/images/ Frame 0719 48 KB
12 KB 65ms
65ms Image
image/svg+xml 18.238.49.53

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.trustedshops.com/assets/images/sprite.fa10bbbffbb158ef65643d1dccd20ba7bd355392.svg
Requested by: Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.238.49.53 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Sun, 28 Jan 2024 10:55:09 GMT
content-encoding: gzip
via: 1.1 2e60669cf4a63082b5e4935391509354.cloudfront.net (CloudFront)
last-modified: Tue, 23 Jan 2024 13:22:31 GMT
server: AmazonS3
x-amz-cf-pop: JFK52-P3
age: 36649
x-amz-server-side-encryption: AES256
etag: W/"b4672d465962967c88bab0a32f3f9d66"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
x-amz-cf-id: BQi6b0IicxhCy0dFnzDY3gXlOk5qgOVnABgc8ou_sVwkGn6sLdtRDQ==

POST
H3 200 log_event
www.youtube-nocookie.com/youtubei/v1/ Frame 0339 28 B
50 B 83ms
82ms XHR
application/json 2607:f8b0:4006:807::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube-nocookie.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube-nocookie.com
URL: https://www.youtube-nocookie.com/s/player/cb886c6c/www-embed-player.vflset/www-embed-player.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:807::200e Colchester, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
X-Goog-Request-Time: 1706475957319
Content-Type: application/json
X-YouTube-Utc-Offset: -600
X-YouTube-Client-Name: 56
Referer: https://www.youtube-nocookie.com/embed/GQuG3_4SHiQ?rel=0
X-YouTube-Client-Version: 1.20240123.01.00
X-YouTube-Time-Zone: Pacific/Honolulu
X-Goog-Visitor-Id: CgtTQ0xOYjJGbGZwdyiyg9utBjIKCgJVUxIEGgAgGA%3D%3D
X-YouTube-Ad-Signals: dt=1706475954948&flash=0&frm=2&u_tz=-600&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=31&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C0%2C0&vis=1&wgl=true&ca_type=image

Response headers

date: Sun, 28 Jan 2024 21:05:57 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31
x-xss-protection: 0

GET
H2 204 5665705.js
bat.bing.com/p/action/ Frame 0719 0
117 B 57ms
57ms Script
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/5665705.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
date: Sun, 28 Jan 2024 21:05:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: ADB6D18EA6054AB68B43393CD7C3BFE7 Ref B: MIAEDGE1515 Ref C: 2024-01-28T21:05:57Z
x-cache: CONFIG_NOCACHE

GET
H2 204 0
bat.bing.com/action/ Frame 0719 0
360 B 60ms
60ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=5665705&Ver=2&mid=2d4c58cc-2840-422e-aa0a-37143fbcfa38&sid=080d9a50be2111ee983c15e106a6996d&vid=080ddb60be2111ee809a370f901bb090&vids=1&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=foboxy%20Fotobox%20mieten%20%7C%20Rundum-sorglos-Paket%20zum%20Festpreis&p=https%3A%2F%2Fasrv205.com%2F&r=&lt=4377&evt=pageLoad&ifm=1&sv=1&rn=450264

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 21:05:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 928F23B5ADAD4D959E6C5DBC4937CF8E Ref B: MIAEDGE1515 Ref C: 2024-01-28T21:05:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 211023342.js
bat.bing.com/p/action/ Frame 0719 1 KB
839 B 58ms
58ms Script
application/javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/211023342.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: br
date: Sun, 28 Jan 2024 21:05:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F1C4529A03434599A851758DA5CE18CE Ref B: MIAEDGE1515 Ref C: 2024-01-28T21:05:57Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
cache-control: private,max-age=60

