s6.dosya.tc Open in urlscan Pro
157.90.180.51  Public Scan

5 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 44

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArrIV9m4zDZsh4Ap8GhlVg&google_cver=1

Request Chain 45

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4lsrCcAdzlZeSGgRHgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1

Request Chain 46

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEMkp5Sx9BSwZKLkzzXTfJWg&google_cver=1

Request Chain 47

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODI0NzE1ODg1MTY4NTg1

Request Chain 48

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1EP6AtzkO0-xDEb2xEXqs&google_cver=1

Request Chain 49

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4rYJPwTPHXbM2C8eOAAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1

Request Chain 50

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESEDibKAEFQZQt3kbsNExOkgw&google_cver=1

Request Chain 51

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D

Request Chain 52

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1

Request Chain 53

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4p-bPheoaHcoSAhkAgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1

Request Chain 54

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1

Request Chain 55

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
• https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDY1ODAzNTIyNzAwMTkwOQ%3D%3D

Request Chain 80

• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1

Request Chain 81

• https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4p-bPheoaHcoSAhkAgAA HTTP 302
• https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1

Request Chain 82

• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
• https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1

Request Chain 83

• https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
• https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D

Request Chain 129

• https://fw.adsafeprotected.com/rfw/st/1686300/75378868/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bidurl=https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gAI21635b9xWLEj6qGZQY1&adsafe_url=https%3A%2F%2Fs6.dosya.tc&adsafe_type=g&adsafe_url=https%3A%2F%2Fs6.dosya.tc%2F&adsafe_type=c&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1&adsafe_type=d&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fhtml%2Fr20231004%2Fr20110914%2Fzrt_lookup.html%3Ffsb%3D1%23RS-3-%26adk%3D1812271801%26client%3Dca-pub-9775275426073837%26fa%3D1%26ifi%3D5%26uci%3Da!5%26btvi%3D1%26xpc%3Doobq7EePHf%26p%3Dhttps%253A%2F%2Fs6.dosya.tc&adsafe_type=be&adsafe_jsinfo=,id:70d9b96b-84ed-f765-d733-4d60d66a5755,c:qtlPHM,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-wfxkp,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,dvs:visible,oam:0,mtim:144,mot:0,app:0,maw:0,fm:tS6Xc87+11%7C12%7C131%7C132%7C133%7C1411%7C1412%7C14131%7C1511%7C15121%7C1513%7C161*.1686300-75378868%7C1611%7C16121%7C1613,idMap:161*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:159,oid:aa85d5e5-65f3-11ee-94ce-129810df7b0b,v:19.8.439,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

Request Chain 147

• https://fw.adsafeprotected.com/rfw/st/1686300/75378987/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bidurl=https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hEinYeD0-ZqeEBAHMgEXYL&adsafe_url=https%3A%2F%2Fs6.dosya.tc&adsafe_type=y&adsafe_url=https%3A%2F%2Fs6.dosya.tc%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-9775275426073837%26output%3Dhtml%26h%3D250%26slotname%3D8144100105%26adk%3D3870207184%26adf%3D2904689491%26pi%3Dt.ma~as.8144100105%26w%3D300%26lmt%3D1696773569%26format%3D300x250%26url%3Dhttps%253A%252F%252Fs6.dosya.tc%252Fserver15%252Fu8r2cw%252Fscrey_gri.rar.html%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..%26dt%3D1696780768920%26bpp%3D1%26bdt%3D198%26idt%3D286%26shv%3Dr20231004%26mjsv%3Dm202310020101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%26nras%3D1%26correlator%3D6644968593830%26frm%3D20%26pv%3D1%26ga_vid%3D2145869572.1696780769%26ga_sid%3D1696780769%26ga_hid%3D1510779643%26ga_fc%3D1%26u_tz%3D120%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D800%26ady%3D175%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44801484%252C44804783%26oid%3D2%26pvsid%3D232416423136216%26tmod%3D565048093%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CoeE%257C%26abl%3DCS%26pfx%3D0%26fu%3D0%26bc%3D31%26ifi%3D2%26uci%3Da!2%26fsb%3D1%26xpc%3D2v1pSgCoXT%26p%3Dhttps%253A%2F%2Fs6.dosya.tc%26dtd%3D290&adsafe_type=d&adsafe_jsinfo=,id:9b870df3-ff7d-688e-13f4-041dd36a9758,c:qtlPJh,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-797d947f74-7kcs9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,mtim:171,mot:0,app:0,maw:0,fm:tS6Xc9k+11%7C12%7C13*.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C1611%7C16121%7C1613%7C1614,idMap:13*,ex:e2,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:177,oid:aa9120ef-65f3-11ee-89af-aa774a8a21bd,v:19.8.439,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
• https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=