GET
H2 204 0
bat.bing.com/action/ Frame 0719 0
228 B 89ms
88ms Image
text/plain 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=211023342&Ver=2&mid=82df5c8f-8663-4ccd-8df4-9c46556f194d&sid=080d9a50be2111ee983c15e106a6996d&vid=080ddb60be2111ee809a370f901bb090&vids=0&msclkid=N&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=foboxy%20Fotobox%20mieten%20%7C%20Rundum-sorglos-Paket%20zum%20Festpreis&p=https%3A%2F%2Fasrv205.com%2F&r=&lt=4377&evt=pageLoad&ifm=1&sv=1&rn=611727

Requested by

Host: asrv205.com
URL: https://asrv205.com/adframe/eyJpZCI6NiwicHVibGlzaGVyX2lkIjo0LCJ3aWR0aCI6MzAwLCJoZWlnaHQiOjI1MH0=?ct=CLICKTRACKING

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Sun, 28 Jan 2024 21:05:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 39D50660794B463F9C2450311F167D26 Ref B: MIAEDGE1515 Ref C: 2024-01-28T21:05:57Z
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 211023342
bat.bing.com/p/insights/t/ Frame 0719 725 B
1 KB 73ms
72ms Script
application/x-javascript 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/insights/t/211023342

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/p/action/211023342.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.foboxy.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

expires: -1
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
date: Sun, 28 Jan 2024 21:05:56 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 21CCB9AD96A6488FBF7AF428720A3615 Ref B: MIAEDGE1515 Ref C: 2024-01-28T21:05:57Z
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
x-azure-ref: 0tcG2ZQAAAABwsicdpMfYRKMmzM8ewQiSQk4xQUEyMDUxMDE5MDE3ADZjZmJlZWUwLTUwMjctNDg0Yi04OTY3LTRhMjlhZjc3ZjFlMQ==
cache-control: no-cache, no-store
content-length: 616
request-context: appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12

GET main.a6d15c2a.js
s.pinimg.com/ct/lib/ Frame 0719 0
0

GET iu3
aax-eu.amazon-adsystem.com/s/ Frame FE43 0
0

GET 0.7.20
bat.bing.com/p/insights/s/ Frame 0719 0
0

GET pi.aspx
m.exactag.com/ Frame 7BEB 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.gmodules.com
URL: http://www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=fr&w=160&h=60&title=&border=&output=js

Domain: 80.190.202.79
URL: http://80.190.202.79/pic/d/dunet/dunet.gif

Domain
URL: c:/Users/MARIAC~1/AppData/Local/Temp/Low/__SkypeIEToolbar_Cache/18ec7742fdda2ad4cdfd1daa2d0aad46/session/GIF/offline.gif

Domain
URL: c:/Users/MARIAC~1/AppData/Local/Temp/Low/__SkypeIEToolbar_Cache/18ec7742fdda2ad4cdfd1daa2d0aad46/session/GIF/arrow.gif

Domain: fwd.fwdtrk.com
URL: https://fwd.fwdtrk.com/track?id=

Domain: www.svinando.de
URL: https://www.svinando.de/?awc=28767_1706475956_912aa486d31f7531446a43728045072f

Domain: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Domain: 13489214.fls.doubleclick.net
URL: https://13489214.fls.doubleclick.net/activityi;dc_pre=CNq5i6r-gIQDFZMKTwgdv9ADDA;src=13489214;type=retar0;cat=fobox0;ord=4932632014464;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-?

Domain: 13489214.fls.doubleclick.net
URL: https://13489214.fls.doubleclick.net/activityi;dc_pre=CO2zi6r-gIQDFUel0QQdVfMENw;src=13489214;type=visit0;cat=fobox0;ord=1;num=8939062016596;pscdl=noapi;gtm=45He41o0v812101894;gcs=G111;gcd=11n1n1n1n5;dma=0;tcfd=10000;uaa=;uab=;uafvl=;uamb=0;uam=;uap=;uapv=;uaw=0;epver=2;~oref=https%3A%2F%2Fwww.foboxy.de%2F%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-?