196 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
4 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H/1.1	200 OK	Primary Request screy_gri.rar.html Show response s6.dosya.tc/server15/u8r2cw/	5 KB 5 KB	99ms 58ms	Document text/html	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash f5766a22c71593e9ea516bc194fc99152c812e105a69c24daa3e5d1aa8557e54 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers Connection Keep-Alive Content-Type text/html; charset=ISO-8859-9 Date Sun, 08 Oct 2023 15:59:28 GMT Keep-Alive timeout=5, max=150 Server Apache Transfer-Encoding chunked
GET H/1.1	200 OK	style.css s6.dosya.tc/style/	14 KB 15 KB	12ms 12ms	Stylesheet text/css	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://s6.dosya.tc/style/style.css Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash 2b8c3599f9d693fc1422d4ad7c8fe6b9fbb2ade6b19a89c55e0d94f02252410a Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:49 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=149 Content-Length 14629
GET H/1.1	200 OK	bootstrap.css s6.dosya.tc/style/	138 KB 139 KB	26ms 13ms	Stylesheet text/css	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Full URL https://s6.dosya.tc/style/bootstrap.css Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash c942686010e285633d77a24341c43850ccd6162fcc7e8281ae8a70c2921a9af5 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:48 GMT Server Apache Content-Type text/css Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=148 Content-Length 141622
GET H/1.1	200 OK	logo.png s6.dosya.tc/images/	7 KB 7 KB	23ms 12ms	Image image/png	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/logo.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash 77eba513db8685e5a4b7633684b1d6b175bf8272ccfff3c6a1c0735d37d1d57a Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=150 Content-Length 7157
GET H/1.1	200 OK	uye-girisi.png s6.dosya.tc/images/	3 KB 3 KB	14ms 13ms	Image image/png	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/uye-girisi.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash 6bfa03e8b7d8249e9927cafe801657559f7b7064248bb970b55fb4b689611f2d Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:41 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=149 Content-Length 2979
GET H/1.1	200 OK	download-img.png s6.dosya.tc/images/	7 KB 7 KB	14ms 12ms	Image image/png	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/download-img.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash e7cfbf6b7de5e77de00e7376302839e106d3f0ab89637d2af07eb74b86ef4d4f Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:36 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=147 Content-Length 6819
GET H2	200	adsbygoogle.js Show response pagead2.googlesyndication.com/pagead/js/	144 KB 50 KB	93ms 56ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e77a8fb19c399b754dc7b01712c528152626ac4b3bf217c954ad822dec6426d0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Origin https://s6.dosya.tc accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:28 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 50943 x-xss-protection 0 server cafe etag 743042467449095554 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=3600 timing-allow-origin * expires Sun, 08 Oct 2023 15:59:28 GMT
GET H/1.1	200 OK	footer-icon1.png s6.dosya.tc/images/	582 B 824 B	12ms 12ms	Image image/png	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/footer-icon1.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash 101d88dc759a5588d5c064fe233b6b19c565966a527a03eb9cdc29c733b8d4c3 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:37 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=146 Content-Length 582
GET H/1.1	200 OK	footer-icon2.png s6.dosya.tc/images/	850 B 1 KB	13ms 12ms	Image image/png	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/footer-icon2.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash eea1befd43d3dc930a0eb0335c56ed8bc7e14aa1ee3e6c546cd21c1826362750 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:37 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=145 Content-Length 850
GET H/1.1	200 OK	footer-icon3.png s6.dosya.tc/images/	2 KB 2 KB	12ms 12ms	Image image/png	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/footer-icon3.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash c84a015988434d7fa0c884f5590de727799abacb9c4a4ad6b4cadea4b97ea732 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:38 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=148 Content-Length 1702
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Sun, 08 Oct 2023 15:49:42 GMT last-modified Mon, 12 Jun 2023 18:23:07 GMT server Golfe2 age 586 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Sun, 08 Oct 2023 17:49:42 GMT
GET H/1.1	200 OK	background.webp s6.dosya.tc/images/	110 KB 110 KB	14ms 13ms	Image image/webp	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/background.webp Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/style/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash 0804b26a6993fc6ee8e977f77aa9ce5ddf9c4fe69773b296cc292ee7b2a5ac1b Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/style/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:35 GMT Server Apache Content-Type image/webp Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=150 Content-Length 112776
GET H/1.1	200 OK	menu-ayrac.png s6.dosya.tc/images/	125 B 367 B	22ms 12ms	Image image/png	157.90.180.51 HETZNER-AS
General Check archive.org Show headers Download Go to Show image Full URL https://s6.dosya.tc/images/menu-ayrac.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/style/style.css Protocol HTTP/1.1 Security TLS 1.3, , AES_128_GCM Server 157.90.180.51 , Germany, ASN24940 (HETZNER-AS, DE), Reverse DNS static.51.180.90.157.clients.your-server.de Software Apache / Resource Hash 9700fc9abb23b0fa04c070487f5aebdcec2cbb22f10788ab7898032abe3fcced Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/style/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Date Sun, 08 Oct 2023 15:59:28 GMT Last-Modified Thu, 25 Mar 2021 15:06:40 GMT Server Apache Content-Type image/png Connection Keep-Alive Accept-Ranges bytes Keep-Alive timeout=5, max=147 Content-Length 125
POST H2	200	collect Show response www.google-analytics.com/j/	4 B 206 B	15ms 14ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1510779643&t=pageview&_s=1&dl=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&ul=en-us&de=windows-1254&dt=screy_gri.rar%20dosyas%C4%B1n%C4%B1%20indir%20-%20download&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1691616472&gjid=1638767038&cid=2145869572.1696780769&tid=UA-60205436-1&_gid=1476814619.1696780769&_r=1&_slc=1&z=939079641 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8 Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://s6.dosya.tc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s6.dosya.tc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 343 B	104ms 32ms	XHR text/plain	2a00:1450:400c:c06::9c GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-60205436-1&cid=2145869572.1696780769&jid=1691616472&gjid=1638767038&_gid=1476814619.1696780769&_u=IEBAAEAAAAAAACAAI~&z=748644435 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://s6.dosya.tc/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload date Sun, 08 Oct 2023 15:59:28 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://s6.dosya.tc cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	show_ads_impl_with_ama_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/	389 KB 132 KB	93ms 77ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 53ddca4a43db3fbc9d55a626582437e54d39b9c1e1939406405363a49aa08719 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:28 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 135179 x-xss-protection 0 server cafe etag 4541683992709023918 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600, stale-while-revalidate=3600 timing-allow-origin * expires Sun, 08 Oct 2023 15:59:28 GMT
GET H2	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/ Frame 30FC	10 KB 5 KB	75ms 21ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231004/r20190131/zrt_lookup.html Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-9775275426073837 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 11580 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 12:46:28 GMT etag 2603938475786422795 expires Sun, 22 Oct 2023 12:46:28 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	cookie.js Show response partner.googleadservices.com/gampad/	383 B 600 B	80ms 32ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://partner.googleadservices.com/gampad/cookie.js?domain=s6.dosya.tc&callback=_gfp_s_&client=ca-pub-9775275426073837 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 03d4c72d71b435ff77da4de8464e6d7ef10519acdb7f23316590f4e889e92ede Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:29 GMT content-encoding gzip x-content-type-options nosniff server cafe p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type text/javascript; charset=UTF-8 cache-control private cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 248 x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame CFD2	121 KB 27 KB	794ms 794ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&adk=1812271804&adf=3025194257&lmt=1696773569&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x1080_l%7C308x1080_r&format=0x0&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768916&bpp=4&bdt=194&idt=261&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6644968593830&frm=20&pv=2&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=284 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f9e74fe904ee044d1c987fb366097f60d5bde24b6b6d1e955369d413fcc0dcdd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 27260 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:59:29 GMT expires Sun, 08 Oct 2023 15:59:29 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	ads Show response googleads.g.doubleclick.net/pagead/ Frame 72B0	22 KB 10 KB	1304ms 1304ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash cff0d304d4c7864ed06be2d351c96695f2e60f4a5b63767922ccf95fe1930046 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 9989 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:59:30 GMT expires Sun, 08 Oct 2023 15:59:30 GMT observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	reactive_library_fy2021.js Show response pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/	153 KB 52 KB	101ms 101ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/reactive_library_fy2021.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6d20181a5c62dab521dd7093961915fcc50f95fe15737969bf56c88a6d69c624 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 53325 x-xss-protection 0 server cafe etag 7631680566944310404 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=1209600 timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame D9C0	10 KB 4 KB	20ms 20ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 79948 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 07 Oct 2023 17:47:02 GMT etag 2603938475786422795 expires Sat, 21 Oct 2023 17:47:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame B758	10 KB 4 KB	19ms 19ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 79948 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 07 Oct 2023 17:47:02 GMT etag 2603938475786422795 expires Sat, 21 Oct 2023 17:47:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	zrt_lookup.html Show response googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/ Frame B754	10 KB 4 KB	19ms 19ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 041fe6e516177e777c651a95708ee4961723db34a974e8be9e6ba597a1313e51 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers age 79948 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=1209600 content-encoding br content-length 4471 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sat, 07 Oct 2023 17:47:02 GMT etag 2603938475786422795 expires Sat, 21 Oct 2023 17:47:02 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 2F00	624 B 246 B	62ms 60ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUXdp1MCmCF-8-mbTJ0r37ChM_PKnVEuvii4fyqh7lPxGHL84yYjy23jyF8ZIhbDcK3DKoa4S5TEK8C60ib-8SzU2ZB61b431u0jYM5_jI9Jba4BbUMKwJgnA3OZ2q3djsWUapB4tLiCoGBtH5gmvUP3Y3INZbs6aTz4VaJrRPXdCtVpV4 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:59:30 GMT expires Sun, 08 Oct 2023 15:59:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame B2A0	89 KB 31 KB	181ms 180ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B2A0	3 KB 1 KB	31ms 8ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:49:52 GMT content-encoding br x-content-type-options nosniff age 4178 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 14:49:52 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame B2A0	20 KB 9 KB	30ms 7ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:40 GMT content-encoding br x-content-type-options nosniff age 8750 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8339 x-xss-protection 0 server cafe etag 16954770952846736976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:33:40 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame B2A0	187 KB 59 KB	44ms 20ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame B2A0	42 B 63 B	108ms 108ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C-wkP_f8oyxGgxTpBBTwRK8nfwjSN4WlP7wDSi_gn34xxvCsDlcuow3uDEgo4Yl_TsBen8g4jdZZs5P9eempynJBTe-f3xxe0M4HJKhFIYDgX7Wok Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B2A0	0 20 B	109ms 108ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=5900418081909504500&x=1&ct=76 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 98AD	624 B 246 B	60ms 59ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUSCzOrgIACrzpkMSSVipPuavxts15zIGmBRdH2bXxwmqzPc9VPvNw3JO9l6_Ocox3GosyLH9ILTqQrdG00MEQo3bd0ZG4sgUSOcS4Ywfv2VPm96AgNLYWk0kaADrQok_GiDaiYaX5h1nkrdGKID6wtqbzEVD248gSzItnAitVP9xiYY0w Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:59:30 GMT expires Sun, 08 Oct 2023 15:59:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 73B3	89 KB 31 KB	157ms 156ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 73B3	3 KB 1 KB	10ms 9ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:49:52 GMT content-encoding br x-content-type-options nosniff age 4178 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 14:49:52 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 73B3	20 KB 8 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:40 GMT content-encoding br x-content-type-options nosniff age 8750 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8339 x-xss-protection 0 server cafe etag 16954770952846736976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:33:40 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 73B3	187 KB 59 KB	28ms 27ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 73B3	42 B 63 B	109ms 108ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Abpdi03pQ7g5fxEhD5AS7GReh9uRUUpeLCSHmoQHiKECnc27PSJn7gI4XL29z5d_6_xdwQJVp0hciuKVFsI9gR4oEahhjcjitXVk4xdxP7vi85yUk Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 73B3	0 20 B	109ms 108ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=9502703168247263348&x=1&ct=76 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 798F	624 B 246 B	67ms 64ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIC5h_kBMAE&v=APEucNXP6RYODJn4YvPQOjgQ0ahFbpA-vP7xBu03M7u9mRfxopp60IayM_P1hcPUJR6qvkghyFxWmHOyKPXXxg2k6gzzTXPOkzyYE9-la8uIKDxSrVvhqCLv-e2WIzJ4QOZbwtlPzyg7s3INJXCXjOXdQqCIGVSE6UV-pf6vIxrWE8J6p1groLE Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:59:30 GMT expires Sun, 08 Oct 2023 15:59:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame F8A4	89 KB 31 KB	172ms 172ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H2	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F8A4	3 KB 1 KB	10ms 8ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:49:52 GMT content-encoding br x-content-type-options nosniff age 4178 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 14:49:52 GMT
GET H2	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame F8A4	20 KB 8 KB	9ms 7ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:40 GMT content-encoding br x-content-type-options nosniff age 8750 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8339 x-xss-protection 0 server cafe etag 16954770952846736976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:33:40 GMT
GET H2	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame F8A4	187 KB 59 KB	24ms 22ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame F8A4	42 B 63 B	109ms 108ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CdCCw5jxX3yoky7ImlW6_3cH2n1EWyrMKQfbdu0ncgiZt76xc8T-ghzJxPObDpv44BI3njcf0qCY5uF8ep6c1Mbi4kdOgxr7fMPsRuEP0u9cybDeQ Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F8A4	0 20 B	109ms 108ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=6443121171443670436&x=1&ct=76 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 2F00 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArrIV9m4zDZsh4Ap8GhlVg&google_cver=1	43 B 769 B	26ms 26ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArrIV9m4zDZsh4Ap8GhlVg&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUXdp1MCmCF-8-mbTJ0r37ChM_PKnVEuvii4fyqh7lPxGHL84yYjy23jyF8ZIhbDcK3DKoa4S5TEK8C60ib-8SzU2ZB61b431u0jYM5_jI9Jba4BbUMKwJgnA3OZ2q3djsWUapB4tLiCoGBtH5gmvUP3Y3INZbs6aTz4VaJrRPXdCtVpV4 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YVE9580Viocd3IfXinNXtXgb8k%2FnTeOIzq3h3rcu2gE8N78weqjQ1JIpWToqwN%2BdzV0ag14ZKqhDKum5xdojDbq7jc5%2BSe8FLOwR%2BlAeCJMZxyciiJ9pwPk774G4tD8aAVjGwZ6AOrk8nA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f97670d661e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEArrIV9m4zDZsh4Ap8GhlVg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 2F00 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4lsrCcAdzlZeSGgRHgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1	43 B 731 B	22ms 22ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUXdp1MCmCF-8-mbTJ0r37ChM_PKnVEuvii4fyqh7lPxGHL84yYjy23jyF8ZIhbDcK3DKoa4S5TEK8C60ib-8SzU2ZB61b431u0jYM5_jI9Jba4BbUMKwJgnA3OZ2q3djsWUapB4tLiCoGBtH5gmvUP3Y3INZbs6aTz4VaJrRPXdCtVpV4 Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=98I7zYsOy3e91VCOD3yp%2BTpY1uJBeboWVGAWe9oONpQt7dkTK1xJEaQiE2xh9ICgB1luZ18SUEtrVoLhd4TfJpc%2B5pmhWA184UyhL9AM%2BdZAKbBGx8E8XB1YQRu4DTvz11WGgfGrgWpcNA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f97673dc31e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 2F00 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEMkp5Sx9BSwZKLkzzXTfJWg&google_cver=1	43 B 844 B	18ms 17ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEMkp5Sx9BSwZKLkzzXTfJWg&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUXdp1MCmCF-8-mbTJ0r37ChM_PKnVEuvii4fyqh7lPxGHL84yYjy23jyF8ZIhbDcK3DKoa4S5TEK8C60ib-8SzU2ZB61b431u0jYM5_jI9Jba4BbUMKwJgnA3OZ2q3djsWUapB4tLiCoGBtH5gmvUP3Y3INZbs6aTz4VaJrRPXdCtVpV4 Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid 7914d921-4497-46a5-a5c1-b23fd74fcdda server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEMkp5Sx9BSwZKLkzzXTfJWg&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 2F00 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODI0NzE1ODg1MTY4NTg1	170 B 243 B	18ms 18ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODI0NzE1ODg1MTY4NTg1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUXdp1MCmCF-8-mbTJ0r37ChM_PKnVEuvii4fyqh7lPxGHL84yYjy23jyF8ZIhbDcK3DKoa4S5TEK8C60ib-8SzU2ZB61b431u0jYM5_jI9Jba4BbUMKwJgnA3OZ2q3djsWUapB4tLiCoGBtH5gmvUP3Y3INZbs6aTz4VaJrRPXdCtVpV4 Protocol H2 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid 3a0143e6-6a16-4fd8-97dc-d16bd921ec5c server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=ODIzODI0NzE1ODg1MTY4NTg1 x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 98AD Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1EP6AtzkO0-xDEb2xEXqs&google_cver=1	43 B 734 B	25ms 25ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1EP6AtzkO0-xDEb2xEXqs&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUSCzOrgIACrzpkMSSVipPuavxts15zIGmBRdH2bXxwmqzPc9VPvNw3JO9l6_Ocox3GosyLH9ILTqQrdG00MEQo3bd0ZG4sgUSOcS4Ywfv2VPm96AgNLYWk0kaADrQok_GiDaiYaX5h1nkrdGKID6wtqbzEVD248gSzItnAitVP9xiYY0w Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKjCZys4iP596Okm%2BG4IvTjjsajrlbKdVputtsBKFHlysOMC5Z3oR9AWF7ss0XiSNyb%2Fprsr6Q41WK9ozQjnVr5WxBf74g03xToUt2OhP%2FDabz7PeKc4zIbvOJVP2wyUT2Kc6XPz%2FMCVJQ%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f97671d721e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEH1EP6AtzkO0-xDEb2xEXqs&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 98AD Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4rYJPwTPHXbM2C8eOAAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1	43 B 735 B	25ms 25ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUSCzOrgIACrzpkMSSVipPuavxts15zIGmBRdH2bXxwmqzPc9VPvNw3JO9l6_Ocox3GosyLH9ILTqQrdG00MEQo3bd0ZG4sgUSOcS4Ywfv2VPm96AgNLYWk0kaADrQok_GiDaiYaX5h1nkrdGKID6wtqbzEVD248gSzItnAitVP9xiYY0w Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=N0g6LHiCtu8HWnBfEfp6H%2F912B0E7zGarOvpgIjZfoh2oTfV1dAMwH7FMHKANFmJJEmaysKStmRQSVw%2BcY5UeNVD%2Bv%2BvGe3m%2BqekMJawV3z2VI9c4tUkncCpJwsBDUpWeJE5OgzK6woEuA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f97673dc61e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 98AD Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESEDibKAEFQZQt3kbsNExOkgw&google_cver=1	43 B 843 B	17ms 17ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESEDibKAEFQZQt3kbsNExOkgw&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUSCzOrgIACrzpkMSSVipPuavxts15zIGmBRdH2bXxwmqzPc9VPvNw3JO9l6_Ocox3GosyLH9ILTqQrdG00MEQo3bd0ZG4sgUSOcS4Ywfv2VPm96AgNLYWk0kaADrQok_GiDaiYaX5h1nkrdGKID6wtqbzEVD248gSzItnAitVP9xiYY0w Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid 7e0bf32e-9fde-4862-beae-5f816cdd8f40 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESEDibKAEFQZQt3kbsNExOkgw&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 98AD Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D	170 B 232 B	19ms 19ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPDkLxCZw2EYo4Wg5QEwAQ&v=APEucNUSCzOrgIACrzpkMSSVipPuavxts15zIGmBRdH2bXxwmqzPc9VPvNw3JO9l6_Ocox3GosyLH9ILTqQrdG00MEQo3bd0ZG4sgUSOcS4Ywfv2VPm96AgNLYWk0kaADrQok_GiDaiYaX5h1nkrdGKID6wtqbzEVD248gSzItnAitVP9xiYY0w Protocol H2 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid bf220cdd-3162-40a3-a94b-ed542a5e13d9 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 798F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1	43 B 735 B	24ms 24ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIC5h_kBMAE&v=APEucNXP6RYODJn4YvPQOjgQ0ahFbpA-vP7xBu03M7u9mRfxopp60IayM_P1hcPUJR6qvkghyFxWmHOyKPXXxg2k6gzzTXPOkzyYE9-la8uIKDxSrVvhqCLv-e2WIzJ4QOZbwtlPzyg7s3INJXCXjOXdQqCIGVSE6UV-pf6vIxrWE8J6p1groLE Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IXSDe%2Bb%2BZtuufUzoud4J1B9x1bhqMS9hzl0MlmdPoo0ZOCbFXbZczmrHyTGNHfa%2FNizkbzSq1SitreFrgvxGnakI%2FaNu%2FXfE7b%2Bocs6ZS6Ould2uNZDL6F9YliezwDTopelaAeuHTLyv1g%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f97671d711e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 798F Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4p-bPheoaHcoSAhkAgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1	43 B 739 B	27ms 27ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIC5h_kBMAE&v=APEucNXP6RYODJn4YvPQOjgQ0ahFbpA-vP7xBu03M7u9mRfxopp60IayM_P1hcPUJR6qvkghyFxWmHOyKPXXxg2k6gzzTXPOkzyYE9-la8uIKDxSrVvhqCLv-e2WIzJ4QOZbwtlPzyg7s3INJXCXjOXdQqCIGVSE6UV-pf6vIxrWE8J6p1groLE Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbtNBuQjZ8Hv6g62GkpoRJ5SFSIO5zBAE1J%2FC%2F6LUZqR8X9Jva3q2reymBLGgCH4zmcCWyQCFLHvOJ%2B4ci9uMvNfpQoA4Lqu%2Bmiwz%2FJg7ItRyE8K%2FEEtdsFHZrU%2BgMUEHY4sZ2NMveO5CA%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f97675e071e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 798F Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1	43 B 839 B	17ms 17ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIC5h_kBMAE&v=APEucNXP6RYODJn4YvPQOjgQ0ahFbpA-vP7xBu03M7u9mRfxopp60IayM_P1hcPUJR6qvkghyFxWmHOyKPXXxg2k6gzzTXPOkzyYE9-la8uIKDxSrVvhqCLv-e2WIzJ4QOZbwtlPzyg7s3INJXCXjOXdQqCIGVSE6UV-pf6vIxrWE8J6p1groLE Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid 8faac5a6-17d1-4634-808f-5f7940411701 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	pixel cm.g.doubleclick.net/ Frame 798F Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDY1ODAzNTIyNzAwMTkwOQ%3D%3D	170 B 232 B	17ms 17ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDY1ODAzNTIyNzAwMTkwOQ%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGIC5h_kBMAE&v=APEucNXP6RYODJn4YvPQOjgQ0ahFbpA-vP7xBu03M7u9mRfxopp60IayM_P1hcPUJR6qvkghyFxWmHOyKPXXxg2k6gzzTXPOkzyYE9-la8uIKDxSrVvhqCLv-e2WIzJ4QOZbwtlPzyg7s3INJXCXjOXdQqCIGVSE6UV-pf6vIxrWE8J6p1groLE Protocol H2 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid 3cc3a964-f24d-4b6e-9657-9ceef1cbd431 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTI2MDY1ODAzNTIyNzAwMTkwOQ%3D%3D x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B2A0	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=2699971117653&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B2A0	0 20 B	109ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=2699971117653&version=m202309260101&ct=76&x=1&cor=5900418081909504000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame B2A0	90 KB 38 KB	71ms 71ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cr54LtKUihp2mzTmK6HL_NhWyKbN4PJVHp4Pp9UUe9_25RiPeG9VjGFV5BhXO13WH7VtKY6UA8edfgB-wEVkNBZvg1zQ&cry=1&dbm_d=AKAmf-Ce2xaV06NEsH1ROcOtasD5N2wkYDm3CLlThUycGeXmdvd5rvvlEobSNjawvLGZwvzxnyhKDR81FXc5pDEWxMp01brgjVZqX0IwWol4gLumJjhBB2JrY5-uZ1jhFKeo0LHG03uQnJ6QSVIbyuLowe2UEklngjgYzZQs3yo59ZJWksJVT8ogeBuyR1gUWCDZoho5_PCnxAKiUn4-uQiaJm754j2mOXsLgs8MNURkCaqlirlatOVXTNBvGMeaFrU2xFAmAyXtbbqh_hDXGC4FOLwhWQ6j5oITWK8X-C9EJ_EgFYZ_gJpWfIkdYTBBkyGCViUpCIfBgSZHWzu_2L6Ik9huXX2x0koDFoMSuJHQ8cbYXcEtF1Hd4irY017uhOfxmrNAFGA1S9PRxhfPYuAc1L0XUYn976tWQlKm18e0eRvPRxdWYsk1_B_eWqSpuTfdA1PSlG6_HwpPJpzBEcJ5BEMbUS6re09-qi-tR4aoIQXvZOEy9oDlNLgsXGBhmQ_UJFdiBKG0kgdKBLloTX9Tey4SVZ1ItX4FmWt9r02XxhgiWJNzph1vA1uaMszsZ2iDlCfdCARYGnNDZwxD4y-bm4Nlu7p_jDPgJ-4yYexWaMjd9Hpk52G5bfLiQcLYYgMaHE4PI-ehJhecdLW7z8XZkCY4y7Oao6tBh6e9tqzVfZBU6i1cGzGg1LvJd_P2V1E4TZ7AZcZJYyH9zgPTkdev_MC-YxXMqwK-rCI39lG5nOVlju_7G57jcPPEGpMX50w3TY-4n-wPLqq97J6bogxBUTkTLyywS6Q7VwaylEG4W_vSs4re3pgFf477BfNsZz6XhSMnzPvBAOiPaHXfoVVyWoR77iBtl4QbHd8E2Q2VgcBhfPoUlxedvCB9vOD6Ow8ybCvRV7NAJtdqqjxX4NuF0vCU8GFKBmP_HIZzOl0Xhpj29z0eOzsbGbpqA9zaPY51wLfdn8FwPkX9d_YGKGVEBP4c8hWNK9ZkRs9rRK_x1FswoJDR643brmsGlm7rVmAagZMW_oxxAL07h9w2_m5jZ5o5ZqL0R1Pkb6duxz79nWDSav88cMbLejEIws71Ln-cPT8Ssrh9sFCFhzZt30EvjMZER5Hzq40mB9bF_ySRbyl7UPDX8KwNq2PtM_hUp3YpS0M6kDt_vbMN-nRm5e-1XQtR9L2CQnMRfQxWCI_0rS3JDKQzv2fiQY8_KE0KGQl1YN2cThCvKcrM9b97aHYSr3S_5MFGRaUKQGn-ANo_oDNFfD4R2nEj2BDqSgsMtw9Bjnm7ojAysFPLVod8fUb0miX3jo2invEOB3kpcEC70LPbUr44Jw7yasCDbHEED1E-DCFOLu-2-t8IPWBfwMwHpkhgaJlTAA9SamLx3QxNSe1y_JabWI3J0iqZC01m3mHL8p8Po57RyxNWK1hj1B1wN8Y6Oafk6NxFtSk27VnXqy6_zSc5jls1HoigFsSWP3ew-UDpYgAbeLrXndMS_swQNuTaOzmRGdwxeNyvHf-UJOzL7_xZwrbnb03ocORBuu5tUmoz57UUHWTYh40qlSQaBKuGR0M7P46U5DylMK_xZI8csl12L6OV0WSXjiDhSm-1LUtqvM7Vzy0_ibqbajYiS4Ro2tiRpUAoOC0tAdPRncHq-KP3o7055IU7kiJp1Y0viuYEWBwhvpZ289JTnjAD49SaQYQ7ZIB_USsE1fHRb_a2F1AJZKKAD30nr-ZD5guau9g6CU8344OV3t6gXZtvVT7u8fG3esIxD5Z5QZsmJU5VKFjdQ9JGnj9mr_9Wnr00hDY-lbCMe3iiPVWFAaNCbERA-D6ifF5UIZiHttYgUcgLa04SEXz0lPrcQd_mBkrX9FvaVKT7SUKYXiuXYFdDZj_imyoEZo98NYn4vU24bwVl-wUaxfMYm7c7GVI6e_chuKxjbl-GRhdNrG1Dulw5haymmD5njGNy3YuRy6Ly-2AojaK6MdUZwMtklRtT2jS8APQZ_J2hg2Lqe69AIhDgyR9da-YzQ84IbNbC2xL5rAdRKG0NWLxOCPbsUBc4AGi1m7pSlxwWwSjKtAaj_pgsbXnfYmzdYgII1Df827TBVLPJrsgLGtN5QkNlqO5Q1fiSWW3tOd9zysWjKKq1sBR71Z0lNU3LFecR0bF6SIoBmNwrcXgrMkVY1nKmsMdWCbOcHUkS0ZjWDkTQ07SgLv2OOulYOcR3nkHKp1bDaFcnzJSb9lN-ZNb-rT_80XmByGgpBY6CasHtlxRut5yWU2vvg5AOnVMt6FLvki-QUbVEFvtwsPscK_6_MCfsasUYtU3R3yI3_VG8QxT8mAT-8cFauHslPlddTvsNcowL86ZhOr0tJ5bB8tiAVcGPSeRZbH36WZJYyU7mk8qYkcvJxB_JpCsfDMCbe8Y2lF-AlgtG4VxD44D9E6tnBrD7_e6dqvT1DNls9kLGZCeuJW7ulgmqJR-d-GHTmjQONgOCEP_6cqYoETJqR6BL6EhKQYBxR_lLpmlIuBh0de841Vxd-gsWackb47MGIBlHmCcRhnMSuRUTg29ElhGyzG125Ekhbe8YgRgB9aq_-I95dXkD6i75so-reIwQqHggWv4Fn0P_mYyjrRJth9Qc8BMg00GwDBNf3AoFU-EH9A2B3ryQnEw2rTNbrHlkcPp4qBPzyNvdkAhjlgJpbYT14IodpEj2rTebw8905krlExbHvlTscTBxRAtjfaeTHlubFemicBcRPzJPFJgmRpmgyg9k5D1_y5FLFtwyZ3nCYN7dN9Ktv3jiS9T69hm6ONqB2FByNc3aJCB5oLSsr5gpSnh30zGuKPldrlZ9vnqvO_HEf3TEtrdl0liyD5te_-GDc-7WYLd6oHNWpYTLpLxudtdYRPmGVDMF10CCTbACZynkN6aMQjk1uGZL-mDTtPhcVsZTRGcxkRC_B4gHLBOFR19vjx_8UqCSB1y437HF0tEZ5CmvRWTQiRgjykZde0Kf-Mla1w4qgijhyoW3oe6NN8d-u9LPvwkRTFm9QJ9-t9sLir2RANrDGyf6bvg2xZHDJTWQZTRP_mPhMxXtoUgAI3CmTdm_x5Iy0LsdhsvyzCKLoFrMJg3GQiLiTx1I-TFJ2XWAdAwfvuPTIXHIYmKqaGtxcuYEA6hUrDmWbNaVPAfLcZ03zhBur3vWqZaUPCEQiYNXFvrpRS8FQHudm7pslMb0kV7O1qfHRdK2FqdJdBarbIZcFEDu4hN7BSarCArp1OgB4lk6bgc08hN1AdW4exfLCAg7LxgBbEe6mblVQ5mmrYdh493Bjghovy8iCjWG9VACo0O11seSlDJiHbtds5zl1_tOYY4uvfQ-ebh8ojdsYWDRHMaTBZXiJLT6-35BYxiDA4wF6XhDsb2ix0VKoLVxlP1Ru1jlBRxkWzQ_cUM_Vv97om4lUHgY0fIFUxDXiXL6vKOyRfYQzZMbPA5GAYHIKUtmUiljXJn-7fOPiVklar8Uv7o9sueZqCcWslEuqObdJgA8nFA0scqRmDy1QkELhkVOm204NzMuheld8QclNnNCU13rKbsOdIgibd3zDE1jPxV33Swl6wA44YShL31cywNiRBMaKP2gMUZ5d1xyCdaMLC5KCk0XNl8rUyDNSGiIoc4pvyrQv0qdkL2B7whL7rHNcJUFpqESi_o40IElegFnoft13HHWoa9SG0FxwHyVMEaruoRu3TjgxPgs1ViDjjI-hy0LxJw6iQi2&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=5900418081909504000&adk=497053795&idt=187&cac=0&dtd=10 