Domain: stats.foboxy.com
URL: https://stats.foboxy.com/matomo.js

Domain: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.a6d15c2a.js

Domain: aax-eu.amazon-adsystem.com
URL: https://aax-eu.amazon-adsystem.com/s/iu3?pid=14ed3f90-024e-4175-a9b9-9515cf9b59fb&event=PageView&ts=1706475957132

Domain: bat.bing.com
URL: https://bat.bing.com/p/insights/s/0.7.20

Domain: m.exactag.com
URL: https://m.exactag.com/pi.aspx?campaign=2ce382c0fc3bf43448f34b462c06ecc7&pitype=Content&convtype=&rnd=GgyBLD1nghgh&items=%7B%22type%22%3A%22Content%22%2C%22conversiontype%22%3A%22%22%2C%22referrer%22%3A%22https%3A%2F%2Fasrv205.com%2F%22%2C%22host%22%3A%22www.foboxy.de%22%2C%22site%22%3A%22%2F%22%2C%22search%22%3A%22%3Ffbxtch%3Daffiliate-ban-adcell%26utm_source%3Daffiliate%26utm_medium%3Dbanner%26utm_campaign%3D257824%26bid%3D360463-105746-%22%2C%22protocol%22%3A%22https%3A%22%2C%22campaign%22%3A%222ce382c0fc3bf43448f34b462c06ecc7%22%2C%22screensize%22%3A%22%22%2C%22pitype%22%3A%22%22%2C%22uk%22%3A%22%22%2C%22gk%22%3A%22%22%2C%22trackingURL%22%3A%22https%3A%2F%2Fm.exactag.com%22%2C%22cdnURL%22%3A%22https%3A%2F%2Fcdn.exactag.com%22%2C%22sitegroup%22%3A%22default%22%2C%22subid%22%3A%22foboxy%20Fotobox%20mieten%20%7C%20Rundum-sorglos-Paket%20zum%20Festpreis%22%7D

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.campagio.fr.gd/	1969-12-31 23:59:59	Name: PHPSESSID Value: 6c93e11a26842688887113a46a0dbe49
.xiti.com/	1970-01-21 03:32:56	Name: atid Value: 6295FD11-4555-413F-B19A-FD2973A616DB
t.adcell.com/	1970-01-20 18:02:42	Name: ADCELLvpid11583 Value: 360463-105746-%23%23%23%23https%3A%2F%2Fasrv205.com%2F%40%40%40%401706475951
.nextleveldefend.com/	1970-01-20 18:44:27	Name: nextleveldefend_65 Value: eJxtjUEOgjAQRe%2Fy1110Cm2hSzEmBHfoAWg7GKMJCYgbwt2tbiTRzSRv%2Fsx%2FC%2BaJx2uEW%2FDs7jPDIZqo2IeyM94q4kjUkzc%2By7PCWmZptDeBvOwp0woCjwmOrDS51aVWa1qMtOlbUMEZLbCDkwItnC5ygcOHTskXUkd7Tul71vtEVZOgOtZVk3D9YwjDcLtyd%2BGN53vw87C%2BAFTlPNQ%3D
.doubleclick.net/	1970-01-21 03:37:15	Name: IDE Value: AHWqTUl5-it1vqmto5Zp1xQSA_LB9d5UWEvtcgT0J1u-v_flaMMjgI6pg5gmhoVJ
.casalemedia.com/	1970-01-20 20:10:51	Name: CMPS Value: 963
.fr.gd/	1970-01-21 03:22:51	Name: __gads Value: ID=4908920623b93298:T=1706475951:RT=1706475951:S=ALNI_Mbu17dscNbAvtcjLRqcieuAdSFB4Q
.fr.gd/	1970-01-21 03:22:51	Name: __gpi Value: UID=00000dbab0d75e7b:T=1706475951:RT=1706475951:S=ALNI_MYUeRuF629_qVOdNwtSMhvyhwyTkw
.adnxs.com/	1970-01-21 03:37:15	Name: receive-cookie-deprecation Value: 1
.adnxs.com/	1970-01-20 20:10:51	Name: XANDR_PANID Value: 8eo9HmDTxMtQupUD1-vVaFZHV2KZm4ZbBsl7V2eDN14nwfl6Vnocel7vZlbLC6Iz8GwkEAe_0xHYTp3iEvjtGliOcyG2-ER_ny-GfgkhJ14.
.adnxs.com/	1970-01-20 20:10:51	Name: uuid2 Value: 4567654589101452626
.casalemedia.com/	1970-01-21 02:46:51	Name: CMID Value: ZbbBsQnGEJJW5dRfPft87wAA
.casalemedia.com/	1970-01-20 20:10:51	Name: CMPRO Value: 1525
.adnxs.com/	1970-01-20 20:10:51	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImOH?2sO!@wnfH8K6pQK`!5=E<L5?%KHfoN@r3B==[chG6shr=uOe<!.3@.)80rFufG%nugO%v4VB%nnU7.tVj
.googleadservices.com/	1970-01-20 20:10:51	Name: ar_debug Value: 1
api.yieldads.net/	1970-01-20 18:11:20	Name: AWSALBTGCORS Value: dKPGmoisZJppppZRCPAb3iT8f3DzXAP9cEtGx9QVFtqXwtoIwlquQdEKMVjQi4+4g4uHwA8vp9w/8fJqWZjJX0502ZTf5sphMT8+5AaVmJsDdzBqLrhP3j9gg67nNxSM37uvOqwVnTiVkcmav2ra9XO3M8vfRm8N3QAN+Ns+lBUlq+V5zeI=
api.yieldads.net/	1970-01-20 18:11:20	Name: AWSALBCORS Value: FUfaeaH8pkI3AVs+ScvN897av2Uhz0S9qHnvvu1GnClkGAaHUqXfYeM34ZdIwwcO+Y7kAmp2VJBRbFaROk9qb1P5gGdH83//h4ye9eMPBJhPXNTJ4LCIiegYa2ot
findarios.com/	1970-01-20 18:11:20	Name: AWSALBCORS Value: 4U7tLRj4h1iIHeBt6xL3YugsWqPPtUGW4SFuJ3wWNrnhas9tBrj24jh8GbgbBKJBHV5xVF3usFjJMoQkmIiCStKUxAxAhhzWF490CNNz/m3BDOb3QJJv0Zokm4E5