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash f62069e31f7ba06c49553c01e6bc1623e13887a077ba5f857304ee485d0822ae Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38498 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 73B3	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=6692896761671&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 73B3	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=6692896761671&version=m202309260101&ct=76&x=1&cor=9502703168247263000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 73B3	89 KB 38 KB	55ms 55ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBxz4m_NpMvoPp-HU2coXcNExelRQau_6Q_6j_G_wHy5ODEDpT9EY-rYJksO0E8IQfvQDrD3s_O8ZOjSDw7vDwrKcIEw&cry=1&dbm_d=AKAmf-DOpS8z0vyzhHiZG1kiibzfT__22mn0BDPVal4FNFspOQ9SMhAfVzmrZgymsgxpX3XxKKHaRehejemxJiCrdOGjBHLBw2COZd9zwHxZX-k7lhJ_a0hDaNKvAwjmWsfzBqw-gQSLSGJECQXHCH4eXF5TxC_rPmZ3VLNYMHsWu8HrJxinUYuQO0WIH2jOs-WrnCs965Qhd_qx-Q4IYy6UERn5mlgo0dZOKyu3UWRvErBcgE6JdRKorm-_b7eDr5yZnIjpgWOyPWrOqxMZ2DX17325z0xorKqX5XYdLAz1ASiUfuMwqhKYMHKUCBzIm9sYKE4HbDqYutiYkRb8h22O8vnj_1fMB-w8hu2eKsiHZHdN2XEy9y0y_BvK0r00xWCbHDB9K91fTT10GHjoeDGuc0hSw-yQyACUk-KZ9Nq8LEtx6Z3NmkBKmqvSvRQSc_cYMhhKa5YH-QJHYcwtWcU4qCV3L6oL55JDfm1C5_Dys4awxDLl5QF9HEjCH71p6ZJr5boKhFW3jcJmfi2LkbvuQjS0GvMSw2u5kjYYICBWGNon5llK2r_XIhyIQ3nfqxxJfnZop4jXkchMLZAFCtTT-14HdLoQrkZYcXOdHx2PBHVecaFuMso8JiG3i39ry3Upg5fh9IwS3rk6jPVpKoCrJ93ietSLvgrkG-S0ZyYqkOSprSC_kRD7yVmlVNU0YBAVksnVRCjeH3s3EDGtCnZ7IOOXN30vOq_lIIfK9ytXnk2aitqav1l2xeu7qlJm6GtA0EIu528bNYZA27du9aftIqQGk4PXIww2c3rhCpBw_VBuz6Q6c1leHvgTy8EHYIOY1jFaKLUFnk_EtEC2O2tNKGJeCXLXjd-cpPFj0rmT8fDpTPYmrFaoVVumpXdsFVF4LVrcfF1tRJegFgejuOf-mpoUxwjDQAqWJ4sVL9HP-gKubs3bhgJS8y6v7ZxwYKhq8uy9CSGClRb3tphvdzP5Le7gyqnNH6YvvqXOjNJaOZcQuXoldtrAiiH9fSAiL934ueksD1AWAKnaUpGi4C1j9V8Vk4XpBFPcBhhN0bj1DD7JM17ydORYPLy56M5I7hLxguyTFYI-FgQOHStIyk17bMP7hGgrOHX76nUjBikmFVEfk9n_VJ9eDkZ89oIXuhte8p-nedPI1rbl06yjQhzmSL4O-u6ZsmRrFdafYByPuXTiqyp0OT3WLSHiB5JLpALkjD6m86FxoWcC-RKI5n4ahWbpl3nlW9hAgLg6vp_5A7D4TFQrQ7h9QY9CfQr_Rz6IzznS07uv-bN2a3N5I1z_fJD3xGIB6pShLVn5jcdNLRS4qinnmb7hAvRx_vfNMO6T8xN3YxUpJJZnK-WaNu42y2Av0QUGPt10dJT3NaascO2uWp8lYrYiknYllMyH165lT41ox3epIx9mYcEXt3KuUvbMUwSYH0BJsjw9KKmJ9F7FB7A333csB2R5xIFvigUkdgogSFKdJD8hkGqO7jXbNLdQFME8jRqWx48Uu1SvFn4274FdiJ-k4-c9NirtUPdQGTjYYXAnUXXXX2RjgZtMTmt1HXj1tamD3CA5ZEcee3E-_iAp_-H7EHq2vic8Lg-TmL5T3YA0viRA1-8aG-kPVweM2H4tFtEgwIU8RF-EGAJYEcCGxt3FQzwRnuge1iPPXhu8O_gI2AMxmwJIWRyESupMyLGojeOt_gTizDqHdUBZrEdDNbeKJ8w1aak3svrMsw7PEqbEWIq-d1N1-91A7Cbs_Q9Bb6NbYKcMeq_n5lsGsR0rTgdpiMzQ60FH4U90DV0RBdR79jKIP6e_7Hi8vrLT-mA7BsKxHX1GKxXeLjTFedOZegcTAEJMTFpHc2vcNKzxgXyoCiaVywOeDXeRuTeCt47LlxzADBvguGhmeZvrDD0wxXt-qB_FeX1ymKdo-khfPL6-Z4RmUDpG7kCXrEM0GtuYXqItAltJskumsed1Hua7EKpyBrHWRncPgTi2MmMkXsahav5DUTUwGMFAGivJNB5BNb3XfagMteqsWRoW5MRW3Uu_ej2yp0Iz20kQqOFdWzQwtHUqHZLziz4D12DyaM6LTgrc6gmNAk1DvXZ2fxuv7wm7ef6il7uLMNENQJNCVEMBnCIigX596SzGaCApox8Yo263JmEcQ_wiJSwFjGBOnB6yLaYkja1K-T94S3RGmlfcRDwu_OdgurLVTEx9NDP-Zmca9CJyKud6m_G8eEXth__0wxhryF-O_PC33P1nMHOOkueu9uj3YLZBXKYK71czdaJDHTprhWPIL92jFA4gLobogf2cwFNkrkSRlxcMokjJgSQSUkLWA09XXW3C06EhjAH-Pu9w1FEIazs57ZtZSRvEbP_R-0IYcSKR3p-pCBt4yRsSS6W9QCKzswjmXiq_8Cx5D0TciliyvSpROzGEO7s_URnFMak3BUHiIRiJH4ynYiOa5BOgXjhThLOfuhdV9T5kRIQNTiUXla_YG6ups3t9WdiHoM1w1ifMePEowLqkv-BTGthslw2M5M-NFQn8HVgns3GFp4tzVTPoFPB10TF8bYNDGvM_kIafjc6mHaU4f9qxVXkRGC8MaNZ2X3I2sqvi_Gfu7a9Nr15ZOGRF0vHotYVqYpF5QKw3SzYVUnuofksZSrZCHWwlbFgUz1CwnmxV6PlHyHhmcqVQMZuK9VE8tuUtkZIYZ3AC__b_c-zEX_N2n7l5T7ec7gglAWRXseZEhMc-tUvDB4Dnx4wIauh61bMr85wpRt1A5WTYfKs1clDNMrsC5Zei6LZNY2RBWMkoJLkFQUbQmjPuFNnx2j-sb84Er0i_oiYRswMWzObMnZT7bR5LxV5-ba9TBTcLBPmFBN3BxVd0EXVAAafHFHVx8u4LFli3JloV3hRprNrMld-7y5LDO3o2B67ouO3YFmpWYNWEFEr8UfKZ9QdMi0Pgo-LtKt9FHkCzaNXnOiH4ADqsEOgTbCXwfwDOokpAZHiJChWL4puaSxqRdrWsD7sm3rXkqjGstWc0xzb1pvUpW0cH2AZ4S0itmpkzBsmBOUzruPHD8VVgCPg8Tm00ThPNh-vva_5nl-6eazzqF4jtk1p_1JxLG5bP36a65FjT9wZ2I-gkQJuhKaFTCvDyEc75O23nruPmVZ8FDu-NQ59WCDoZm9eYXlh9DEmMaOAZoQVkJLkgeAzj9FITvMBQ6FNK8jQAS2MuQe79PfxF5IPwqTfq1J-JysJs8nj4c3DwhrjpVpfrlmmeZC0DcvNKiATWgZDGev6_JbjK2b4LemdYeuenFuqFvbulECiGe-WR-i-un2fv5d4qGoF7j8jaNDTYeRtI4bFUpbhL6jyiW1RDqLVY6pzj27tK2pLZ9nhfZ1ATHifKohi-GdlzERGl2ujhnC0_zeddFewjmhF6zOGmauStFHyTHfWNxmw5DYC6hzqBLm2tedlWjGYGm4O48EnBcZyvNn5w_ELBiVDBplpn5Oer5T6a-Ncwdmhw0fG43iVdDBe_myDKsFIept244jlG93Ltww5WeMEMD4Kl1wVAsxgJlDOJudr-W1L1gC6ozHzQZoqhP67KVYghonZRMasakUF10oMuW-WoEf0cG89j5uLiteU58SQ5l3eXRxxPGdKMW49ys95OtlTvNy1oxvo8St1vACB6PhLCIukpYgrY5D_4lRvy09g2R8ZeS6qScbv7HZ27DkSOrUslLA_ioqmWqCP_sA6pY-1k7yNCDPNZ&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=9502703168247263000&adk=1761367587&idt=164&cac=0&dtd=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 1acbcce141629181e3ab2d47f32638a704af6518590b164f0b71d32cf26acb78 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 38470 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	gen_204 pagead2.googlesyndication.com/pagead/ Frame 72B0	42 B 63 B	108ms 108ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Ap-nCtqWfvCLXt3pY3PqricCpXyg3oOfXUqkQrh659l7MQO3NBsoYYpQwqPi-H6ytFfADy6jcv5VNKAbiAfbBSTKMRFXOLLrY8IS_N4-G0fo5YyFM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 72B0	0 20 B	109ms 109ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=2672066130820730856&x=1&ct=76 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	dv3.js Show response pagead2.googlesyndication.com/pagead/js/ Frame 72B0	89 KB 31 KB	89ms 89ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/dv3.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 6c0bd41a591f67aa54215c9f9c1f0e86935d86b6546a0ba0bf9cebbed53a9ebc Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31491 x-xss-protection 0 server cafe etag 6167930392490353973 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=600 timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 72B0	3 KB 1 KB	20ms 19ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/window_focus_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:49:52 GMT content-encoding br x-content-type-options nosniff age 4178 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 14:49:52 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/ Frame 72B0	20 KB 8 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231004/r20110914/client/qs_click_protection_fy2021.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 50a61db1134643f3360d0e1ff16c4e48fdf700090052d0fcf9301e95884ae9d9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:33:40 GMT content-encoding br x-content-type-options nosniff age 8750 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8339 x-xss-protection 0 server cafe etag 16954770952846736976 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:33:40 GMT
GET H3	200	rx_lidar.js Show response www.googletagservices.com/activeview/js/current/ Frame 72B0	187 KB 59 KB	32ms 31ms	Script text/javascript	2a00:1450:4001:828::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 89403ef16933d6911ecc68da312e1934f696994b35d4824928649954a5980bec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 60043 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1696419354076528" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Sun, 08 Oct 2023 15:59:30 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F8A4	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4355684868074&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F8A4	0 20 B	108ms 107ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4355684868074&version=m202309260101&ct=76&x=1&cor=6443121171443670000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame F8A4	108 KB 41 KB	68ms 68ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKsvRPK3NLLO8kWnI1_Z2Y__jdRV4raZ87IaZeTYZJkUHs6S7ff9upwUC1GBO2HeuJs02hnTQ3oaNTD4TbxfjoBuwdYZ-qP_gFbjhOLW1VxPO9QpYgvrrJMGCzkI63-hqaT6FDhXvQbOhmhGbOEi_JXwe4lTLjboJIDs2WLhI7nvbc9U0&dbm_d=AKAmf-AsJe-xpe-QBrFgW-us5IXZhkEhx6EcxqKtImLJWO1ltalz1nMbq6_T-wm0U4_5lTLbV5nXPeafiF9-ufcVJQJOrcvHhU-U_yxX7lZKEHjXnR15Z0mdEBlXDChOC3z0JCD2gb0e_ajJMVQqghcXl7Ok6XiylYG7FJlL31pOjhf8mRuOoY3650cDsdXcMhTDTabklalYOeXrnT8iCTSG8Uzu_aZtKd3AfThF81dgucx4x_4zFw8vIM1kmY3IAsfFdTGMqfePPUpMvVmtUCT0zc8vZCdQMVI_Lnr7nOcZ6LPNfDs442JYC3FrADfSW9WXtZmXjEnzwPMn_EI1MG5aOxpzJztC_mRRfIYaB8EodRjbzVbhjESbx4QKXyskZBt_NdjOJf6bieL5VJBd3oEweEYvXS8phDhiLrrUpXfmjRuuPNPny6SRY3if4nC9iz4qbb789Mh_ztpUipi4C7GTXgWyG-HrA-_zjvraYwHy_vVeZT2nUPyS0iL3ZuxDNfZnTZzVAXyfH5OM-2BVfdJPPRtmb8SlsnoFoOGcS8F0NjzIZiykTodNfXk0uYg2CrPHM1Rjf3Dtub61FmbmILS1zbvxMOyUOdnTsdHT9X_jwjkHkfkUCB3KuCFZhRHtb0KNk7f25gs3lTAmdBYBCbDP5diOYOLQl02CqwxvSTWRFhVR3-aiDPWJ9lqllUXWBT7aNBQG5Djov4-zAlNFyJ586u3ghGClaXiQetdhNPIL-6DOJ67MS-3bFNla2VPF2sBkNLsEZ9hh6Ud8hL1v1VQi4sRRln6V58cbVSkU2U6iDLk-2n8L2hggXI7a3KdbY5JA8X4UtlIZo-h1kzn9Lja9ZJke6Xx_R9UhuwVk2bVtwUqd2DSyc95NzJA5QnEFFEXU65mNeWTWBf5cL0l-JZEZCave1JTu35tp4qGOUgcPKXu58o4PFKn_ILCTdenduwj0pj4WUAW8T6ID_-ZGgaTi3h9o-JU2I3RvxXg9_mydSTMiZfWibrKVnW9sOZHlghHZel7tAAzei5COy9hRVJjTiCGnqe4ZFj7L1VpiAvNrOSVdrc8eRJ1YOy5U-rR5VHrQP4kL2Adeqk2auFcGpTZFvMXxD7fGrR_iTj3yrbw1yXlWMWIOR_uoKdBEBcHT4eBw5QVUIoqjH5p7Kk9MB_UvD2ol9c7jkdxbOB_xVupKOAvJ-WJwRpAnDruqjgB0gte4RIk3O60JAKnVmvho_73HQ0ng7IFW8Q8aW0BWntxiHIICaRPJjBWJDNBEyZgeoGnGOKK0TqJLO3LdZhPcRAd9OIBf_mRU51qdvcox15Pjy0x9HB25Z_-yvou3hEEu0-FfJdLlpi8-k9vsSXPtqMT6QZvkKdMLzpLrOVcke0LQx7ESyoSq2EDqfEIiWvpvinFj8FdbcsC9q1eHodcQCeGPdMa8w5mImf4lwqHuYCTlBVoT9Rk4bo-y1lwEFmUQ09WA8ux7qMhK0lVp85VNxGCvIhYEGdlyVz7ySrOfvsowN31DfsD89A03p_17_db58ZSPiJpgXREGXx5VAO9GZbXV8HWPJ8k8nIASqDbyY0gzWav-1lRtxatfqGZqw2f_ilSfdNwY4v963a5C-xUgZkJ-QHCzrxNFmLpu3cLogrGjFxK5Pfxt_TfNw0LEG6pnhzcQIABZ1Q96Zdo4he_KWzxPr4WXm5SPiQxFQH8E_ojznTJhnRKhxVsEHBRHH0PdKLobN26Ia5KSk2daAfzQqW0VmuWYjIvFtJ7sLCXNQ5K_-0InwDKkJLVYQsjC0PGsTZ4oQqrFHqjjSVkUrU-R6l-Vio2NwwgNkj70kKTDxXYUO0rBeCj0JSMC79BJ6TwlrQOFBWseEjThvw6k7dnBPLNwkYwzItEnJxmJOxOP6kPrdKjj_9gQ2t_I69JhTlj4TUaFsbqp-3A7OpyqqI8RiNRcKBRYoW5r98FTRkRBcxkQlCtB7qh51aHmSewk5kbcUS5PNxDg-iN6lkyjNqF2P7XXmgil98_12T1VUV-atbE_ovx0mgeaZVhBi1sXWNabYpYyOngk-N5Yo_02hHV2qcj4yacU-5NAJqMc_NXfNuY6bPlXotTDI7VWD0uyvk4_DSf9zY0BoiZ1UGKStp9qsgIhP7yVHxjfkJvxywfXQjGVSxvVCiR4tKCB7FbnbtmPdv7hf_lBWP1lTGDv4UnEpjRWaFJxMY-C8siTlUGCc2exBEjomnwmBkIl9hGKJZIqOI2zdThqAWiVuwuCir99EgFzl8QG1qpjAmBb_6wRySXLaz_cqySV5dDgjMOuMv0LJP_VcGK9qNUPBe5Ehc348BbmyQ09X5QmRmlkzUYG1UqMaojpnjmVDTagmlZ_SL4MNptotZxF4MvHQmGMhPIXdgV-qojUj9pVp86c1chtvu8ryOpjE3J-_Rf9Q0lFpP5GG5YJ3MICefNU_83U8jkDCpN9xI6bjSiLHkzJyq9wbqH5ymnYdmmvQSMFlO9lL3RzXmjdK5U2NO-REY2R6MYFZ5BffZQ51l4fovSY1wAQ5ncjuyZLiqE9wSLZgE70SaujLr_q0-9PzEfpXxzOQRY_Zq8fHHQlfBT47x4L354F_eIqQGf3tY0PA_KTdcUngszBJONUBVe8w86t3vOdqn_RCoD_L2__5HmLVkvTwRX1LQOZ2O_K2tBVGmS0jMJO4On9kz972ms7Ed_S0jdV5-wVqVLKDvxnTRVc7VOYT18tQ_4z6K_VA3sojwkD3FhMKZPspHqlFyrAxW2ahu4SHgcHghs25lRQkVeKAAJTOcizGA9nkfh-MumPBGsbDyQlhpr1dWhvMwygC5Z43fs5Mwyk2AjIEwYTdsFc_5QxxcykjcNmN5eCPh48l7sSun_JPUQZqqI_m83icHbGWgyFaH4MeZQOq_PnISTTZPL417QACU5P8xOS74yKp35frxOP6blRJwrElU41_gFwZQmqcGb5F9KzVyXdnWjFj3Enn0IOCDTK3gdznT5HlmzKh3zO69LiGRJ44EKfyog1lPHwQBym-CicF5sd5HGQNFRQ21scfTeHqlq8wfh8eS1KHprPLCSKAPKKSTRJKYds4zbdfc7SlUpCUtz5aR4XpEQEen7qjB0JF4y4YS3G63ne1IGDVVbyhrXgGMbGJ0PVkynm_xN-DuPvq3c_t91Q4mUVX3n82Rlbdf-lzXfnzcva2AMSj-onSR_2l9VWpHuz2JEv_1VSh1ygQ8T51ajHye_f5rs_YXa3_3wJpKMAdqAjMqpbX8ohiy3jTobdSOvRTkJwHyIkpprLI7CrqFmyXMwNJ7AaByptsQgEwXS7EoO-H8f3ZCwWL0XiV9ZNGNawFEFSUq8-uwYBTPsNgZt2k9EHv4Br5LHy6lE59zG_4WveI27CRpRlooKKlay7RwGATYPZbvt2-G45H4-FbSg5d-sdHEc031k8epQk_wFHh-YKPhv9SXKMM5FuA8fJp9rU7MD67uezGliTx6lFT0IwRucfZVeQhs_gSUlTPIAnY1ZvC208uiUnBFrGfl4FLvju2YOYx_BMxfpIPHATEpIJAxXPZEmMUbpx26hyIW9hmdJV7Sc-Frm1CIZJBSE_6OOE42lplFwit0rkwEQIWw6H51ALoe9HSBM2dDRiZjcy56lMHNvKz5oDsj55ySma964lLKryTLH-bO2vrq6sJK3eq6Iw3_QcBVpMMPn9z_kbYBI&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=6443121171443670000&adk=1726166460&idt=205&cac=0&dtd=2 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 756407f3ba61783aced820ad4a9f51ecc7815dff98b7fd8dcbb66541aa9e3e6b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41796 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel Show response googleads.g.doubleclick.net/xbbe/ Frame 24D7	624 B 245 B	85ms 85ms	Document text/html	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPK5h_kBMAE&v=APEucNXUQxgVTOahOKOs1GAIXu5iacH1Me7IZelWG-ZKRkGEJeepXhxmSG24NybxwGB1pbL-jbouN_c0dQ-hyIcNwUMAvJFFsXvs52rkGsI48lhvbEQ8jtZ3ltosHYmKyAHtMjK0EGpMOO4OU_16PJh3Kr-wrc76q86ussE6bYe_IeTeGsPCv-Q Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private content-encoding br content-length 222 content-type text/html; charset=UTF-8 cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:59:30 GMT expires Sun, 08 Oct 2023 15:59:30 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 73B3	111 KB 39 KB	93ms 28ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 07:03:24 GMT content-encoding gzip x-content-type-options nosniff age 32166 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 09 Oct 2023 07:03:24 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 73B3	11 KB 4 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBxz4m_NpMvoPp-HU2coXcNExelRQau_6Q_6j_G_wHy5ODEDpT9EY-rYJksO0E8IQfvQDrD3s_O8ZOjSDw7vDwrKcIEw&cry=1&dbm_d=AKAmf-DOpS8z0vyzhHiZG1kiibzfT__22mn0BDPVal4FNFspOQ9SMhAfVzmrZgymsgxpX3XxKKHaRehejemxJiCrdOGjBHLBw2COZd9zwHxZX-k7lhJ_a0hDaNKvAwjmWsfzBqw-gQSLSGJECQXHCH4eXF5TxC_rPmZ3VLNYMHsWu8HrJxinUYuQO0WIH2jOs-WrnCs965Qhd_qx-Q4IYy6UERn5mlgo0dZOKyu3UWRvErBcgE6JdRKorm-_b7eDr5yZnIjpgWOyPWrOqxMZ2DX17325z0xorKqX5XYdLAz1ASiUfuMwqhKYMHKUCBzIm9sYKE4HbDqYutiYkRb8h22O8vnj_1fMB-w8hu2eKsiHZHdN2XEy9y0y_BvK0r00xWCbHDB9K91fTT10GHjoeDGuc0hSw-yQyACUk-KZ9Nq8LEtx6Z3NmkBKmqvSvRQSc_cYMhhKa5YH-QJHYcwtWcU4qCV3L6oL55JDfm1C5_Dys4awxDLl5QF9HEjCH71p6ZJr5boKhFW3jcJmfi2LkbvuQjS0GvMSw2u5kjYYICBWGNon5llK2r_XIhyIQ3nfqxxJfnZop4jXkchMLZAFCtTT-14HdLoQrkZYcXOdHx2PBHVecaFuMso8JiG3i39ry3Upg5fh9IwS3rk6jPVpKoCrJ93ietSLvgrkG-S0ZyYqkOSprSC_kRD7yVmlVNU0YBAVksnVRCjeH3s3EDGtCnZ7IOOXN30vOq_lIIfK9ytXnk2aitqav1l2xeu7qlJm6GtA0EIu528bNYZA27du9aftIqQGk4PXIww2c3rhCpBw_VBuz6Q6c1leHvgTy8EHYIOY1jFaKLUFnk_EtEC2O2tNKGJeCXLXjd-cpPFj0rmT8fDpTPYmrFaoVVumpXdsFVF4LVrcfF1tRJegFgejuOf-mpoUxwjDQAqWJ4sVL9HP-gKubs3bhgJS8y6v7ZxwYKhq8uy9CSGClRb3tphvdzP5Le7gyqnNH6YvvqXOjNJaOZcQuXoldtrAiiH9fSAiL934ueksD1AWAKnaUpGi4C1j9V8Vk4XpBFPcBhhN0bj1DD7JM17ydORYPLy56M5I7hLxguyTFYI-FgQOHStIyk17bMP7hGgrOHX76nUjBikmFVEfk9n_VJ9eDkZ89oIXuhte8p-nedPI1rbl06yjQhzmSL4O-u6ZsmRrFdafYByPuXTiqyp0OT3WLSHiB5JLpALkjD6m86FxoWcC-RKI5n4ahWbpl3nlW9hAgLg6vp_5A7D4TFQrQ7h9QY9CfQr_Rz6IzznS07uv-bN2a3N5I1z_fJD3xGIB6pShLVn5jcdNLRS4qinnmb7hAvRx_vfNMO6T8xN3YxUpJJZnK-WaNu42y2Av0QUGPt10dJT3NaascO2uWp8lYrYiknYllMyH165lT41ox3epIx9mYcEXt3KuUvbMUwSYH0BJsjw9KKmJ9F7FB7A333csB2R5xIFvigUkdgogSFKdJD8hkGqO7jXbNLdQFME8jRqWx48Uu1SvFn4274FdiJ-k4-c9NirtUPdQGTjYYXAnUXXXX2RjgZtMTmt1HXj1tamD3CA5ZEcee3E-_iAp_-H7EHq2vic8Lg-TmL5T3YA0viRA1-8aG-kPVweM2H4tFtEgwIU8RF-EGAJYEcCGxt3FQzwRnuge1iPPXhu8O_gI2AMxmwJIWRyESupMyLGojeOt_gTizDqHdUBZrEdDNbeKJ8w1aak3svrMsw7PEqbEWIq-d1N1-91A7Cbs_Q9Bb6NbYKcMeq_n5lsGsR0rTgdpiMzQ60FH4U90DV0RBdR79jKIP6e_7Hi8vrLT-mA7BsKxHX1GKxXeLjTFedOZegcTAEJMTFpHc2vcNKzxgXyoCiaVywOeDXeRuTeCt47LlxzADBvguGhmeZvrDD0wxXt-qB_FeX1ymKdo-khfPL6-Z4RmUDpG7kCXrEM0GtuYXqItAltJskumsed1Hua7EKpyBrHWRncPgTi2MmMkXsahav5DUTUwGMFAGivJNB5BNb3XfagMteqsWRoW5MRW3Uu_ej2yp0Iz20kQqOFdWzQwtHUqHZLziz4D12DyaM6LTgrc6gmNAk1DvXZ2fxuv7wm7ef6il7uLMNENQJNCVEMBnCIigX596SzGaCApox8Yo263JmEcQ_wiJSwFjGBOnB6yLaYkja1K-T94S3RGmlfcRDwu_OdgurLVTEx9NDP-Zmca9CJyKud6m_G8eEXth__0wxhryF-O_PC33P1nMHOOkueu9uj3YLZBXKYK71czdaJDHTprhWPIL92jFA4gLobogf2cwFNkrkSRlxcMokjJgSQSUkLWA09XXW3C06EhjAH-Pu9w1FEIazs57ZtZSRvEbP_R-0IYcSKR3p-pCBt4yRsSS6W9QCKzswjmXiq_8Cx5D0TciliyvSpROzGEO7s_URnFMak3BUHiIRiJH4ynYiOa5BOgXjhThLOfuhdV9T5kRIQNTiUXla_YG6ups3t9WdiHoM1w1ifMePEowLqkv-BTGthslw2M5M-NFQn8HVgns3GFp4tzVTPoFPB10TF8bYNDGvM_kIafjc6mHaU4f9qxVXkRGC8MaNZ2X3I2sqvi_Gfu7a9Nr15ZOGRF0vHotYVqYpF5QKw3SzYVUnuofksZSrZCHWwlbFgUz1CwnmxV6PlHyHhmcqVQMZuK9VE8tuUtkZIYZ3AC__b_c-zEX_N2n7l5T7ec7gglAWRXseZEhMc-tUvDB4Dnx4wIauh61bMr85wpRt1A5WTYfKs1clDNMrsC5Zei6LZNY2RBWMkoJLkFQUbQmjPuFNnx2j-sb84Er0i_oiYRswMWzObMnZT7bR5LxV5-ba9TBTcLBPmFBN3BxVd0EXVAAafHFHVx8u4LFli3JloV3hRprNrMld-7y5LDO3o2B67ouO3YFmpWYNWEFEr8UfKZ9QdMi0Pgo-LtKt9FHkCzaNXnOiH4ADqsEOgTbCXwfwDOokpAZHiJChWL4puaSxqRdrWsD7sm3rXkqjGstWc0xzb1pvUpW0cH2AZ4S0itmpkzBsmBOUzruPHD8VVgCPg8Tm00ThPNh-vva_5nl-6eazzqF4jtk1p_1JxLG5bP36a65FjT9wZ2I-gkQJuhKaFTCvDyEc75O23nruPmVZ8FDu-NQ59WCDoZm9eYXlh9DEmMaOAZoQVkJLkgeAzj9FITvMBQ6FNK8jQAS2MuQe79PfxF5IPwqTfq1J-JysJs8nj4c3DwhrjpVpfrlmmeZC0DcvNKiATWgZDGev6_JbjK2b4LemdYeuenFuqFvbulECiGe-WR-i-un2fv5d4qGoF7j8jaNDTYeRtI4bFUpbhL6jyiW1RDqLVY6pzj27tK2pLZ9nhfZ1ATHifKohi-GdlzERGl2ujhnC0_zeddFewjmhF6zOGmauStFHyTHfWNxmw5DYC6hzqBLm2tedlWjGYGm4O48EnBcZyvNn5w_ELBiVDBplpn5Oer5T6a-Ncwdmhw0fG43iVdDBe_myDKsFIept244jlG93Ltww5WeMEMD4Kl1wVAsxgJlDOJudr-W1L1gC6ozHzQZoqhP67KVYghonZRMasakUF10oMuW-WoEf0cG89j5uLiteU58SQ5l3eXRxxPGdKMW49ys95OtlTvNy1oxvo8St1vACB6PhLCIukpYgrY5D_4lRvy09g2R8ZeS6qScbv7HZ27DkSOrUslLA_ioqmWqCP_sA6pY-1k7yNCDPNZ&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=9502703168247263000&adk=1761367587&idt=164&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 73B3	30 KB 11 KB	12ms 11ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BBxz4m_NpMvoPp-HU2coXcNExelRQau_6Q_6j_G_wHy5ODEDpT9EY-rYJksO0E8IQfvQDrD3s_O8ZOjSDw7vDwrKcIEw&cry=1&dbm_d=AKAmf-DOpS8z0vyzhHiZG1kiibzfT__22mn0BDPVal4FNFspOQ9SMhAfVzmrZgymsgxpX3XxKKHaRehejemxJiCrdOGjBHLBw2COZd9zwHxZX-k7lhJ_a0hDaNKvAwjmWsfzBqw-gQSLSGJECQXHCH4eXF5TxC_rPmZ3VLNYMHsWu8HrJxinUYuQO0WIH2jOs-WrnCs965Qhd_qx-Q4IYy6UERn5mlgo0dZOKyu3UWRvErBcgE6JdRKorm-_b7eDr5yZnIjpgWOyPWrOqxMZ2DX17325z0xorKqX5XYdLAz1ASiUfuMwqhKYMHKUCBzIm9sYKE4HbDqYutiYkRb8h22O8vnj_1fMB-w8hu2eKsiHZHdN2XEy9y0y_BvK0r00xWCbHDB9K91fTT10GHjoeDGuc0hSw-yQyACUk-KZ9Nq8LEtx6Z3NmkBKmqvSvRQSc_cYMhhKa5YH-QJHYcwtWcU4qCV3L6oL55JDfm1C5_Dys4awxDLl5QF9HEjCH71p6ZJr5boKhFW3jcJmfi2LkbvuQjS0GvMSw2u5kjYYICBWGNon5llK2r_XIhyIQ3nfqxxJfnZop4jXkchMLZAFCtTT-14HdLoQrkZYcXOdHx2PBHVecaFuMso8JiG3i39ry3Upg5fh9IwS3rk6jPVpKoCrJ93ietSLvgrkG-S0ZyYqkOSprSC_kRD7yVmlVNU0YBAVksnVRCjeH3s3EDGtCnZ7IOOXN30vOq_lIIfK9ytXnk2aitqav1l2xeu7qlJm6GtA0EIu528bNYZA27du9aftIqQGk4PXIww2c3rhCpBw_VBuz6Q6c1leHvgTy8EHYIOY1jFaKLUFnk_EtEC2O2tNKGJeCXLXjd-cpPFj0rmT8fDpTPYmrFaoVVumpXdsFVF4LVrcfF1tRJegFgejuOf-mpoUxwjDQAqWJ4sVL9HP-gKubs3bhgJS8y6v7ZxwYKhq8uy9CSGClRb3tphvdzP5Le7gyqnNH6YvvqXOjNJaOZcQuXoldtrAiiH9fSAiL934ueksD1AWAKnaUpGi4C1j9V8Vk4XpBFPcBhhN0bj1DD7JM17ydORYPLy56M5I7hLxguyTFYI-FgQOHStIyk17bMP7hGgrOHX76nUjBikmFVEfk9n_VJ9eDkZ89oIXuhte8p-nedPI1rbl06yjQhzmSL4O-u6ZsmRrFdafYByPuXTiqyp0OT3WLSHiB5JLpALkjD6m86FxoWcC-RKI5n4ahWbpl3nlW9hAgLg6vp_5A7D4TFQrQ7h9QY9CfQr_Rz6IzznS07uv-bN2a3N5I1z_fJD3xGIB6pShLVn5jcdNLRS4qinnmb7hAvRx_vfNMO6T8xN3YxUpJJZnK-WaNu42y2Av0QUGPt10dJT3NaascO2uWp8lYrYiknYllMyH165lT41ox3epIx9mYcEXt3KuUvbMUwSYH0BJsjw9KKmJ9F7FB7A333csB2R5xIFvigUkdgogSFKdJD8hkGqO7jXbNLdQFME8jRqWx48Uu1SvFn4274FdiJ-k4-c9NirtUPdQGTjYYXAnUXXXX2RjgZtMTmt1HXj1tamD3CA5ZEcee3E-_iAp_-H7EHq2vic8Lg-TmL5T3YA0viRA1-8aG-kPVweM2H4tFtEgwIU8RF-EGAJYEcCGxt3FQzwRnuge1iPPXhu8O_gI2AMxmwJIWRyESupMyLGojeOt_gTizDqHdUBZrEdDNbeKJ8w1aak3svrMsw7PEqbEWIq-d1N1-91A7Cbs_Q9Bb6NbYKcMeq_n5lsGsR0rTgdpiMzQ60FH4U90DV0RBdR79jKIP6e_7Hi8vrLT-mA7BsKxHX1GKxXeLjTFedOZegcTAEJMTFpHc2vcNKzxgXyoCiaVywOeDXeRuTeCt47LlxzADBvguGhmeZvrDD0wxXt-qB_FeX1ymKdo-khfPL6-Z4RmUDpG7kCXrEM0GtuYXqItAltJskumsed1Hua7EKpyBrHWRncPgTi2MmMkXsahav5DUTUwGMFAGivJNB5BNb3XfagMteqsWRoW5MRW3Uu_ej2yp0Iz20kQqOFdWzQwtHUqHZLziz4D12DyaM6LTgrc6gmNAk1DvXZ2fxuv7wm7ef6il7uLMNENQJNCVEMBnCIigX596SzGaCApox8Yo263JmEcQ_wiJSwFjGBOnB6yLaYkja1K-T94S3RGmlfcRDwu_OdgurLVTEx9NDP-Zmca9CJyKud6m_G8eEXth__0wxhryF-O_PC33P1nMHOOkueu9uj3YLZBXKYK71czdaJDHTprhWPIL92jFA4gLobogf2cwFNkrkSRlxcMokjJgSQSUkLWA09XXW3C06EhjAH-Pu9w1FEIazs57ZtZSRvEbP_R-0IYcSKR3p-pCBt4yRsSS6W9QCKzswjmXiq_8Cx5D0TciliyvSpROzGEO7s_URnFMak3BUHiIRiJH4ynYiOa5BOgXjhThLOfuhdV9T5kRIQNTiUXla_YG6ups3t9WdiHoM1w1ifMePEowLqkv-BTGthslw2M5M-NFQn8HVgns3GFp4tzVTPoFPB10TF8bYNDGvM_kIafjc6mHaU4f9qxVXkRGC8MaNZ2X3I2sqvi_Gfu7a9Nr15ZOGRF0vHotYVqYpF5QKw3SzYVUnuofksZSrZCHWwlbFgUz1CwnmxV6PlHyHhmcqVQMZuK9VE8tuUtkZIYZ3AC__b_c-zEX_N2n7l5T7ec7gglAWRXseZEhMc-tUvDB4Dnx4wIauh61bMr85wpRt1A5WTYfKs1clDNMrsC5Zei6LZNY2RBWMkoJLkFQUbQmjPuFNnx2j-sb84Er0i_oiYRswMWzObMnZT7bR5LxV5-ba9TBTcLBPmFBN3BxVd0EXVAAafHFHVx8u4LFli3JloV3hRprNrMld-7y5LDO3o2B67ouO3YFmpWYNWEFEr8UfKZ9QdMi0Pgo-LtKt9FHkCzaNXnOiH4ADqsEOgTbCXwfwDOokpAZHiJChWL4puaSxqRdrWsD7sm3rXkqjGstWc0xzb1pvUpW0cH2AZ4S0itmpkzBsmBOUzruPHD8VVgCPg8Tm00ThPNh-vva_5nl-6eazzqF4jtk1p_1JxLG5bP36a65FjT9wZ2I-gkQJuhKaFTCvDyEc75O23nruPmVZ8FDu-NQ59WCDoZm9eYXlh9DEmMaOAZoQVkJLkgeAzj9FITvMBQ6FNK8jQAS2MuQe79PfxF5IPwqTfq1J-JysJs8nj4c3DwhrjpVpfrlmmeZC0DcvNKiATWgZDGev6_JbjK2b4LemdYeuenFuqFvbulECiGe-WR-i-un2fv5d4qGoF7j8jaNDTYeRtI4bFUpbhL6jyiW1RDqLVY6pzj27tK2pLZ9nhfZ1ATHifKohi-GdlzERGl2ujhnC0_zeddFewjmhF6zOGmauStFHyTHfWNxmw5DYC6hzqBLm2tedlWjGYGm4O48EnBcZyvNn5w_ELBiVDBplpn5Oer5T6a-Ncwdmhw0fG43iVdDBe_myDKsFIept244jlG93Ltww5WeMEMD4Kl1wVAsxgJlDOJudr-W1L1gC6ozHzQZoqhP67KVYghonZRMasakUF10oMuW-WoEf0cG89j5uLiteU58SQ5l3eXRxxPGdKMW49ys95OtlTvNy1oxvo8St1vACB6PhLCIukpYgrY5D_4lRvy09g2R8ZeS6qScbv7HZ27DkSOrUslLA_ioqmWqCP_sA6pY-1k7yNCDPNZ&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=9502703168247263000&adk=1761367587&idt=164&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11602 x-xss-protection 0 server cafe etag 2362517075893974484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 73B3	41 KB 13 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 06:58:24 GMT content-encoding br x-content-type-options nosniff age 205266 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 06:58:24 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame B2A0	111 KB 39 KB	51ms 44ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 07:03:24 GMT content-encoding gzip x-content-type-options nosniff age 32166 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 09 Oct 2023 07:03:24 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame B2A0	11 KB 4 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cr54LtKUihp2mzTmK6HL_NhWyKbN4PJVHp4Pp9UUe9_25RiPeG9VjGFV5BhXO13WH7VtKY6UA8edfgB-wEVkNBZvg1zQ&cry=1&dbm_d=AKAmf-Ce2xaV06NEsH1ROcOtasD5N2wkYDm3CLlThUycGeXmdvd5rvvlEobSNjawvLGZwvzxnyhKDR81FXc5pDEWxMp01brgjVZqX0IwWol4gLumJjhBB2JrY5-uZ1jhFKeo0LHG03uQnJ6QSVIbyuLowe2UEklngjgYzZQs3yo59ZJWksJVT8ogeBuyR1gUWCDZoho5_PCnxAKiUn4-uQiaJm754j2mOXsLgs8MNURkCaqlirlatOVXTNBvGMeaFrU2xFAmAyXtbbqh_hDXGC4FOLwhWQ6j5oITWK8X-C9EJ_EgFYZ_gJpWfIkdYTBBkyGCViUpCIfBgSZHWzu_2L6Ik9huXX2x0koDFoMSuJHQ8cbYXcEtF1Hd4irY017uhOfxmrNAFGA1S9PRxhfPYuAc1L0XUYn976tWQlKm18e0eRvPRxdWYsk1_B_eWqSpuTfdA1PSlG6_HwpPJpzBEcJ5BEMbUS6re09-qi-tR4aoIQXvZOEy9oDlNLgsXGBhmQ_UJFdiBKG0kgdKBLloTX9Tey4SVZ1ItX4FmWt9r02XxhgiWJNzph1vA1uaMszsZ2iDlCfdCARYGnNDZwxD4y-bm4Nlu7p_jDPgJ-4yYexWaMjd9Hpk52G5bfLiQcLYYgMaHE4PI-ehJhecdLW7z8XZkCY4y7Oao6tBh6e9tqzVfZBU6i1cGzGg1LvJd_P2V1E4TZ7AZcZJYyH9zgPTkdev_MC-YxXMqwK-rCI39lG5nOVlju_7G57jcPPEGpMX50w3TY-4n-wPLqq97J6bogxBUTkTLyywS6Q7VwaylEG4W_vSs4re3pgFf477BfNsZz6XhSMnzPvBAOiPaHXfoVVyWoR77iBtl4QbHd8E2Q2VgcBhfPoUlxedvCB9vOD6Ow8ybCvRV7NAJtdqqjxX4NuF0vCU8GFKBmP_HIZzOl0Xhpj29z0eOzsbGbpqA9zaPY51wLfdn8FwPkX9d_YGKGVEBP4c8hWNK9ZkRs9rRK_x1FswoJDR643brmsGlm7rVmAagZMW_oxxAL07h9w2_m5jZ5o5ZqL0R1Pkb6duxz79nWDSav88cMbLejEIws71Ln-cPT8Ssrh9sFCFhzZt30EvjMZER5Hzq40mB9bF_ySRbyl7UPDX8KwNq2PtM_hUp3YpS0M6kDt_vbMN-nRm5e-1XQtR9L2CQnMRfQxWCI_0rS3JDKQzv2fiQY8_KE0KGQl1YN2cThCvKcrM9b97aHYSr3S_5MFGRaUKQGn-ANo_oDNFfD4R2nEj2BDqSgsMtw9Bjnm7ojAysFPLVod8fUb0miX3jo2invEOB3kpcEC70LPbUr44Jw7yasCDbHEED1E-DCFOLu-2-t8IPWBfwMwHpkhgaJlTAA9SamLx3QxNSe1y_JabWI3J0iqZC01m3mHL8p8Po57RyxNWK1hj1B1wN8Y6Oafk6NxFtSk27VnXqy6_zSc5jls1HoigFsSWP3ew-UDpYgAbeLrXndMS_swQNuTaOzmRGdwxeNyvHf-UJOzL7_xZwrbnb03ocORBuu5tUmoz57UUHWTYh40qlSQaBKuGR0M7P46U5DylMK_xZI8csl12L6OV0WSXjiDhSm-1LUtqvM7Vzy0_ibqbajYiS4Ro2tiRpUAoOC0tAdPRncHq-KP3o7055IU7kiJp1Y0viuYEWBwhvpZ289JTnjAD49SaQYQ7ZIB_USsE1fHRb_a2F1AJZKKAD30nr-ZD5guau9g6CU8344OV3t6gXZtvVT7u8fG3esIxD5Z5QZsmJU5VKFjdQ9JGnj9mr_9Wnr00hDY-lbCMe3iiPVWFAaNCbERA-D6ifF5UIZiHttYgUcgLa04SEXz0lPrcQd_mBkrX9FvaVKT7SUKYXiuXYFdDZj_imyoEZo98NYn4vU24bwVl-wUaxfMYm7c7GVI6e_chuKxjbl-GRhdNrG1Dulw5haymmD5njGNy3YuRy6Ly-2AojaK6MdUZwMtklRtT2jS8APQZ_J2hg2Lqe69AIhDgyR9da-YzQ84IbNbC2xL5rAdRKG0NWLxOCPbsUBc4AGi1m7pSlxwWwSjKtAaj_pgsbXnfYmzdYgII1Df827TBVLPJrsgLGtN5QkNlqO5Q1fiSWW3tOd9zysWjKKq1sBR71Z0lNU3LFecR0bF6SIoBmNwrcXgrMkVY1nKmsMdWCbOcHUkS0ZjWDkTQ07SgLv2OOulYOcR3nkHKp1bDaFcnzJSb9lN-ZNb-rT_80XmByGgpBY6CasHtlxRut5yWU2vvg5AOnVMt6FLvki-QUbVEFvtwsPscK_6_MCfsasUYtU3R3yI3_VG8QxT8mAT-8cFauHslPlddTvsNcowL86ZhOr0tJ5bB8tiAVcGPSeRZbH36WZJYyU7mk8qYkcvJxB_JpCsfDMCbe8Y2lF-AlgtG4VxD44D9E6tnBrD7_e6dqvT1DNls9kLGZCeuJW7ulgmqJR-d-GHTmjQONgOCEP_6cqYoETJqR6BL6EhKQYBxR_lLpmlIuBh0de841Vxd-gsWackb47MGIBlHmCcRhnMSuRUTg29ElhGyzG125Ekhbe8YgRgB9aq_-I95dXkD6i75so-reIwQqHggWv4Fn0P_mYyjrRJth9Qc8BMg00GwDBNf3AoFU-EH9A2B3ryQnEw2rTNbrHlkcPp4qBPzyNvdkAhjlgJpbYT14IodpEj2rTebw8905krlExbHvlTscTBxRAtjfaeTHlubFemicBcRPzJPFJgmRpmgyg9k5D1_y5FLFtwyZ3nCYN7dN9Ktv3jiS9T69hm6ONqB2FByNc3aJCB5oLSsr5gpSnh30zGuKPldrlZ9vnqvO_HEf3TEtrdl0liyD5te_-GDc-7WYLd6oHNWpYTLpLxudtdYRPmGVDMF10CCTbACZynkN6aMQjk1uGZL-mDTtPhcVsZTRGcxkRC_B4gHLBOFR19vjx_8UqCSB1y437HF0tEZ5CmvRWTQiRgjykZde0Kf-Mla1w4qgijhyoW3oe6NN8d-u9LPvwkRTFm9QJ9-t9sLir2RANrDGyf6bvg2xZHDJTWQZTRP_mPhMxXtoUgAI3CmTdm_x5Iy0LsdhsvyzCKLoFrMJg3GQiLiTx1I-TFJ2XWAdAwfvuPTIXHIYmKqaGtxcuYEA6hUrDmWbNaVPAfLcZ03zhBur3vWqZaUPCEQiYNXFvrpRS8FQHudm7pslMb0kV7O1qfHRdK2FqdJdBarbIZcFEDu4hN7BSarCArp1OgB4lk6bgc08hN1AdW4exfLCAg7LxgBbEe6mblVQ5mmrYdh493Bjghovy8iCjWG9VACo0O11seSlDJiHbtds5zl1_tOYY4uvfQ-ebh8ojdsYWDRHMaTBZXiJLT6-35BYxiDA4wF6XhDsb2ix0VKoLVxlP1Ru1jlBRxkWzQ_cUM_Vv97om4lUHgY0fIFUxDXiXL6vKOyRfYQzZMbPA5GAYHIKUtmUiljXJn-7fOPiVklar8Uv7o9sueZqCcWslEuqObdJgA8nFA0scqRmDy1QkELhkVOm204NzMuheld8QclNnNCU13rKbsOdIgibd3zDE1jPxV33Swl6wA44YShL31cywNiRBMaKP2gMUZ5d1xyCdaMLC5KCk0XNl8rUyDNSGiIoc4pvyrQv0qdkL2B7whL7rHNcJUFpqESi_o40IElegFnoft13HHWoa9SG0FxwHyVMEaruoRu3TjgxPgs1ViDjjI-hy0LxJw6iQi2&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=5900418081909504000&adk=497053795&idt=187&cac=0&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame B2A0	30 KB 11 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Cr54LtKUihp2mzTmK6HL_NhWyKbN4PJVHp4Pp9UUe9_25RiPeG9VjGFV5BhXO13WH7VtKY6UA8edfgB-wEVkNBZvg1zQ&cry=1&dbm_d=AKAmf-Ce2xaV06NEsH1ROcOtasD5N2wkYDm3CLlThUycGeXmdvd5rvvlEobSNjawvLGZwvzxnyhKDR81FXc5pDEWxMp01brgjVZqX0IwWol4gLumJjhBB2JrY5-uZ1jhFKeo0LHG03uQnJ6QSVIbyuLowe2UEklngjgYzZQs3yo59ZJWksJVT8ogeBuyR1gUWCDZoho5_PCnxAKiUn4-uQiaJm754j2mOXsLgs8MNURkCaqlirlatOVXTNBvGMeaFrU2xFAmAyXtbbqh_hDXGC4FOLwhWQ6j5oITWK8X-C9EJ_EgFYZ_gJpWfIkdYTBBkyGCViUpCIfBgSZHWzu_2L6Ik9huXX2x0koDFoMSuJHQ8cbYXcEtF1Hd4irY017uhOfxmrNAFGA1S9PRxhfPYuAc1L0XUYn976tWQlKm18e0eRvPRxdWYsk1_B_eWqSpuTfdA1PSlG6_HwpPJpzBEcJ5BEMbUS6re09-qi-tR4aoIQXvZOEy9oDlNLgsXGBhmQ_UJFdiBKG0kgdKBLloTX9Tey4SVZ1ItX4FmWt9r02XxhgiWJNzph1vA1uaMszsZ2iDlCfdCARYGnNDZwxD4y-bm4Nlu7p_jDPgJ-4yYexWaMjd9Hpk52G5bfLiQcLYYgMaHE4PI-ehJhecdLW7z8XZkCY4y7Oao6tBh6e9tqzVfZBU6i1cGzGg1LvJd_P2V1E4TZ7AZcZJYyH9zgPTkdev_MC-YxXMqwK-rCI39lG5nOVlju_7G57jcPPEGpMX50w3TY-4n-wPLqq97J6bogxBUTkTLyywS6Q7VwaylEG4W_vSs4re3pgFf477BfNsZz6XhSMnzPvBAOiPaHXfoVVyWoR77iBtl4QbHd8E2Q2VgcBhfPoUlxedvCB9vOD6Ow8ybCvRV7NAJtdqqjxX4NuF0vCU8GFKBmP_HIZzOl0Xhpj29z0eOzsbGbpqA9zaPY51wLfdn8FwPkX9d_YGKGVEBP4c8hWNK9ZkRs9rRK_x1FswoJDR643brmsGlm7rVmAagZMW_oxxAL07h9w2_m5jZ5o5ZqL0R1Pkb6duxz79nWDSav88cMbLejEIws71Ln-cPT8Ssrh9sFCFhzZt30EvjMZER5Hzq40mB9bF_ySRbyl7UPDX8KwNq2PtM_hUp3YpS0M6kDt_vbMN-nRm5e-1XQtR9L2CQnMRfQxWCI_0rS3JDKQzv2fiQY8_KE0KGQl1YN2cThCvKcrM9b97aHYSr3S_5MFGRaUKQGn-ANo_oDNFfD4R2nEj2BDqSgsMtw9Bjnm7ojAysFPLVod8fUb0miX3jo2invEOB3kpcEC70LPbUr44Jw7yasCDbHEED1E-DCFOLu-2-t8IPWBfwMwHpkhgaJlTAA9SamLx3QxNSe1y_JabWI3J0iqZC01m3mHL8p8Po57RyxNWK1hj1B1wN8Y6Oafk6NxFtSk27VnXqy6_zSc5jls1HoigFsSWP3ew-UDpYgAbeLrXndMS_swQNuTaOzmRGdwxeNyvHf-UJOzL7_xZwrbnb03ocORBuu5tUmoz57UUHWTYh40qlSQaBKuGR0M7P46U5DylMK_xZI8csl12L6OV0WSXjiDhSm-1LUtqvM7Vzy0_ibqbajYiS4Ro2tiRpUAoOC0tAdPRncHq-KP3o7055IU7kiJp1Y0viuYEWBwhvpZ289JTnjAD49SaQYQ7ZIB_USsE1fHRb_a2F1AJZKKAD30nr-ZD5guau9g6CU8344OV3t6gXZtvVT7u8fG3esIxD5Z5QZsmJU5VKFjdQ9JGnj9mr_9Wnr00hDY-lbCMe3iiPVWFAaNCbERA-D6ifF5UIZiHttYgUcgLa04SEXz0lPrcQd_mBkrX9FvaVKT7SUKYXiuXYFdDZj_imyoEZo98NYn4vU24bwVl-wUaxfMYm7c7GVI6e_chuKxjbl-GRhdNrG1Dulw5haymmD5njGNy3YuRy6Ly-2AojaK6MdUZwMtklRtT2jS8APQZ_J2hg2Lqe69AIhDgyR9da-YzQ84IbNbC2xL5rAdRKG0NWLxOCPbsUBc4AGi1m7pSlxwWwSjKtAaj_pgsbXnfYmzdYgII1Df827TBVLPJrsgLGtN5QkNlqO5Q1fiSWW3tOd9zysWjKKq1sBR71Z0lNU3LFecR0bF6SIoBmNwrcXgrMkVY1nKmsMdWCbOcHUkS0ZjWDkTQ07SgLv2OOulYOcR3nkHKp1bDaFcnzJSb9lN-ZNb-rT_80XmByGgpBY6CasHtlxRut5yWU2vvg5AOnVMt6FLvki-QUbVEFvtwsPscK_6_MCfsasUYtU3R3yI3_VG8QxT8mAT-8cFauHslPlddTvsNcowL86ZhOr0tJ5bB8tiAVcGPSeRZbH36WZJYyU7mk8qYkcvJxB_JpCsfDMCbe8Y2lF-AlgtG4VxD44D9E6tnBrD7_e6dqvT1DNls9kLGZCeuJW7ulgmqJR-d-GHTmjQONgOCEP_6cqYoETJqR6BL6EhKQYBxR_lLpmlIuBh0de841Vxd-gsWackb47MGIBlHmCcRhnMSuRUTg29ElhGyzG125Ekhbe8YgRgB9aq_-I95dXkD6i75so-reIwQqHggWv4Fn0P_mYyjrRJth9Qc8BMg00GwDBNf3AoFU-EH9A2B3ryQnEw2rTNbrHlkcPp4qBPzyNvdkAhjlgJpbYT14IodpEj2rTebw8905krlExbHvlTscTBxRAtjfaeTHlubFemicBcRPzJPFJgmRpmgyg9k5D1_y5FLFtwyZ3nCYN7dN9Ktv3jiS9T69hm6ONqB2FByNc3aJCB5oLSsr5gpSnh30zGuKPldrlZ9vnqvO_HEf3TEtrdl0liyD5te_-GDc-7WYLd6oHNWpYTLpLxudtdYRPmGVDMF10CCTbACZynkN6aMQjk1uGZL-mDTtPhcVsZTRGcxkRC_B4gHLBOFR19vjx_8UqCSB1y437HF0tEZ5CmvRWTQiRgjykZde0Kf-Mla1w4qgijhyoW3oe6NN8d-u9LPvwkRTFm9QJ9-t9sLir2RANrDGyf6bvg2xZHDJTWQZTRP_mPhMxXtoUgAI3CmTdm_x5Iy0LsdhsvyzCKLoFrMJg3GQiLiTx1I-TFJ2XWAdAwfvuPTIXHIYmKqaGtxcuYEA6hUrDmWbNaVPAfLcZ03zhBur3vWqZaUPCEQiYNXFvrpRS8FQHudm7pslMb0kV7O1qfHRdK2FqdJdBarbIZcFEDu4hN7BSarCArp1OgB4lk6bgc08hN1AdW4exfLCAg7LxgBbEe6mblVQ5mmrYdh493Bjghovy8iCjWG9VACo0O11seSlDJiHbtds5zl1_tOYY4uvfQ-ebh8ojdsYWDRHMaTBZXiJLT6-35BYxiDA4wF6XhDsb2ix0VKoLVxlP1Ru1jlBRxkWzQ_cUM_Vv97om4lUHgY0fIFUxDXiXL6vKOyRfYQzZMbPA5GAYHIKUtmUiljXJn-7fOPiVklar8Uv7o9sueZqCcWslEuqObdJgA8nFA0scqRmDy1QkELhkVOm204NzMuheld8QclNnNCU13rKbsOdIgibd3zDE1jPxV33Swl6wA44YShL31cywNiRBMaKP2gMUZ5d1xyCdaMLC5KCk0XNl8rUyDNSGiIoc4pvyrQv0qdkL2B7whL7rHNcJUFpqESi_o40IElegFnoft13HHWoa9SG0FxwHyVMEaruoRu3TjgxPgs1ViDjjI-hy0LxJw6iQi2&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=5900418081909504000&adk=497053795&idt=187&cac=0&dtd=10 