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://campagio.fr.gd/ Message: Mixed Content: The page at 'https://campagio.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://80.190.202.79/pic/d/dunet/dunet.gif'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	error	URL: https://campagio.fr.gd/ Message: Mixed Content: The page at 'https://campagio.fr.gd/' was loaded over HTTPS, but requested an insecure script 'http://www.gmodules.com/ig/ifr?url=http://www.google.com/ig/modules/translatemypage.xml&up_source_language=fr&w=160&h=60&title=&border=&output=js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://campagio.fr.gd/ Message: Mixed Content: The page at 'https://campagio.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://logv145.xiti.com/hit.xiti?s=356022&p=&hl=11x5x50&r=1600x1200x24x24&ref='. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://campagio.fr.gd/(Line 312) Message: Mixed Content: The page at 'https://campagio.fr.gd/' was loaded over HTTPS, but requested an insecure element 'http://80.190.202.79/pic/d/dunet/dunet.gif'. This request was not upgraded to HTTPS because its URL's host is an IP address.
security	error	URL: https://campagio.fr.gd/(Line 312) Message: Mixed Content: The page at 'https://campagio.fr.gd/' was loaded over HTTPS, but requested an insecure image 'http://80.190.202.79/pic/d/dunet/dunet.gif'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://campagio.fr.gd/(Line 171) Message: Mixed Content: The page at 'https://campagio.fr.gd/' was loaded over HTTPS, but requested an insecure frame 'http://www.freeaddepot.com/?act=view&aff=43620'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: c:/Users/MARIAC~1/AppData/Local/Temp/Low/__SkypeIEToolbar_Cache/18ec7742fdda2ad4cdfd1daa2d0aad46/session/GIF/offline.gif Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME
network	error	URL: c:/Users/MARIAC~1/AppData/Local/Temp/Low/__SkypeIEToolbar_Cache/18ec7742fdda2ad4cdfd1daa2d0aad46/session/GIF/arrow.gif Message: Failed to load resource: net::ERR_UNKNOWN_URL_SCHEME

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.