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11602 x-xss-protection 0 server cafe etag 2362517075893974484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame B2A0	41 KB 13 KB	18ms 18ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 06:58:24 GMT content-encoding br x-content-type-options nosniff age 205266 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 06:58:24 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 24D7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1	43 B 734 B	56ms 56ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPK5h_kBMAE&v=APEucNXUQxgVTOahOKOs1GAIXu5iacH1Me7IZelWG-ZKRkGEJeepXhxmSG24NybxwGB1pbL-jbouN_c0dQ-hyIcNwUMAvJFFsXvs52rkGsI48lhvbEQ8jtZ3ltosHYmKyAHtMjK0EGpMOO4OU_16PJh3Kr-wrc76q86ussE6bYe_IeTeGsPCv-Q Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fm0Zc8n5usEXwI6u4a6SRTSD8H0FFSC5JasAXOb2RtUQi27iyv5WtrKX%2B698507G577Y%2BFAZLPULDiYJf8P7aEY3yxng3DYqKTGR%2B7R8ZD02HYsnQuhvJ%2FAX81E0l2l0oNdG%2B8z6BlLYmw%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f9768c8451e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	rum dsum-sec.casalemedia.com/ Frame 24D7 Redirect Chain https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZSLR4p-bPheoaHcoSAhkAgAA https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1	43 B 732 B	21ms 21ms	Image image/gif	104.18.27.193 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPK5h_kBMAE&v=APEucNXUQxgVTOahOKOs1GAIXu5iacH1Me7IZelWG-ZKRkGEJeepXhxmSG24NybxwGB1pbL-jbouN_c0dQ-hyIcNwUMAvJFFsXvs52rkGsI48lhvbEQ8jtZ3ltosHYmKyAHtMjK0EGpMOO4OU_16PJh3Kr-wrc76q86ussE6bYe_IeTeGsPCv-Q Protocol H3 Server 104.18.27.193 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT cf-cache-status DYNAMIC nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbLpZ7hDr61xozJspQ%2BaduHv8U5UetpAsBkg1fH%2BlSqOvT40YvN63qCZIgUqzH639b50K0jpmh6rlZMFvDa5Hd6ijh26FOU%2FcGnRZXqaYw0Il8hkibjnn0%2BNszPX5VcjoO66yjd67N0a0w%3D%3D"}],"group":"cf-nel","max_age":604800} p3p policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI" content-type image/gif cache-control no-cache cf-ray 812f976908a21e52-FRA alt-svc h3=":443"; ma=86400 content-length 43 expires 0 Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEB5F-au0R5bIf8PAfjtE21o&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 313 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	setuid ib.adnxs.com/ Frame 24D7 Redirect Chain https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1	43 B 839 B	15ms 14ms	Image image/gif	185.89.210.141 ASN-APPNEX
General Check archive.org Show headers Download Go to Show image Full URL https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPK5h_kBMAE&v=APEucNXUQxgVTOahOKOs1GAIXu5iacH1Me7IZelWG-ZKRkGEJeepXhxmSG24NybxwGB1pbL-jbouN_c0dQ-hyIcNwUMAvJFFsXvs52rkGsI48lhvbEQ8jtZ3ltosHYmKyAHtMjK0EGpMOO4OU_16PJh3Kr-wrc76q86ussE6bYe_IeTeGsPCv-Q Protocol H2 Server 185.89.210.141 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US), Reverse DNS 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net Software nginx/1.21.3 / Resource Hash 4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid e056a8b3-7888-4e47-988e-202367518ad8 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type image/gif cache-control no-store, no-cache, private x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 43 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type text/html; charset=UTF-8 location https://ib.adnxs.com/setuid?entity=101&code=CAESELA3x4ahc06hOI86uEFQy50&google_cver=1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 290 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	pixel cm.g.doubleclick.net/ Frame 24D7 Redirect Chain https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D	170 B 188 B	29ms 29ms	Image image/png	142.250.185.226 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLSETBC6jZEBGPK5h_kBMAE&v=APEucNXUQxgVTOahOKOs1GAIXu5iacH1Me7IZelWG-ZKRkGEJeepXhxmSG24NybxwGB1pbL-jbouN_c0dQ-hyIcNwUMAvJFFsXvs52rkGsI48lhvbEQ8jtZ3ltosHYmKyAHtMjK0EGpMOO4OU_16PJh3Kr-wrc76q86ussE6bYe_IeTeGsPCv-Q Protocol H3 Server 142.250.185.226 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s53-in-f2.1e100.net Software HTTP server (unknown) / Resource Hash 0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5 Security Headers Name Value X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT server HTTP server (unknown) content-type image/png cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 170 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT an-x-request-uuid 6148188c-5c06-4bf8-974c-bbec0aa352d6 server nginx/1.21.3 accept-ch Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness p3p policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE" content-type text/html; charset=utf-8 access-control-allow-origin * cache-control no-store, no-cache, private access-control-allow-credentials true location https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY1MDI5ODI2NzI4Nzc3MjExMg%3D%3D x-proxy-origin 37.58.58.245; 37.58.58.245; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com content-length 0 x-xss-protection 0 expires Sat, 15 Nov 2008 16:00:00 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1686300/75378868/ Frame F8A4	46 KB 12 KB	121ms 35ms	Script application/javascript	18.203.58.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1686300/75378868/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bidurl=https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gAI21635b9xWLEj6qGZQY1 Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.203.58.156 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-58-156.eu-west-1.compute.amazonaws.com Software / Resource Hash 64ef593ceefee46e183a60de53233233e32883bd9b60f7545350e9431642b330 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame F8A4	111 KB 39 KB	31ms 31ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 07:03:24 GMT content-encoding gzip x-content-type-options nosniff age 32166 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 09 Oct 2023 07:03:24 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame F8A4	11 KB 4 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKsvRPK3NLLO8kWnI1_Z2Y__jdRV4raZ87IaZeTYZJkUHs6S7ff9upwUC1GBO2HeuJs02hnTQ3oaNTD4TbxfjoBuwdYZ-qP_gFbjhOLW1VxPO9QpYgvrrJMGCzkI63-hqaT6FDhXvQbOhmhGbOEi_JXwe4lTLjboJIDs2WLhI7nvbc9U0&dbm_d=AKAmf-AsJe-xpe-QBrFgW-us5IXZhkEhx6EcxqKtImLJWO1ltalz1nMbq6_T-wm0U4_5lTLbV5nXPeafiF9-ufcVJQJOrcvHhU-U_yxX7lZKEHjXnR15Z0mdEBlXDChOC3z0JCD2gb0e_ajJMVQqghcXl7Ok6XiylYG7FJlL31pOjhf8mRuOoY3650cDsdXcMhTDTabklalYOeXrnT8iCTSG8Uzu_aZtKd3AfThF81dgucx4x_4zFw8vIM1kmY3IAsfFdTGMqfePPUpMvVmtUCT0zc8vZCdQMVI_Lnr7nOcZ6LPNfDs442JYC3FrADfSW9WXtZmXjEnzwPMn_EI1MG5aOxpzJztC_mRRfIYaB8EodRjbzVbhjESbx4QKXyskZBt_NdjOJf6bieL5VJBd3oEweEYvXS8phDhiLrrUpXfmjRuuPNPny6SRY3if4nC9iz4qbb789Mh_ztpUipi4C7GTXgWyG-HrA-_zjvraYwHy_vVeZT2nUPyS0iL3ZuxDNfZnTZzVAXyfH5OM-2BVfdJPPRtmb8SlsnoFoOGcS8F0NjzIZiykTodNfXk0uYg2CrPHM1Rjf3Dtub61FmbmILS1zbvxMOyUOdnTsdHT9X_jwjkHkfkUCB3KuCFZhRHtb0KNk7f25gs3lTAmdBYBCbDP5diOYOLQl02CqwxvSTWRFhVR3-aiDPWJ9lqllUXWBT7aNBQG5Djov4-zAlNFyJ586u3ghGClaXiQetdhNPIL-6DOJ67MS-3bFNla2VPF2sBkNLsEZ9hh6Ud8hL1v1VQi4sRRln6V58cbVSkU2U6iDLk-2n8L2hggXI7a3KdbY5JA8X4UtlIZo-h1kzn9Lja9ZJke6Xx_R9UhuwVk2bVtwUqd2DSyc95NzJA5QnEFFEXU65mNeWTWBf5cL0l-JZEZCave1JTu35tp4qGOUgcPKXu58o4PFKn_ILCTdenduwj0pj4WUAW8T6ID_-ZGgaTi3h9o-JU2I3RvxXg9_mydSTMiZfWibrKVnW9sOZHlghHZel7tAAzei5COy9hRVJjTiCGnqe4ZFj7L1VpiAvNrOSVdrc8eRJ1YOy5U-rR5VHrQP4kL2Adeqk2auFcGpTZFvMXxD7fGrR_iTj3yrbw1yXlWMWIOR_uoKdBEBcHT4eBw5QVUIoqjH5p7Kk9MB_UvD2ol9c7jkdxbOB_xVupKOAvJ-WJwRpAnDruqjgB0gte4RIk3O60JAKnVmvho_73HQ0ng7IFW8Q8aW0BWntxiHIICaRPJjBWJDNBEyZgeoGnGOKK0TqJLO3LdZhPcRAd9OIBf_mRU51qdvcox15Pjy0x9HB25Z_-yvou3hEEu0-FfJdLlpi8-k9vsSXPtqMT6QZvkKdMLzpLrOVcke0LQx7ESyoSq2EDqfEIiWvpvinFj8FdbcsC9q1eHodcQCeGPdMa8w5mImf4lwqHuYCTlBVoT9Rk4bo-y1lwEFmUQ09WA8ux7qMhK0lVp85VNxGCvIhYEGdlyVz7ySrOfvsowN31DfsD89A03p_17_db58ZSPiJpgXREGXx5VAO9GZbXV8HWPJ8k8nIASqDbyY0gzWav-1lRtxatfqGZqw2f_ilSfdNwY4v963a5C-xUgZkJ-QHCzrxNFmLpu3cLogrGjFxK5Pfxt_TfNw0LEG6pnhzcQIABZ1Q96Zdo4he_KWzxPr4WXm5SPiQxFQH8E_ojznTJhnRKhxVsEHBRHH0PdKLobN26Ia5KSk2daAfzQqW0VmuWYjIvFtJ7sLCXNQ5K_-0InwDKkJLVYQsjC0PGsTZ4oQqrFHqjjSVkUrU-R6l-Vio2NwwgNkj70kKTDxXYUO0rBeCj0JSMC79BJ6TwlrQOFBWseEjThvw6k7dnBPLNwkYwzItEnJxmJOxOP6kPrdKjj_9gQ2t_I69JhTlj4TUaFsbqp-3A7OpyqqI8RiNRcKBRYoW5r98FTRkRBcxkQlCtB7qh51aHmSewk5kbcUS5PNxDg-iN6lkyjNqF2P7XXmgil98_12T1VUV-atbE_ovx0mgeaZVhBi1sXWNabYpYyOngk-N5Yo_02hHV2qcj4yacU-5NAJqMc_NXfNuY6bPlXotTDI7VWD0uyvk4_DSf9zY0BoiZ1UGKStp9qsgIhP7yVHxjfkJvxywfXQjGVSxvVCiR4tKCB7FbnbtmPdv7hf_lBWP1lTGDv4UnEpjRWaFJxMY-C8siTlUGCc2exBEjomnwmBkIl9hGKJZIqOI2zdThqAWiVuwuCir99EgFzl8QG1qpjAmBb_6wRySXLaz_cqySV5dDgjMOuMv0LJP_VcGK9qNUPBe5Ehc348BbmyQ09X5QmRmlkzUYG1UqMaojpnjmVDTagmlZ_SL4MNptotZxF4MvHQmGMhPIXdgV-qojUj9pVp86c1chtvu8ryOpjE3J-_Rf9Q0lFpP5GG5YJ3MICefNU_83U8jkDCpN9xI6bjSiLHkzJyq9wbqH5ymnYdmmvQSMFlO9lL3RzXmjdK5U2NO-REY2R6MYFZ5BffZQ51l4fovSY1wAQ5ncjuyZLiqE9wSLZgE70SaujLr_q0-9PzEfpXxzOQRY_Zq8fHHQlfBT47x4L354F_eIqQGf3tY0PA_KTdcUngszBJONUBVe8w86t3vOdqn_RCoD_L2__5HmLVkvTwRX1LQOZ2O_K2tBVGmS0jMJO4On9kz972ms7Ed_S0jdV5-wVqVLKDvxnTRVc7VOYT18tQ_4z6K_VA3sojwkD3FhMKZPspHqlFyrAxW2ahu4SHgcHghs25lRQkVeKAAJTOcizGA9nkfh-MumPBGsbDyQlhpr1dWhvMwygC5Z43fs5Mwyk2AjIEwYTdsFc_5QxxcykjcNmN5eCPh48l7sSun_JPUQZqqI_m83icHbGWgyFaH4MeZQOq_PnISTTZPL417QACU5P8xOS74yKp35frxOP6blRJwrElU41_gFwZQmqcGb5F9KzVyXdnWjFj3Enn0IOCDTK3gdznT5HlmzKh3zO69LiGRJ44EKfyog1lPHwQBym-CicF5sd5HGQNFRQ21scfTeHqlq8wfh8eS1KHprPLCSKAPKKSTRJKYds4zbdfc7SlUpCUtz5aR4XpEQEen7qjB0JF4y4YS3G63ne1IGDVVbyhrXgGMbGJ0PVkynm_xN-DuPvq3c_t91Q4mUVX3n82Rlbdf-lzXfnzcva2AMSj-onSR_2l9VWpHuz2JEv_1VSh1ygQ8T51ajHye_f5rs_YXa3_3wJpKMAdqAjMqpbX8ohiy3jTobdSOvRTkJwHyIkpprLI7CrqFmyXMwNJ7AaByptsQgEwXS7EoO-H8f3ZCwWL0XiV9ZNGNawFEFSUq8-uwYBTPsNgZt2k9EHv4Br5LHy6lE59zG_4WveI27CRpRlooKKlay7RwGATYPZbvt2-G45H4-FbSg5d-sdHEc031k8epQk_wFHh-YKPhv9SXKMM5FuA8fJp9rU7MD67uezGliTx6lFT0IwRucfZVeQhs_gSUlTPIAnY1ZvC208uiUnBFrGfl4FLvju2YOYx_BMxfpIPHATEpIJAxXPZEmMUbpx26hyIW9hmdJV7Sc-Frm1CIZJBSE_6OOE42lplFwit0rkwEQIWw6H51ALoe9HSBM2dDRiZjcy56lMHNvKz5oDsj55ySma964lLKryTLH-bO2vrq6sJK3eq6Iw3_QcBVpMMPn9z_kbYBI&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=6443121171443670000&adk=1726166460&idt=205&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame F8A4	30 KB 11 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DKsvRPK3NLLO8kWnI1_Z2Y__jdRV4raZ87IaZeTYZJkUHs6S7ff9upwUC1GBO2HeuJs02hnTQ3oaNTD4TbxfjoBuwdYZ-qP_gFbjhOLW1VxPO9QpYgvrrJMGCzkI63-hqaT6FDhXvQbOhmhGbOEi_JXwe4lTLjboJIDs2WLhI7nvbc9U0&dbm_d=AKAmf-AsJe-xpe-QBrFgW-us5IXZhkEhx6EcxqKtImLJWO1ltalz1nMbq6_T-wm0U4_5lTLbV5nXPeafiF9-ufcVJQJOrcvHhU-U_yxX7lZKEHjXnR15Z0mdEBlXDChOC3z0JCD2gb0e_ajJMVQqghcXl7Ok6XiylYG7FJlL31pOjhf8mRuOoY3650cDsdXcMhTDTabklalYOeXrnT8iCTSG8Uzu_aZtKd3AfThF81dgucx4x_4zFw8vIM1kmY3IAsfFdTGMqfePPUpMvVmtUCT0zc8vZCdQMVI_Lnr7nOcZ6LPNfDs442JYC3FrADfSW9WXtZmXjEnzwPMn_EI1MG5aOxpzJztC_mRRfIYaB8EodRjbzVbhjESbx4QKXyskZBt_NdjOJf6bieL5VJBd3oEweEYvXS8phDhiLrrUpXfmjRuuPNPny6SRY3if4nC9iz4qbb789Mh_ztpUipi4C7GTXgWyG-HrA-_zjvraYwHy_vVeZT2nUPyS0iL3ZuxDNfZnTZzVAXyfH5OM-2BVfdJPPRtmb8SlsnoFoOGcS8F0NjzIZiykTodNfXk0uYg2CrPHM1Rjf3Dtub61FmbmILS1zbvxMOyUOdnTsdHT9X_jwjkHkfkUCB3KuCFZhRHtb0KNk7f25gs3lTAmdBYBCbDP5diOYOLQl02CqwxvSTWRFhVR3-aiDPWJ9lqllUXWBT7aNBQG5Djov4-zAlNFyJ586u3ghGClaXiQetdhNPIL-6DOJ67MS-3bFNla2VPF2sBkNLsEZ9hh6Ud8hL1v1VQi4sRRln6V58cbVSkU2U6iDLk-2n8L2hggXI7a3KdbY5JA8X4UtlIZo-h1kzn9Lja9ZJke6Xx_R9UhuwVk2bVtwUqd2DSyc95NzJA5QnEFFEXU65mNeWTWBf5cL0l-JZEZCave1JTu35tp4qGOUgcPKXu58o4PFKn_ILCTdenduwj0pj4WUAW8T6ID_-ZGgaTi3h9o-JU2I3RvxXg9_mydSTMiZfWibrKVnW9sOZHlghHZel7tAAzei5COy9hRVJjTiCGnqe4ZFj7L1VpiAvNrOSVdrc8eRJ1YOy5U-rR5VHrQP4kL2Adeqk2auFcGpTZFvMXxD7fGrR_iTj3yrbw1yXlWMWIOR_uoKdBEBcHT4eBw5QVUIoqjH5p7Kk9MB_UvD2ol9c7jkdxbOB_xVupKOAvJ-WJwRpAnDruqjgB0gte4RIk3O60JAKnVmvho_73HQ0ng7IFW8Q8aW0BWntxiHIICaRPJjBWJDNBEyZgeoGnGOKK0TqJLO3LdZhPcRAd9OIBf_mRU51qdvcox15Pjy0x9HB25Z_-yvou3hEEu0-FfJdLlpi8-k9vsSXPtqMT6QZvkKdMLzpLrOVcke0LQx7ESyoSq2EDqfEIiWvpvinFj8FdbcsC9q1eHodcQCeGPdMa8w5mImf4lwqHuYCTlBVoT9Rk4bo-y1lwEFmUQ09WA8ux7qMhK0lVp85VNxGCvIhYEGdlyVz7ySrOfvsowN31DfsD89A03p_17_db58ZSPiJpgXREGXx5VAO9GZbXV8HWPJ8k8nIASqDbyY0gzWav-1lRtxatfqGZqw2f_ilSfdNwY4v963a5C-xUgZkJ-QHCzrxNFmLpu3cLogrGjFxK5Pfxt_TfNw0LEG6pnhzcQIABZ1Q96Zdo4he_KWzxPr4WXm5SPiQxFQH8E_ojznTJhnRKhxVsEHBRHH0PdKLobN26Ia5KSk2daAfzQqW0VmuWYjIvFtJ7sLCXNQ5K_-0InwDKkJLVYQsjC0PGsTZ4oQqrFHqjjSVkUrU-R6l-Vio2NwwgNkj70kKTDxXYUO0rBeCj0JSMC79BJ6TwlrQOFBWseEjThvw6k7dnBPLNwkYwzItEnJxmJOxOP6kPrdKjj_9gQ2t_I69JhTlj4TUaFsbqp-3A7OpyqqI8RiNRcKBRYoW5r98FTRkRBcxkQlCtB7qh51aHmSewk5kbcUS5PNxDg-iN6lkyjNqF2P7XXmgil98_12T1VUV-atbE_ovx0mgeaZVhBi1sXWNabYpYyOngk-N5Yo_02hHV2qcj4yacU-5NAJqMc_NXfNuY6bPlXotTDI7VWD0uyvk4_DSf9zY0BoiZ1UGKStp9qsgIhP7yVHxjfkJvxywfXQjGVSxvVCiR4tKCB7FbnbtmPdv7hf_lBWP1lTGDv4UnEpjRWaFJxMY-C8siTlUGCc2exBEjomnwmBkIl9hGKJZIqOI2zdThqAWiVuwuCir99EgFzl8QG1qpjAmBb_6wRySXLaz_cqySV5dDgjMOuMv0LJP_VcGK9qNUPBe5Ehc348BbmyQ09X5QmRmlkzUYG1UqMaojpnjmVDTagmlZ_SL4MNptotZxF4MvHQmGMhPIXdgV-qojUj9pVp86c1chtvu8ryOpjE3J-_Rf9Q0lFpP5GG5YJ3MICefNU_83U8jkDCpN9xI6bjSiLHkzJyq9wbqH5ymnYdmmvQSMFlO9lL3RzXmjdK5U2NO-REY2R6MYFZ5BffZQ51l4fovSY1wAQ5ncjuyZLiqE9wSLZgE70SaujLr_q0-9PzEfpXxzOQRY_Zq8fHHQlfBT47x4L354F_eIqQGf3tY0PA_KTdcUngszBJONUBVe8w86t3vOdqn_RCoD_L2__5HmLVkvTwRX1LQOZ2O_K2tBVGmS0jMJO4On9kz972ms7Ed_S0jdV5-wVqVLKDvxnTRVc7VOYT18tQ_4z6K_VA3sojwkD3FhMKZPspHqlFyrAxW2ahu4SHgcHghs25lRQkVeKAAJTOcizGA9nkfh-MumPBGsbDyQlhpr1dWhvMwygC5Z43fs5Mwyk2AjIEwYTdsFc_5QxxcykjcNmN5eCPh48l7sSun_JPUQZqqI_m83icHbGWgyFaH4MeZQOq_PnISTTZPL417QACU5P8xOS74yKp35frxOP6blRJwrElU41_gFwZQmqcGb5F9KzVyXdnWjFj3Enn0IOCDTK3gdznT5HlmzKh3zO69LiGRJ44EKfyog1lPHwQBym-CicF5sd5HGQNFRQ21scfTeHqlq8wfh8eS1KHprPLCSKAPKKSTRJKYds4zbdfc7SlUpCUtz5aR4XpEQEen7qjB0JF4y4YS3G63ne1IGDVVbyhrXgGMbGJ0PVkynm_xN-DuPvq3c_t91Q4mUVX3n82Rlbdf-lzXfnzcva2AMSj-onSR_2l9VWpHuz2JEv_1VSh1ygQ8T51ajHye_f5rs_YXa3_3wJpKMAdqAjMqpbX8ohiy3jTobdSOvRTkJwHyIkpprLI7CrqFmyXMwNJ7AaByptsQgEwXS7EoO-H8f3ZCwWL0XiV9ZNGNawFEFSUq8-uwYBTPsNgZt2k9EHv4Br5LHy6lE59zG_4WveI27CRpRlooKKlay7RwGATYPZbvt2-G45H4-FbSg5d-sdHEc031k8epQk_wFHh-YKPhv9SXKMM5FuA8fJp9rU7MD67uezGliTx6lFT0IwRucfZVeQhs_gSUlTPIAnY1ZvC208uiUnBFrGfl4FLvju2YOYx_BMxfpIPHATEpIJAxXPZEmMUbpx26hyIW9hmdJV7Sc-Frm1CIZJBSE_6OOE42lplFwit0rkwEQIWw6H51ALoe9HSBM2dDRiZjcy56lMHNvKz5oDsj55ySma964lLKryTLH-bO2vrq6sJK3eq6Iw3_QcBVpMMPn9z_kbYBI&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=6443121171443670000&adk=1726166460&idt=205&cac=0&dtd=2 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11602 x-xss-protection 0 server cafe etag 2362517075893974484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	Q12zgMmT.js Show response tpc.googlesyndication.com/sodar/ Frame F8A4	41 KB 14 KB	19ms 18ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 23:31:37 GMT content-encoding br x-content-type-options nosniff age 318473 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13937 x-xss-protection 0 last-modified Fri, 25 Aug 2023 23:48:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Thu, 03 Oct 2024 23:31:37 GMT