13489214.fls.doubleclick.net
80.190.202.79
aax-eu.amazon-adsystem.com
ad.doubleclick.net
api.usercentrics.eu
api.yieldads.net
app.usercentrics.eu
asrv205.com
bat.bing.com
c.amazon-adsystem.com
campagio.fr.gd
cdn.exactag.com
cm.g.doubleclick.net
connect.facebook.net
consent-api.service.consent.usercentrics.eu
dsum-sec.casalemedia.com
findarios.com
fonts.googleapis.com
fonts.gstatic.com
fwd.fwdtrk.com
fwdtrk.com
googleads.g.doubleclick.net
i.ytimg.com
ib.adnxs.com
integrations.etrusted.com
jnn-pa.googleapis.com
logv145.xiti.com
m.exactag.com
nextlevel-f353.kxcdn.com
nextleveldefend.com
pagead2.googlesyndication.com
privacy-proxy.usercentrics.eu
s.pinimg.com
s0.2mdn.net
stats.foboxy.com
t.adcell.com
tag.researchnow.com
theme.webme.com
tpc.googlesyndication.com
visifeed.org
widget.superchat.de
widgets.trustedshops.com
www.clickcease.com
www.foboxy.de
www.gmodules.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.svinando.de
www.youtube-nocookie.com

13489214.fls.doubleclick.net
80.190.202.79
aax-eu.amazon-adsystem.com
bat.bing.com
connect.facebook.net
fwd.fwdtrk.com
m.exactag.com
s.pinimg.com
stats.foboxy.com
www.gmodules.com
www.svinando.de
142.132.247.201
142.251.35.162
142.251.40.130
142.251.41.6
172.64.151.101
176.9.183.55
178.162.223.113
18.153.7.152
18.164.124.5
18.164.124.85
18.173.241.55
18.238.49.53
18.238.63.215
193.238.27.28
2600:141b:1c00:258b::1931
2600:1901:0:1e38::
2600:1901:0:5987::
2600:1901:0:c07c::
2600:9000:210b:4200:15:a0d3:77c0:93a1
2606:4700:20::681a:48f
2606:4700:3037::ac43:cc74
2607:f8b0:4006:807::200e
2607:f8b0:4006:808::2016
2607:f8b0:4006:80a::2008
2607:f8b0:4006:80e::200a
2607:f8b0:4006:816::2004
2607:f8b0:4006:817::2003
2607:f8b0:4006:81c::2001
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::2002
2607:f8b0:4006:822::2002
2607:f8b0:4006:822::2006
2607:f8b0:4006:823::200a
2607:f8b0:4006:824::2002
2620:1ec:c11::200
2a02:6ea0:c400::11
2a02:cb40:200::242
2a0b:4d07:2::3
3.75.56.58
35.157.83.91
52.57.118.173
68.67.179.166
008382d255b4c06cdae8f7307e154c31cfeb9bfa0824951c80088e07ddef4cb9
009a4cf1623ff76804e55d59a17f680f77d8c76ada674500997ff44cc7ac0741
00bc02e96469775a36dd21479fbb378467dcfce28d5e77ffc35fc80450ac50b1
00f1cb5ed71f5ce99826748a3a2224e0fc78b53f039eb23d85713b73c978b723
0165e3e123442d569ab5aa2b4a5676bd4c28e35c8b9091b008f49000c9cee3b4
04430765e15f831e2858b2766fdcaa0694ff9e61027a4be719b747339947d3e8
04e1cb85ebd9a0f820a4da2be1a964c1933d7ada017dc964078a55abff3cbeb8
05f7e7fb3a6865d9cf13d50556c53cbcea309c1a2f0704b0a7937227e4c63d0b
0927d0eb1802a65f1b033034b2d947118d176148381dce25c885d9deb94b9d7a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0f285340fde233e4bf0042716b33a9aae7ef38bf6768663286012870f5a648cb
131ea1565000c0ee64a76bce491a2fd20a84490afe9550a7d3fd9666190543dc
147d26f67f05f970e192d4f2300453b6b25bb4873b9bea77ec899c51f1f50228
1ba4031306fea150ce0863608c2185c66d2b464eba049fbb198a2fb2b46354af
1d18b129ec5b1df45af518f59f2cd828af2a6726214371df7bf82bc5db16566f
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f90ee7376e6891807fffc2ed16757bf1fd1b010aab236625e31521a334d0300
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2041a20fff155b1321ba813d1f6598f7a9e512f9aa849dca3503b176379264e4
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
20a4c3d68e5653b7b9a5b24796a25f9971b6857c18676e4a17ed4a95985dfdf4
24a65d92bebb84b0337689592f1f908cbdc5ae37e9df93557f52f881d8f36308
265f3b749343ddc678cc652d18d39f3cfb059eb7fa8bbf591d5186ecc6d2bb6b
2cf798f733c885cffbcaf3a2964ba614ba4760690a33a7204b5fb45f83ed2503
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
322d7746078e8dbb44201668443a0b80cd456c0162578bd22155993d57d6cbe1
365f56e2f5be7a1b607f4bd54eb55735f2fa6bc9c554152d4188901b676f21c4
38633b8bdc4be607b01596d25377ed6102e72a6ccd5b3b877228350efe56ff04
3de2e95f0c6df96ee23c068b76ba39ceec788da847efb09978a1fe11fbfe6d70
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
48130491a79ec2b69ab13488d5aae4b4c37df6c98a1f9f2fa87fd8c77684258f
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c794205cfbae7ef5515edfa8f84de7308f4a133fc17805b7ad1c7b178992ea6
4d65f2a8019de1ddeef0f10a83f8dfb79630735f8ccb87c07a2463a7cfc0e464
4dbc0add19325d82bfd675bc1ed5067997396d1b74e9645822fce0179bf48ce4
4fda0729c5af106a739a6dd7bcbcb7999816030af99dc82a8c63ddc4044875d2
50acf75b3a92779e3bb467fd45e1d2209aa0faabddb34e17e164165f5ec96cd2