GET DATA	200 OK	truncated / Frame F8A4	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash f1a50a9ede554f53e2d7ecabafd609034aea7b75263a4a17c598e62e85d82776 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 72B0	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=8101768236193&version=m202309260101 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 72B0	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=8101768236193&version=m202309260101&ct=76&x=1&cor=2672066130820731000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ad Show response googleads.g.doubleclick.net/dbm/ Frame 72B0	108 KB 41 KB	72ms 72ms	Script text/javascript	2a00:1450:4001:806::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1Drcg3AfC3g9lb8YE5oCHE6halG-2ePS9LGVyp85M97vkiXIWxZyPnpd_GxkFiF3LUCuX1vANOEiEQm_IO5jjuVqtTW_rgewazQEm4kE6aVR8Jr7xGDSOI0jELTbOrMzV2UCY0N7q2FzfPHvclgl7KPQ6TDwPhGqvwVOMOzy2yxu665s&dbm_d=AKAmf-AYUUhAXxn-HLEQBk4jyYtMqhhokWD6-vY9OTpTjmv2CALnsCKaQY-dDHyj6VcPPJP5Ke8iFC2-A6SmaIcX0gJ8SYnGyRb44zw7764gJuFzAsSM6fOUnbxYYjKv4zLrmBUsYz9D17nptzmxx7ito4SvILLXSGr24nVMmgNxRgPKyRCKFBmQ7PRP6dURmF0NrBLNDMKoCxdjo8XKHWZaOzKEf3Yo-Bg4SqmWFlrmo_OehDCUkykgZ78H7HuScg8w1j9tla4ySK1t05m-qA4XeWXFxT8WWTjZ-Ww3uMdb4joyVEzgm45F34DS2dLrl6Zp5TUG7Ahd28Vq_jk5E6EtpaXlsfY4mlctGs9bQ5RQPXlFvRMbbomhLQ8tKfLbseSvFOU4OWvOImvWp52qJzibXL20XSp9OKgeyVcoIlsT8sku64dz7d6OFzPQ31KQZYalPnUy3kAynArz9bS6BQtQAQ6MEJNAURoivQISCBDVKL9WshA9_RGvM_PS705Maykpdtf4ygqzT3GchGIdvXghH2XsRqYbqeLRIeLEUFHwMhFkIrgUg46QOSEoMrKNj6A5CcWmJBkKZltaEAHWukQz_hLgx_WwURhJENino4zk-Sdkd9sv8kV_xC_1TcBZK3Lh4FHTrMhGNei_5WNrR7AZKJWgpW8aH14uNH-pDLXdNzAzdPgt9RUblYuBixs_fn6BfROZroe4RrnDhAh6d3_Pj07qSNO8dyjWVK81dHhGTKOlLIcJB_9XW1wL4JqC0GKrkT79Qd5DZsUPHNF24EOjWFaszSUCIt5NBNvtOMHyNY-ZrskdF8Iq-WSkGADhnJgvQdGdXsg8ddfD0fSHB9OIUVSI7b507OSJh1V6XAbQzv2j2e09AOtlNBOqTMYHK0Whqu-85CSMArgzX5gXcUU9qWqBrQlKIjsytsNNxWXA4YyOeBk7kbQpjVd394-pJE3YSXGME0kUxiudIUfl7kgiuY9c2JF1iBfiOQ2K578RKUfHKh3Ce_Wd7m5XWpWZH8WDsBRE49l7op__QMXRR1ampIkE_RCQxOKadU7OPVWqmxLxbkhhJ1bPMQrA86qjKS0_zM_XULFJ5D1pjfcELtD7iDVSfYk8AowZkcO4hDygOHWQn-MLqabgqctQTprW0hNBaSA78N1odNR2Nq1nzW8hvPvGdb9di_eYiqodWn-mEus3jJQmh23p8xnAef76tDXAbgzpNFKBxmzOrUhZySuygcaNxNoAVCXlwqQTyyZZbiKh7RbrPH9BusnOc8tlkWd1QIYQ2uajTpOS-u9IzS736J-Y21yIfEo3Kg-SzwA5JlX5M7ORv-jJxLHNdBb4XHjNoeeev5vOh3r54a5_t5wtc8eeoEEQB-cHTFeHz6M2JmxXbeGOcWQfXgYi5jcSypBgjqIBNwYGtFcpkTtw8K0alDfkpFvawwJ98A-1SU3848FM6D7gTbUf8U4d3Wj1Vyn2MUvtfUmbm7WNPGSK_PwLdhd11UpG28Qhbp17byZRMVwtBu55AM6aN7VZTMd51QwkUHX9evWaCDtcRl0-q_HDgqxk3Yg9ZDt7HDDmZb-5Juka_V5JKOYnfwhr4Qfjv1XL4ndgdZsAI9BMd2SOw7Ea2k0mWsvTEXfP6P99vtLEgQ8K_HBw-A06W1un2hf-3Hlpq-3nhL4L8DY-7ejdJXmiUfu3YUZ-Kjkj3FwuJlX4KkfXayCyAsUdomlyfzDCdDuUn_zpzSMWr5PyNzvANw2fqx8PUZYgR4qpOqAiLH79EZQAWMkBR2y-gt4ETF8MJ3toPFhY1QyS7I9JE0xwXA8gRom6WujOkt18SiUo5kGJO6duS4kqR09oaZRqCuzvq1jQ9Xrt_-NVbMzDcuiA5TMvRfHn4fdbL8lkzlJebcGE61qI2sdjfI_Dl9OJhsdZqkxOZviVKrvSkP7ro6e1-bjDRDwUkcK1wtXX29R5wLLa03Lx6pvhSsE9eGaunqg6ElVFR4iJTCLadUGQ_4LjQtwpXu36Td7it7-toZ0MGFhTCf9tF12ej5DmsMLJiuRcGxKnDvb2woCQW4RLH5JVM5YQZ9OnA2Zbc-veVEeBwdVuGZM7MVNMMQexhVcG1pQWq7QzJfzRFC--IgkZsrPPJNvY5h_rk-VNIzCGkPjDPL78tKFpwBqoAdl02vpbeIp87YWMP1R7ZT-XkkQcGaYVbeQcFQJpDZjAblKUvT6WVR9vxrKR4bSO8J0ypEzw6jwXV_updcNT_F6EBoCtdVLtxY3mlTNF07EqWGYgYN3V1paCuCb9aqoT9fS5nDRlVKVyZLr7uFKqdPOD7QwPlJkHf2jd_1TFEODmKJZebaFmmgaQWSaO5ZwWp1xpDR_vjcn4o5qU_3RV-7ULZSevaqAa8MwqZrhJeSwTbvnQx9sERVEZGOnQAkIvzCb3lH3TT4SSY_73XSRhmUTEYizxKOqHu8VUalMoWcK1f1zB4NhIGPj4Hc6APkxxrcLUUXvSl79c0S2ra4MtzfWJs5TvN6mnXSoqvh1Hclm5nfp-OxySX93x81vEdD0MmeHROOMBD0mYx9jH_Yowg1QVkTckwE5d1kIpnf1AujzQwr-eGha3sjIeQ2DtjUywIwx4xI4KK-5i7406fBV7zGH7wporiA9-92HFnn_AZbobcGokPeeOH-3xY8qK-D4A_C_VScwsJBdVnvnMjw60RxGocNYO1zlxC2acKjtK9xgvqhL6gCt4Kn_1DyYE0tvHmkuyjH9cnSAUiK-zUor5Bqb_6_5ZcCv-GAyt-ICaRU0p7Q9FQuXOMx4loohkFJAlnDGm_Qb8psopNS44pv2aH2kx_LXWeAUo9NkeBS3XwY4fbn7OsWyORHpwf9_fVUfsAKtXw3Obj0nbyhzdO5CYN1urW4Y6XpiLrOuNUODu4ixQGkXuAOUwHjg8hcBQSlDsn9xej122WSKUeAxU9s6N5aW6O-rTdf7K_dcIb-Xbk6XvVw5jQIb0ssCXFbksPYJDRQD2uAEHp3iYmpQbzhAFOrUaNGSiXFTwQoa1Fi9FwLTwhD_b9rsy4I6db3gBrqizrkNidhyljGeIP1sfCT376CGW6MJTK4Y_FGXQ9d1cusewN-SctVH2ET1NWZrzI7OznTNJBAflgW8RmfmvIt7KHwQy6VrR8pRFCalk4lr0hRveVwOu7_Xca7HA1gRZqiSEm0P0l4AHnFGdKjzxDvwBI2XeiifISU1E5i4j8QtQrKvxBm6x6eJ3bTonlFs_TM0rPxBYIsqbaLq2fiHikFw1Vq8LbXbFN9m-v62nddKjpOM8hUb9TY2yDknAfLRlusPHVTrOLYxw8X0bjRvqkizCgbHT94MeofPwzaxubZCya4Mr1msnCa0h9fwnbbGDyxyaVHLwvpak_yWsMKdCuoSd4G59UmHysT7Hq72_8Ej1gLDHeh32oOOQvQQRRID9_JkTH4Yi1G-0Gh6SMsO9wqPPzreDoXW0EddkQrPPLXJjgJZSJQb9kKDaL-knt8s4Ifaz3bLrD2sc1IlmYJkTivI6leLrpQ7N8Y7zDzubK_CORi5taJPAooqShh-mdFpYvaoCxZ9CqHpAlb-PtkJrhJNS3c06qKFWm0DiRGdNTJGbehLkmwYq11tYYp7L2305dn7mF4kkWfo1syB6LONYE-B1DTC4g5ftuQSq2jcMFwl_YI0hmWVlFp1ZPKi6E2x9LHaGbNBqGE-Gxv7EzGAUEFLHrwzvusUuw0yc7QXp_UARp4maO7t4_Tsl3nf5dBPKoNH1rxtQXNyByFtXPn8gDohZdYNl0NTo37RVsZ9O9DZjMzMMYGuIp7IGMBI2-iq3Myo496p_8GT5M_PXzmprEiWse7aA8MNDjOF48XvAmG_2qniHtfUdgdjjC1dBMI9ieSeTZn0Gx8UqMn867FTFW30rKP4ba6ecYjw632iSdm-FeO5bww&cid=CAQSSwDICaaNwfGzBMFk6K1w-AnPZw9GdTpO4Ke6hr5UjXAhrQn7jXhBrPnnwj8jOeUz3EIBVsQTveyHYH6nU7Z6SNSasH4HOJ5ZqQBD5hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=2672066130820731000&adk=2923430907&idt=123&cac=0&dtd=9 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4e435f6a7dcd0f76b7a361b9788edac20d3083ead3823a647d8ffa889f3a49a8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type text/javascript; charset=UTF-8 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41972 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame E995	22 KB 8 KB	20ms 20ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 266998 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 13:49:32 GMT expires Fri, 04 Oct 2024 13:49:32 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/2820510171590749393/ Frame AC3C	20 KB 4 KB	71ms 29ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8730125ce9996373fce7fbef36512d06270f173ab5b8f4d9027a531d658500c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 323871 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 4403 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 04 Oct 2023 22:01:39 GMT expires Thu, 03 Oct 2024 22:01:39 GMT last-modified Wed, 29 Mar 2023 14:41:42 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 73B3	0 0	106ms 55ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5OsmbJv7DDVopNheZb-HT-JadWEYwwXXDC3wGK4Tvi3iE1zAgIuI0odR7h_bVmsEgL4OgAy5fGAIKHsBBOkrwdlPt_NV3faMnPE2Z_IYAQ5u7zA-vFT76mJX-D88tr8ubnVx5q_UjVIJSb7Sqy3nvKz26q8si9UN0zJeJ9Q-z9T_iaN757-xgyCGFsF9IN4YoWy22kM9q9ds_G-NJqYR-82CN2LHS-4P5wiFOzLXrxkQuf51J180GW3zg9b6j6KJkzA9ze4q1yMp0tOHNf87x5WvpxlTI0ZgR87RdMxgRweGSmDLSD0vNV6sBYdZUMbWi68ju7HTNXWjl5--LaWSQTQkYMK2Xn7z0MU8XO5tjJUIEWqLYTlIOWp9jZkHUfHRGanizqPkXQ-WMPGb6T_BHFDPCOKg2U5pSa_iAxzbfEHzXUZCCh-24VUMd5rFG6A3psAtHi3t9-xw0XTPVWphRoyVxB3iVnX5rl6pOePLGy3MtfDugSnk1SepCQigr-Ya3_3NUZy-ZoRJ8xzC-LWdxfbfJrxEyyrWRqirScLsU2TfDRuEDYYf_Jx6PhsS5up2cKwGmsPDzV4LQfufrHUnmxwR7FSeMktB5n-3hDRzlwrkloq6y4APMTsxbz1bJ-aujZwv-Oz83rnrTxhz7oq7NYib-hBXMy8BDEorOz7Dn0_10VgAzPtAe9Ep0nYhHEjknp7lvXn_jtJuDGYD9vRUyIVl-NWuo_5jVHTlZXtvgEmX56cc6Cji3c6bK1QqmV0avslNGXJcAJssz_XcJavCK4CMhy3szoI-MDvsmhHGNWzQukIYg_bQt-Cl5R7tI5r_e5njOehd-3uLszyP0Gii8udpwxa3zumCP-0Zgxbv66ehOu6ptV-YYv1yJYohXmuLYz9D5Smclihum7w-MYJBMj7lvgiCwIawIPU0Tt3qL61124O-m6fxKVU_schJydon99gHf68tzR4h7CncbQgt7lR0JZBrvC-qF_GtTXHFMjpVydBnVERC4Hs6kHOCa50BAy2XNY1tA7cSCS7JE01ZlgIToAse1i_fjRsX6V0HUko6QmEEfpoDx1gG-KaG-onlqrgSNv__xzBnd6ZsRCwMukix-ofIsVLXN3k2OwwByhXp7vala305z6jzphDSGsaqjO78Ogy5VfSdZaVPX9nBY50Dqp3F8AYG2eDeAdCcltVfXEux1USQWpb_dHj2wIKMmq5v4X8L-ffkdSSna3XwSaEzsZO9hMzcpha3vYwrFjs_c0ohNHbjlTvfmt5t-2Xwoaj64ophYRQotY5q9GQPccxoYHFQfsszkPP4&sai=AMfl-YRIevpW8V4imslQCy3S8Fy_EwinpVhknGM-Lm9fXIBtNxT-x2fyBj8DNziyfcGJGF9STi6rTSqK5OahjF4LCIDj0Q3t_Sb8GsnU-cof-iQ8DuIM5DARBb7xAYLTQUmKxu4WxMjuHjHYtaqq8cjjvP_69_fgAyvaoCm63G2pm9ordJkSH2b-3Uq8FSNjkx1zVXT2bBnnmyhFU7lTmA7YsjlS8-PhLa0kilZwXXYzIFP3JE5oBvQ98GC5A09amlVWP7-k_lw55lbgeuMI4yDS8Fs8sXmdkII6cEvrA9gjKSoJXh3TkrNYKV8_&sig=Cg0ArKJSzAM10K9YTZkjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=162&cbvp=1&cstd=160&cisv=r20231004.09753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/2820510171590749393/ Frame 5F3F	20 KB 4 KB	66ms 29ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b8730125ce9996373fce7fbef36512d06270f173ab5b8f4d9027a531d658500c Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 323871 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 4403 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Wed, 04 Oct 2023 22:01:39 GMT expires Thu, 03 Oct 2024 22:01:39 GMT last-modified Wed, 29 Mar 2023 14:41:42 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame B2A0	0 0	102ms 54ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgIYpnyEyh5xB0Qd4CO4xVvtH-dag9Yzayo3HkUSDuBqp3IGMi6qFI0ogdtWdrWco4Nbf-z8z2F7-Sk-isWbmBl1blB54TyHCiLtja5_lsUeOLzAlimfqtA775qUTM_b79P7nx_0j4b1uW9_2YyzRjFogqQgOlrLPvpKDHc66QbQIdA2OOh83wc9-qyceHL_Et9H7ojceCE2IXVbGmsk--hnaKfZ00RPa0xNPLBaHdW8q-PS6B0LYWhXISvaGxINPTQm7hew9qZT1xWx6SCA5_-aYFA18lky7iAX6lUEAaiBUgxVbissyUhj57M3WxmDl49BK8NaZu4oT1aoJP2yATqloGfTyuBc4NVLfUIm5car6ffLseHyRDPt8-dagAVAKPz2aEm3TIrhpiW7aXdg6zeOo4awZyQPbKNlhMeM6cOqRnVkm7ovZ2_rSpUiR8dO68JuiO4j97B0ols8ZFDFOgxdU3JhuNhsSqMIWv2RZMuj48_GFlsyRQTc4AzLt8pIdifgwUgUE3TTBICD6UTXKQcoCKwRWteeWVEWP1bD9lhjsTPb6dDnMiPgWff7EC_IZyDF9Jty32antUAcYFXWMHA6e8AfwJVFg0MGU4zvDEKYb5SK8Sg_YcIBPJHr3RXaTKz9S2fJeONxgBmgoYL7jcQ6rBKj2lqMMf-a-p9hV2MpXdPVp6B0QpVzVuEbHB-OQDy_BK7LCqyfc-lEPqt9pP00aNplkGNpW-ZKHhzj_l3UEXAyMX8vdzQjdIu57nA6MdP7uRVcv575KtZLY2xpaplAvMOZhh0UdaK5lUGW3eUroulie1H2JZYQ1R9iAfMfXXlby4_v6l-WF4lUEVvhtPv__XF6w1MFusAtXT15CvnONaHS_hAsC4PHHTlFPR9jc8WIuRW20a5x-91C_HxJwc5sGFZcSUkrLtWonLvZpmVTKrBk12lIyKsjHnMdNP5m7bXeHgIL0tlHBA-AZX6MSet22ognldrY1WPDgzHs4VdzHMKIozU6jXWtb469O-nE7LGi1YQM64uX2jyMXVpFZfwpjriLMpptjsCiPlFCBlBaX8d6t3jXSBF-2HhWi1OW0GZwW1_EE23-GpjogdHYIq2Z-5N4SAMoLRwT-KrWico6uxmLIYzbF0uJQ7wzNZBVKxPmG6shrEr8DB-9w8zEPbvfNkC-ExC12u8VjSNEQ2sR6kjQ9mmemzQTQuUgJX4_au2Hw-NIpAG6g0INwdelKyR2Q27WYTUkXtKGweIM4G21fYZ5eBpqg5YKVqVNkAA87mwZPTW1-GcY6EfkIe38XFMs7IJcjNaOfOnP0&sai=AMfl-YQeeeeFxm8AbBZmPvVZbAqspBkNEPpk7V_Jax5pOuZ5HD-eTuY6mRiwYs6iJbPWFed6bj0iHfuectVfj6rBaihZV7D39GYEXBoBRcKPUl2etXGyNnZgVemiUYQuyH2-QgSj8IRrdep6cu4PPUv7zJbYSc10PmPBiKQu8YzH3ctHe0N1nZPJJ4tuJQg3GFcEDcWf-_6PxkM_f3H6LxQS7ol0CeEKjfFM_Jtym7rUrTTvAcOc8kzqIOkGXBjpojugYKqxMrhHGJKHYL0HELzwWI3EZv9-pfPpYi1JaB5HZS97Secgpm-ex0o6&sig=Cg0ArKJSzBSrugj_wEdhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=108&cbvp=1&cstd=107&cisv=r20231004.52769&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame C637	22 KB 8 KB	20ms 20ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 266998 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 13:49:32 GMT expires Fri, 04 Oct 2024 13:49:32 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	62bHydCX.html Show response tpc.googlesyndication.com/sodar/ Frame 7D59	38 KB 13 KB	21ms 20ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/62bHydCX.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 313979 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding br content-length 13045 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 00:46:31 GMT expires Fri, 04 Oct 2024 00:46:31 GMT last-modified Fri, 25 Aug 2023 23:48:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	121 KB 22 KB	42ms 20ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash a750a46fcd36e80c7765bc801213bfc7608746cfceb1fa91c61a76755a68aac2 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 228020 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 22622 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Fri, 06 Oct 2023 00:39:10 GMT expires Sat, 05 Oct 2024 00:39:10 GMT last-modified Fri, 29 Sep 2023 06:44:21 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame F8A4	0 0	88ms 56ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxv56E2D8fvPKgp84Z6I350JJ5t8Q64LeYLSn9usqascf_k11swWbk-VIJr3mv_tgbK1wpT3oYz93nKkATqVKF_PBvkqt0tjjb14s5LmeqZz9liiKD3EHIIL5ZL6kglmFFQpy4MIXJA0kYZJ8u9xiRFgeIkt7CF1u-ebjNqKEsxPbOa27LIjgsxPDk7NXvNgCawrhIihnDmEZAz6-k2_nzsZynn6dizHopLnHX0_JW6A12lS0JAFhnjq1H8l2s6W6-yGFTu6m6xO_AsYvg6q3ulBIp7wXifdi8GMauqPyLN6nKEegPDcSPOXznsa6w0KBRe8TdUyL7YYot7oEnK9v-IQvFcTPnpbMc6z-vNoMJESWb6Js4yZWaAKzSfkeI8kLjL_pFMYjGMOaPUKP9By8Ti6dVTphZpr5H8Idw0asf9lNs6ngyvNfPEnrev64B9nYMqUG8kidwOC4jeu4xEPlVzdSIKEy4qGunfDaX6llobmmjsqqBRcEPFysRCyz21SVLQ-UmaB4wMgTq1KuZPa4GzoVC1E0TpbV9sKkq-s3OFfOXvPCBEhGDw1L7JFwneHD7jeEgbRSmtrUC_V_9gmTrUw48_qCFl4ZkXU51OyJLSQsKNrMNSunwf5WMp59adQp-r9jeJoguy99ZD-eAFS0b0gZDEnm8vUNT7_IcVbepQp1nYJZCmwR2C3FU7mjNCUKXWv883xiuZVopEVOxUqe0To_6njVUDYqMkzLusZJacubz1izeBfCG2dDRheX--3mB9Bx_7i7Y1Co9h-Rnlyqw6JJZYnTPm_7tp6PGt7lsnZCQcpNLnQBz3jDk_BUO6qmRycblUprzyrgCPiCZCdRMbViK7-kISCGzNR08fV4QoMOADVdeBEaOgacFKd5jIMlsoLmBEISdutsc9lOReDZyRzr9s5vCvJHYXd7e8TMcT7I9QDOWYy_4lm_h9MLjDMOn3BS9f7gw8kj2hmTwDwuCIKnZJ-l69JWjLC-fDACousZLLrdOyUbLny6lDdhJRqPDsU0demkfeLZ9abKDwnzS6D4qq7HW0grVe6xTK14KA0gVNLV5AMLXiqVnd-s0KiO2EbvySTHtn3FIECNg6j-YSp1g_mDcUMXjelxiKiI-ZsOBPorzdMZ-Bl9MW_iIATGO9v5ao4BIeDkQhr505dDZF21zJu9qrfvzYYLl5Ug93jqnBPt_qrLVk9w_XPiWlVG1oBoMsYh_iEcJd_3m2nYaudXuoQ8YUx1JuhUu7vWu687sowPwpeZHdmE2TV52KTFOHyeLig1MJ34T&sai=AMfl-YSVLrBJ2NxkLf3VvmaOiwHEo3AHknaFwoiaZ9thi1xMDmhOOCaRw2qiyDoSSTKNBVB76dgwE8-4EoNY0FM_0kdLitwNZ4IclNMdnA8mb43Ud8-4fGDhKdLRQX42ovMlQU0z4OqU3o6wnafwUByWxvlFpoKJxU_QyLEVGtSSMhKgb6k9DKju-WBLV3oUB71YfWbxbXZ5v4MxWqH_9fRhQgtF1DdnuBdFHepBJrARlKDeMZaj--otQH1kJGnRgPv3wHT0cPIQjUdL7FXcyYIxPN7v2BBmBRP-&sig=Cg0ArKJSzKSy-Ld0uXWAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=88&cbvp=1&cstd=87&cisv=r20231004.17486&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	93656 tags.bluekai.com/site/ Frame F8A4	62 B 574 B	175ms 158ms	Image image/gif	23.192.153.172 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D30606763&phint=crid%3D200793648&phint=pid%3D377068250 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-192-153-172.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" date Sun, 08 Oct 2023 15:59:30 GMT content-length 62 bk-server d4cc content-type image/gif