5239edec28e81019987392b6e88c9a9f5f661ae1470a5a0135323a9579af3cd2
5310e5cb53769c1fa1ac3b24f254a733bb18f6bb6309d10e455fb2b3a2c285a0
54db8dca7039b548a0aa4e5e22fcea2a4e536b8aaec0b13a750dbc61ca3f3538
5618c9256c68d8019fa7111b6e0494024a3f034ac4d1fb16d65d45eae80643e0
5719cdd3acdb2b6a5b9ae0bee910fc88fbc0f297f83235c02865d78eeed48446
5904ac053ee5163169774e5563cc32a2c458a4ce0e8b4e76e173998f4d01d580
5a3d03a31acf29a27a5aed7fd247e0d8e7fa3ad0607eb94739ce5c7a043276f6
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5df273e074cefcbb052322340be47d8d0bb6f805f3aca32d0916734d5e1aadb3
5f9d74c4ceafb9af7b16d0301ee24a6bdb2835b06b3f91bb9f012f2792efddcf
5fb1be933c81c256b8f261acbf41499499d62c5fa7ffba732edbdece0c35f05d
61471942707b575ea24b5e3bae90f5950b8091c334bc38c0dd11db6b33b1493d
62e4a09b017b0438191cda12442fa36ccef724b19d6c7fb5e3dea10f049e682c
635aad20a17719612452d1a83717cb4f8b2263c6cfd873ce86fd24561de75d50
65beb34dea0bd33222efdb1a0511d5f2b9b9bd5fedd8cdf9a50fbac791b69982
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
689ce17bd42665bbeffed17eb99c4559a0cf46d6dac29a7f9fe52b2a11ebe9ed
6cf9cccbbcf7d0d6f6ebd3727a284870a985bdce7f5216223bf3f33df0bc894b
6d4d24159d9036a7bf22463dd2314a50a2f40ccc9d17b4ae5293413e6157e453
6d944234187dbf2eb669ba1bb9d0a7934ffe96ce9deceb7d464d6b400f6a84b5
707a1a975187add7b8616566b4d452eeb7cd95dea257a8adb569e7b8e913851d
7094277e4e28f5c0b9637ae7d27d7fe100fd9492d39624d633f035742c5065c2
70d6aa69f492c02bbce4cfe00cd7dc8b26601f03467d08473a9707832f26fb4d
7154071be46519e980b3d21b9fa291847e6e837065181c38322f7e2484b6cc07
7264fba26067a2ef45823f70ddbacc964be4892cd7ab49f52efdd59d2daf47c7
740dfebba956aff74f6650e1a4ec794d210e20cbeb5167add4196136ceef8b76
763140216572eae537b4c2ac32d96d2db6383c1a69800adcfd82c58d5e835430
7906bae2f5af623aad5893b1da37b3d3d681a35b7dfeafb51977b0305fa9f246
7c3e7e87700869f6e7f00db6fb08f7c463a6181f71af23c2eb5580f3a6fa5cf1
7fd73d3801e84afe66c3ff844bc391d49738aeec2cbde21500b41bff3fc0dd9b
80f7b16e3aa399b73c0a60366d5ae7ca446b327c69f64f825f3b9b9870459724
8563f915516318c564b1a4b4d4005778294178cfac736d0ed7dd5afa86d4cd50
8600d2466c423fe29e86b35c1a728b16dbff177b186632a3827858ad6c2b58d3
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
86fd3be02ab9497ebb14a884fb226386cd0db257b234b005f0000326ae8c9081
88a36aaf7346a67a24484a0dc0b3305b88031e82515b1c9d0f79fc71194ada3d
8a9a2641f1cad72291d5e09f000a8610d877777f9eb35a3d15af918ee5887d7a
8b8dbc6db2edbb75a2d608d2a64c8ca568a267cf87e0113d4764e1ee321a407d
8bf23b82d939bb7f3d64650989894b9e00534789e8e782a07069005d8bed094c
8c10766a91925657ebcdf5f19eeaa3ff697cc22ccbfbb52b42f6c493ece87690
90afb6d321282a04290b00562b03ff854b2b01263feb16b8f1999f1ee723c741
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9bd68931a535bd65365e2a09c0fd2e089c13125e88e390cec0c24dd5d64c290b
9e34975a0a58f4262f18fc35a4a9efb9f9b3962b87772f8fa5c006d5b7bc3f57
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0112554fb03e7988395617d40bb6771437b4fa8e3d7ad3b7fca1efc598704af
a189e6df38d351aa6811b635278498a0cc8b0cc27981d2b921e27a296938f0c5
a33be881a092c901050ff9fc9d8224a0334b1224a49fb03aae64ea7a358e1e5f
a590dacc7e008407d8763f8397247e8283fec12740446c9a502329569a29ad92
a86e33e39507927bb2006c78a28c3d92965570ef1f686e9dfc8191b948395b40
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ac18785d1f2e5954f79aaed1e5e36a751bcd7ca912e7d63c6228d392b1299bf1
ac907f9f8df49b4b3239122d1535bee7406bf4f6b0d8779547bc339f0f126882
ad17a8cb0a40dc43f76b25ad3f7d24142b99a2cd4584c15ebda7514619b7c679
b05c5ace089a65ba0cd345cdda18e3474d45689ed22bb85abf0711dfe47569ac
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b28b050e82519288328bbfa6aeb5f05ce52b5854b032d444d3b5fa3a8df3058b
b38bc5c7c32bda9f1c6a1bc259e6c8ad20dc7c3d6c701bf56904245515a65975
ba6277e11aada9b7d18c376899bb100602a40fa5aee5b580afc72e2d01efc63b
bb32f991345085a148e29504be330a695f20919d8cfd84064cc1d10ce9754ab0
bd7be8509109ef4148d80240a7c824174ba895d747133d4ede1a3c8e15cdf7e4
be0cd70793f003af0ac0d84ae3a0ce039269e04aea3ebc2c220595a476a7aafa
be3b15b1e68cf3e9278293d3b50491fe16c985e0ee5968852cac4fc062a7134e
c01720b2b7f38f35b76a02851d18e1c825a71fff02e4dd1a83f550c8d2272523
c266fb4259407127f85c7e4eff4583a15bf49ae66df6f944456aa20c0a216e2f
c4e2aad44f2a313aee96c76a201977d6ce582e7d798bb11c0fd39e4ede27aa93
c56b931b013622874bcdbd130958a92afae7fd7f62780a7efb7c55ba1bfe80e5
c7cf5c0ec05458fc0c9198e70a1e91347d0682105531980f239eec29a42ead23
c80495cdff4933d980cdfb07d0305dcd4fbdcb325c6b28e189153a7d6f2fd0a2
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
d44f49dbd70337758d6f4d479ef860373f2260710cffbc2d29809fd092ffff3a
d4921e6caf1dfe28190143aa7cab9addbed7127f03827e73a7cdc56032c25610
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d8c6994a8fdbca1445c5004a63b7a3898856bffb818e2cf22da694dc2d90bff9
dd8983616e8614c60e0048433e700381a1e0eaa8ff158cae1b49e9ca2f39124b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e94eea915588a6fab98c233eb6015e8d31633109f8a6380ea330452642f98c5c
e958357a69869103eeb968dee3d0965ecddf52c1fffe70332fba4a585bbecb93
ea44a4f5cdb32fed99bb5335de8fa3b24034f581a8209d93428cd0b88bf47bd4
eb3f4cf387fca0337770c0919834536dca1fc6c95ec5d142c46537a0f20ec14b
eb4fec10d8f4484b291b7c7d0de59d1b4375e000029fd1a128ad10c270d8d803
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ebbf51132ac80c2070995d82e1b1237526521386eaced499d94c36a05804141f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eef8e23801cc13c6ecdde36dafb161c3149c6f82b88bc7204f4bb51e395d94c3
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef34301455784e8a56ecc7a80985d6fd317ddd8328b6232dc0bc3223d79c91c2
f0f32ed2b0e4eabc75161737794c58a5642ed8f3c7c54aa6a65232e4f95bf46e
f2d8d21e33a114642bd67bc55352d33c0a99d4bc1ca4c504179f40a0394719fb
f4d5deb4709cebcb8d869180a1db81fab7c54f99dc2e72dab8b3db15eb76e660
f59973ae8aa50c92dcdbbdcb5710f5058319fede48f02651ec1c675b968827da
f671c5482d38386296e4b303955e549f8ffd9217038997e41e4109ce52a63317
f7c508fc8775d1df7eaef4660ffccb526ee61052c263ecc7cb08049b4a92f219
ff25123cd071aaa610c0dae7ee31a45eb1fd7bef8959e9e1692f3d8b65b4670b
ff38d8cc5d4386b873613a02d276f54ccdb620fae3f522ed9bb541d3e3f2548d
ffe930f9758afceef7661d372e0432d268cb7dc0b366b375aeae440a5175048e

campagio.fr.gd Open in urlscan Pro 193.238.27.28 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

222 Requests

88 %HTTPS

57 %IPv6

40 Domains

53 Subdomains

41 IPs

3 Countries

5642 kBTransfer

16985 kBSize

18 Cookies

3 Outgoing links

Redirected requests

222 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

campagio.fr.gd Open in urlscan Pro
193.238.27.28 Public Scan

Screenshot
Live screenshot

Full Image

222
Requests

88 %
HTTPS

57 %
IPv6

40
Domains

53
Subdomains

41
IPs

3
Countries

5642 kB
Transfer

16985 kB
Size

18
Cookies

222 HTTP transactions
9 data transactions