GET H3	200	FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response pagead2.googlesyndication.com/bg/ Frame E995	37 KB 14 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 09:32:25 GMT content-encoding br x-content-type-options nosniff age 282425 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14696 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Oct 2024 09:32:25 GMT
GET H3	200	FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response pagead2.googlesyndication.com/bg/ Frame C637	37 KB 14 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 09:32:25 GMT content-encoding br x-content-type-options nosniff age 282425 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14696 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Oct 2024 09:32:25 GMT
GET H3	200	FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response pagead2.googlesyndication.com/bg/ Frame 7D59	37 KB 14 KB	8ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 09:32:25 GMT content-encoding br x-content-type-options nosniff age 282425 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14696 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Oct 2024 09:32:25 GMT
GET H2	200	skeleton.js Show response fw.adsafeprotected.com/rjss/st/1686300/75378987/ Frame 72B0	46 KB 12 KB	34ms 34ms	Script application/javascript	18.203.58.156 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://fw.adsafeprotected.com/rjss/st/1686300/75378987/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bidurl=https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hEinYeD0-ZqeEBAHMgEXYL Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 18.203.58.156 Dublin, Ireland, ASN16509 (AMAZON-02, US), Reverse DNS ec2-18-203-58-156.eu-west-1.compute.amazonaws.com Software / Resource Hash d8edde87c3369832487c87a58a5ff57908b1f888fc49fb1fe123312d476998a0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:30 GMT content-encoding gzip vary accept-encoding content-type application/javascript;charset=utf-8 access-control-allow-origin fw.adsafeprotected.com cache-control no-cache access-control-allow-credentials true expires Wed, 31 Dec 1969 23:59:59 GMT
GET H2	200	express_html_inpage_rendering_lib_200_278.js Show response s0.2mdn.net/879366/ Frame 72B0	111 KB 39 KB	21ms 20ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Origin https://googleads.g.doubleclick.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 07:03:24 GMT content-encoding gzip x-content-type-options nosniff age 32166 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 39806 x-xss-protection 0 last-modified Tue, 14 Mar 2023 18:44:05 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Mon, 09 Oct 2023 07:03:24 GMT
GET H3	200	omrhp.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/ Frame 72B0	11 KB 4 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/elements/html/omrhp.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1Drcg3AfC3g9lb8YE5oCHE6halG-2ePS9LGVyp85M97vkiXIWxZyPnpd_GxkFiF3LUCuX1vANOEiEQm_IO5jjuVqtTW_rgewazQEm4kE6aVR8Jr7xGDSOI0jELTbOrMzV2UCY0N7q2FzfPHvclgl7KPQ6TDwPhGqvwVOMOzy2yxu665s&dbm_d=AKAmf-AYUUhAXxn-HLEQBk4jyYtMqhhokWD6-vY9OTpTjmv2CALnsCKaQY-dDHyj6VcPPJP5Ke8iFC2-A6SmaIcX0gJ8SYnGyRb44zw7764gJuFzAsSM6fOUnbxYYjKv4zLrmBUsYz9D17nptzmxx7ito4SvILLXSGr24nVMmgNxRgPKyRCKFBmQ7PRP6dURmF0NrBLNDMKoCxdjo8XKHWZaOzKEf3Yo-Bg4SqmWFlrmo_OehDCUkykgZ78H7HuScg8w1j9tla4ySK1t05m-qA4XeWXFxT8WWTjZ-Ww3uMdb4joyVEzgm45F34DS2dLrl6Zp5TUG7Ahd28Vq_jk5E6EtpaXlsfY4mlctGs9bQ5RQPXlFvRMbbomhLQ8tKfLbseSvFOU4OWvOImvWp52qJzibXL20XSp9OKgeyVcoIlsT8sku64dz7d6OFzPQ31KQZYalPnUy3kAynArz9bS6BQtQAQ6MEJNAURoivQISCBDVKL9WshA9_RGvM_PS705Maykpdtf4ygqzT3GchGIdvXghH2XsRqYbqeLRIeLEUFHwMhFkIrgUg46QOSEoMrKNj6A5CcWmJBkKZltaEAHWukQz_hLgx_WwURhJENino4zk-Sdkd9sv8kV_xC_1TcBZK3Lh4FHTrMhGNei_5WNrR7AZKJWgpW8aH14uNH-pDLXdNzAzdPgt9RUblYuBixs_fn6BfROZroe4RrnDhAh6d3_Pj07qSNO8dyjWVK81dHhGTKOlLIcJB_9XW1wL4JqC0GKrkT79Qd5DZsUPHNF24EOjWFaszSUCIt5NBNvtOMHyNY-ZrskdF8Iq-WSkGADhnJgvQdGdXsg8ddfD0fSHB9OIUVSI7b507OSJh1V6XAbQzv2j2e09AOtlNBOqTMYHK0Whqu-85CSMArgzX5gXcUU9qWqBrQlKIjsytsNNxWXA4YyOeBk7kbQpjVd394-pJE3YSXGME0kUxiudIUfl7kgiuY9c2JF1iBfiOQ2K578RKUfHKh3Ce_Wd7m5XWpWZH8WDsBRE49l7op__QMXRR1ampIkE_RCQxOKadU7OPVWqmxLxbkhhJ1bPMQrA86qjKS0_zM_XULFJ5D1pjfcELtD7iDVSfYk8AowZkcO4hDygOHWQn-MLqabgqctQTprW0hNBaSA78N1odNR2Nq1nzW8hvPvGdb9di_eYiqodWn-mEus3jJQmh23p8xnAef76tDXAbgzpNFKBxmzOrUhZySuygcaNxNoAVCXlwqQTyyZZbiKh7RbrPH9BusnOc8tlkWd1QIYQ2uajTpOS-u9IzS736J-Y21yIfEo3Kg-SzwA5JlX5M7ORv-jJxLHNdBb4XHjNoeeev5vOh3r54a5_t5wtc8eeoEEQB-cHTFeHz6M2JmxXbeGOcWQfXgYi5jcSypBgjqIBNwYGtFcpkTtw8K0alDfkpFvawwJ98A-1SU3848FM6D7gTbUf8U4d3Wj1Vyn2MUvtfUmbm7WNPGSK_PwLdhd11UpG28Qhbp17byZRMVwtBu55AM6aN7VZTMd51QwkUHX9evWaCDtcRl0-q_HDgqxk3Yg9ZDt7HDDmZb-5Juka_V5JKOYnfwhr4Qfjv1XL4ndgdZsAI9BMd2SOw7Ea2k0mWsvTEXfP6P99vtLEgQ8K_HBw-A06W1un2hf-3Hlpq-3nhL4L8DY-7ejdJXmiUfu3YUZ-Kjkj3FwuJlX4KkfXayCyAsUdomlyfzDCdDuUn_zpzSMWr5PyNzvANw2fqx8PUZYgR4qpOqAiLH79EZQAWMkBR2y-gt4ETF8MJ3toPFhY1QyS7I9JE0xwXA8gRom6WujOkt18SiUo5kGJO6duS4kqR09oaZRqCuzvq1jQ9Xrt_-NVbMzDcuiA5TMvRfHn4fdbL8lkzlJebcGE61qI2sdjfI_Dl9OJhsdZqkxOZviVKrvSkP7ro6e1-bjDRDwUkcK1wtXX29R5wLLa03Lx6pvhSsE9eGaunqg6ElVFR4iJTCLadUGQ_4LjQtwpXu36Td7it7-toZ0MGFhTCf9tF12ej5DmsMLJiuRcGxKnDvb2woCQW4RLH5JVM5YQZ9OnA2Zbc-veVEeBwdVuGZM7MVNMMQexhVcG1pQWq7QzJfzRFC--IgkZsrPPJNvY5h_rk-VNIzCGkPjDPL78tKFpwBqoAdl02vpbeIp87YWMP1R7ZT-XkkQcGaYVbeQcFQJpDZjAblKUvT6WVR9vxrKR4bSO8J0ypEzw6jwXV_updcNT_F6EBoCtdVLtxY3mlTNF07EqWGYgYN3V1paCuCb9aqoT9fS5nDRlVKVyZLr7uFKqdPOD7QwPlJkHf2jd_1TFEODmKJZebaFmmgaQWSaO5ZwWp1xpDR_vjcn4o5qU_3RV-7ULZSevaqAa8MwqZrhJeSwTbvnQx9sERVEZGOnQAkIvzCb3lH3TT4SSY_73XSRhmUTEYizxKOqHu8VUalMoWcK1f1zB4NhIGPj4Hc6APkxxrcLUUXvSl79c0S2ra4MtzfWJs5TvN6mnXSoqvh1Hclm5nfp-OxySX93x81vEdD0MmeHROOMBD0mYx9jH_Yowg1QVkTckwE5d1kIpnf1AujzQwr-eGha3sjIeQ2DtjUywIwx4xI4KK-5i7406fBV7zGH7wporiA9-92HFnn_AZbobcGokPeeOH-3xY8qK-D4A_C_VScwsJBdVnvnMjw60RxGocNYO1zlxC2acKjtK9xgvqhL6gCt4Kn_1DyYE0tvHmkuyjH9cnSAUiK-zUor5Bqb_6_5ZcCv-GAyt-ICaRU0p7Q9FQuXOMx4loohkFJAlnDGm_Qb8psopNS44pv2aH2kx_LXWeAUo9NkeBS3XwY4fbn7OsWyORHpwf9_fVUfsAKtXw3Obj0nbyhzdO5CYN1urW4Y6XpiLrOuNUODu4ixQGkXuAOUwHjg8hcBQSlDsn9xej122WSKUeAxU9s6N5aW6O-rTdf7K_dcIb-Xbk6XvVw5jQIb0ssCXFbksPYJDRQD2uAEHp3iYmpQbzhAFOrUaNGSiXFTwQoa1Fi9FwLTwhD_b9rsy4I6db3gBrqizrkNidhyljGeIP1sfCT376CGW6MJTK4Y_FGXQ9d1cusewN-SctVH2ET1NWZrzI7OznTNJBAflgW8RmfmvIt7KHwQy6VrR8pRFCalk4lr0hRveVwOu7_Xca7HA1gRZqiSEm0P0l4AHnFGdKjzxDvwBI2XeiifISU1E5i4j8QtQrKvxBm6x6eJ3bTonlFs_TM0rPxBYIsqbaLq2fiHikFw1Vq8LbXbFN9m-v62nddKjpOM8hUb9TY2yDknAfLRlusPHVTrOLYxw8X0bjRvqkizCgbHT94MeofPwzaxubZCya4Mr1msnCa0h9fwnbbGDyxyaVHLwvpak_yWsMKdCuoSd4G59UmHysT7Hq72_8Ej1gLDHeh32oOOQvQQRRID9_JkTH4Yi1G-0Gh6SMsO9wqPPzreDoXW0EddkQrPPLXJjgJZSJQb9kKDaL-knt8s4Ifaz3bLrD2sc1IlmYJkTivI6leLrpQ7N8Y7zDzubK_CORi5taJPAooqShh-mdFpYvaoCxZ9CqHpAlb-PtkJrhJNS3c06qKFWm0DiRGdNTJGbehLkmwYq11tYYp7L2305dn7mF4kkWfo1syB6LONYE-B1DTC4g5ftuQSq2jcMFwl_YI0hmWVlFp1ZPKi6E2x9LHaGbNBqGE-Gxv7EzGAUEFLHrwzvusUuw0yc7QXp_UARp4maO7t4_Tsl3nf5dBPKoNH1rxtQXNyByFtXPn8gDohZdYNl0NTo37RVsZ9O9DZjMzMMYGuIp7IGMBI2-iq3Myo496p_8GT5M_PXzmprEiWse7aA8MNDjOF48XvAmG_2qniHtfUdgdjjC1dBMI9ieSeTZn0Gx8UqMn867FTFW30rKP4ba6ecYjw632iSdm-FeO5bww&cid=CAQSSwDICaaNwfGzBMFk6K1w-AnPZw9GdTpO4Ke6hr5UjXAhrQn7jXhBrPnnwj8jOeUz3EIBVsQTveyHYH6nU7Z6SNSasH4HOJ5ZqQBD5hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=2672066130820731000&adk=2923430907&idt=123&cac=0&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 47a0342d90a877ec7125c3a38706b2faefa9b867661ebcef4a98ec6cf3e60b40 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4206 x-xss-protection 0 server cafe etag 17947678125179771625 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	abg_lite.js Show response pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/ Frame 72B0	30 KB 11 KB	7ms 7ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/js/r20231004/r20110914/abg_lite.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-D1Drcg3AfC3g9lb8YE5oCHE6halG-2ePS9LGVyp85M97vkiXIWxZyPnpd_GxkFiF3LUCuX1vANOEiEQm_IO5jjuVqtTW_rgewazQEm4kE6aVR8Jr7xGDSOI0jELTbOrMzV2UCY0N7q2FzfPHvclgl7KPQ6TDwPhGqvwVOMOzy2yxu665s&dbm_d=AKAmf-AYUUhAXxn-HLEQBk4jyYtMqhhokWD6-vY9OTpTjmv2CALnsCKaQY-dDHyj6VcPPJP5Ke8iFC2-A6SmaIcX0gJ8SYnGyRb44zw7764gJuFzAsSM6fOUnbxYYjKv4zLrmBUsYz9D17nptzmxx7ito4SvILLXSGr24nVMmgNxRgPKyRCKFBmQ7PRP6dURmF0NrBLNDMKoCxdjo8XKHWZaOzKEf3Yo-Bg4SqmWFlrmo_OehDCUkykgZ78H7HuScg8w1j9tla4ySK1t05m-qA4XeWXFxT8WWTjZ-Ww3uMdb4joyVEzgm45F34DS2dLrl6Zp5TUG7Ahd28Vq_jk5E6EtpaXlsfY4mlctGs9bQ5RQPXlFvRMbbomhLQ8tKfLbseSvFOU4OWvOImvWp52qJzibXL20XSp9OKgeyVcoIlsT8sku64dz7d6OFzPQ31KQZYalPnUy3kAynArz9bS6BQtQAQ6MEJNAURoivQISCBDVKL9WshA9_RGvM_PS705Maykpdtf4ygqzT3GchGIdvXghH2XsRqYbqeLRIeLEUFHwMhFkIrgUg46QOSEoMrKNj6A5CcWmJBkKZltaEAHWukQz_hLgx_WwURhJENino4zk-Sdkd9sv8kV_xC_1TcBZK3Lh4FHTrMhGNei_5WNrR7AZKJWgpW8aH14uNH-pDLXdNzAzdPgt9RUblYuBixs_fn6BfROZroe4RrnDhAh6d3_Pj07qSNO8dyjWVK81dHhGTKOlLIcJB_9XW1wL4JqC0GKrkT79Qd5DZsUPHNF24EOjWFaszSUCIt5NBNvtOMHyNY-ZrskdF8Iq-WSkGADhnJgvQdGdXsg8ddfD0fSHB9OIUVSI7b507OSJh1V6XAbQzv2j2e09AOtlNBOqTMYHK0Whqu-85CSMArgzX5gXcUU9qWqBrQlKIjsytsNNxWXA4YyOeBk7kbQpjVd394-pJE3YSXGME0kUxiudIUfl7kgiuY9c2JF1iBfiOQ2K578RKUfHKh3Ce_Wd7m5XWpWZH8WDsBRE49l7op__QMXRR1ampIkE_RCQxOKadU7OPVWqmxLxbkhhJ1bPMQrA86qjKS0_zM_XULFJ5D1pjfcELtD7iDVSfYk8AowZkcO4hDygOHWQn-MLqabgqctQTprW0hNBaSA78N1odNR2Nq1nzW8hvPvGdb9di_eYiqodWn-mEus3jJQmh23p8xnAef76tDXAbgzpNFKBxmzOrUhZySuygcaNxNoAVCXlwqQTyyZZbiKh7RbrPH9BusnOc8tlkWd1QIYQ2uajTpOS-u9IzS736J-Y21yIfEo3Kg-SzwA5JlX5M7ORv-jJxLHNdBb4XHjNoeeev5vOh3r54a5_t5wtc8eeoEEQB-cHTFeHz6M2JmxXbeGOcWQfXgYi5jcSypBgjqIBNwYGtFcpkTtw8K0alDfkpFvawwJ98A-1SU3848FM6D7gTbUf8U4d3Wj1Vyn2MUvtfUmbm7WNPGSK_PwLdhd11UpG28Qhbp17byZRMVwtBu55AM6aN7VZTMd51QwkUHX9evWaCDtcRl0-q_HDgqxk3Yg9ZDt7HDDmZb-5Juka_V5JKOYnfwhr4Qfjv1XL4ndgdZsAI9BMd2SOw7Ea2k0mWsvTEXfP6P99vtLEgQ8K_HBw-A06W1un2hf-3Hlpq-3nhL4L8DY-7ejdJXmiUfu3YUZ-Kjkj3FwuJlX4KkfXayCyAsUdomlyfzDCdDuUn_zpzSMWr5PyNzvANw2fqx8PUZYgR4qpOqAiLH79EZQAWMkBR2y-gt4ETF8MJ3toPFhY1QyS7I9JE0xwXA8gRom6WujOkt18SiUo5kGJO6duS4kqR09oaZRqCuzvq1jQ9Xrt_-NVbMzDcuiA5TMvRfHn4fdbL8lkzlJebcGE61qI2sdjfI_Dl9OJhsdZqkxOZviVKrvSkP7ro6e1-bjDRDwUkcK1wtXX29R5wLLa03Lx6pvhSsE9eGaunqg6ElVFR4iJTCLadUGQ_4LjQtwpXu36Td7it7-toZ0MGFhTCf9tF12ej5DmsMLJiuRcGxKnDvb2woCQW4RLH5JVM5YQZ9OnA2Zbc-veVEeBwdVuGZM7MVNMMQexhVcG1pQWq7QzJfzRFC--IgkZsrPPJNvY5h_rk-VNIzCGkPjDPL78tKFpwBqoAdl02vpbeIp87YWMP1R7ZT-XkkQcGaYVbeQcFQJpDZjAblKUvT6WVR9vxrKR4bSO8J0ypEzw6jwXV_updcNT_F6EBoCtdVLtxY3mlTNF07EqWGYgYN3V1paCuCb9aqoT9fS5nDRlVKVyZLr7uFKqdPOD7QwPlJkHf2jd_1TFEODmKJZebaFmmgaQWSaO5ZwWp1xpDR_vjcn4o5qU_3RV-7ULZSevaqAa8MwqZrhJeSwTbvnQx9sERVEZGOnQAkIvzCb3lH3TT4SSY_73XSRhmUTEYizxKOqHu8VUalMoWcK1f1zB4NhIGPj4Hc6APkxxrcLUUXvSl79c0S2ra4MtzfWJs5TvN6mnXSoqvh1Hclm5nfp-OxySX93x81vEdD0MmeHROOMBD0mYx9jH_Yowg1QVkTckwE5d1kIpnf1AujzQwr-eGha3sjIeQ2DtjUywIwx4xI4KK-5i7406fBV7zGH7wporiA9-92HFnn_AZbobcGokPeeOH-3xY8qK-D4A_C_VScwsJBdVnvnMjw60RxGocNYO1zlxC2acKjtK9xgvqhL6gCt4Kn_1DyYE0tvHmkuyjH9cnSAUiK-zUor5Bqb_6_5ZcCv-GAyt-ICaRU0p7Q9FQuXOMx4loohkFJAlnDGm_Qb8psopNS44pv2aH2kx_LXWeAUo9NkeBS3XwY4fbn7OsWyORHpwf9_fVUfsAKtXw3Obj0nbyhzdO5CYN1urW4Y6XpiLrOuNUODu4ixQGkXuAOUwHjg8hcBQSlDsn9xej122WSKUeAxU9s6N5aW6O-rTdf7K_dcIb-Xbk6XvVw5jQIb0ssCXFbksPYJDRQD2uAEHp3iYmpQbzhAFOrUaNGSiXFTwQoa1Fi9FwLTwhD_b9rsy4I6db3gBrqizrkNidhyljGeIP1sfCT376CGW6MJTK4Y_FGXQ9d1cusewN-SctVH2ET1NWZrzI7OznTNJBAflgW8RmfmvIt7KHwQy6VrR8pRFCalk4lr0hRveVwOu7_Xca7HA1gRZqiSEm0P0l4AHnFGdKjzxDvwBI2XeiifISU1E5i4j8QtQrKvxBm6x6eJ3bTonlFs_TM0rPxBYIsqbaLq2fiHikFw1Vq8LbXbFN9m-v62nddKjpOM8hUb9TY2yDknAfLRlusPHVTrOLYxw8X0bjRvqkizCgbHT94MeofPwzaxubZCya4Mr1msnCa0h9fwnbbGDyxyaVHLwvpak_yWsMKdCuoSd4G59UmHysT7Hq72_8Ej1gLDHeh32oOOQvQQRRID9_JkTH4Yi1G-0Gh6SMsO9wqPPzreDoXW0EddkQrPPLXJjgJZSJQb9kKDaL-knt8s4Ifaz3bLrD2sc1IlmYJkTivI6leLrpQ7N8Y7zDzubK_CORi5taJPAooqShh-mdFpYvaoCxZ9CqHpAlb-PtkJrhJNS3c06qKFWm0DiRGdNTJGbehLkmwYq11tYYp7L2305dn7mF4kkWfo1syB6LONYE-B1DTC4g5ftuQSq2jcMFwl_YI0hmWVlFp1ZPKi6E2x9LHaGbNBqGE-Gxv7EzGAUEFLHrwzvusUuw0yc7QXp_UARp4maO7t4_Tsl3nf5dBPKoNH1rxtQXNyByFtXPn8gDohZdYNl0NTo37RVsZ9O9DZjMzMMYGuIp7IGMBI2-iq3Myo496p_8GT5M_PXzmprEiWse7aA8MNDjOF48XvAmG_2qniHtfUdgdjjC1dBMI9ieSeTZn0Gx8UqMn867FTFW30rKP4ba6ecYjw632iSdm-FeO5bww&cid=CAQSSwDICaaNwfGzBMFk6K1w-AnPZw9GdTpO4Ke6hr5UjXAhrQn7jXhBrPnnwj8jOeUz3EIBVsQTveyHYH6nU7Z6SNSasH4HOJ5ZqQBD5hgB&dv3_ver=m202309260101&rfl=https%3A%2F%2Fs6.dosya.tc%2F&ds=l&xdt=1&iif=1&cor=2672066130820731000&adk=2923430907&idt=123&cac=0&dtd=9 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 4fcc2c45e5c8be67198b1d2c38bef90e3373e59b91be75e915711bfa7c10d22a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 13:38:45 GMT content-encoding br x-content-type-options nosniff age 8445 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11602 x-xss-protection 0 server cafe etag 2362517075893974484 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 22 Oct 2023 13:38:45 GMT
GET H3	200	UFYwWwmt.js Show response tpc.googlesyndication.com/sodar/ Frame 72B0	41 KB 13 KB	20ms 20ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 06:58:24 GMT content-encoding br x-content-type-options nosniff age 205266 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 13692 x-xss-protection 0 last-modified Sun, 25 Jun 2023 02:58:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Sat, 05 Oct 2024 06:58:24 GMT
GET H3	200	DcmEnabler_01_250.js Show response s0.2mdn.net/879366/ Frame 5995	32 KB 11 KB	21ms 21ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 17:05:58 GMT content-encoding gzip x-content-type-options nosniff age 82412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11558 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 08 Oct 2023 17:05:58 GMT
GET H3	200	8d07b282c8e661b71feb1e048005bbde.js Show response s0.2mdn.net/sadbundle/2820510171590749393/ Frame 5F3F	104 KB 30 KB	21ms 21ms	Script application/x-javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 15:50:19 GMT content-encoding gzip x-content-type-options nosniff age 86951 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30387 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 06 Oct 2024 15:50:19 GMT
GET H3	200	8d07b282c8e661b71feb1e048005bbde.js Show response s0.2mdn.net/sadbundle/2820510171590749393/ Frame AC3C	104 KB 30 KB	28ms 28ms	Script application/x-javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash e4ca7dc00ebd21774414cb682d0c1dd4d3b7b864612e2a0daa610112503d56d7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 15:50:19 GMT content-encoding gzip x-content-type-options nosniff age 86951 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 30387 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type application/x-javascript access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 06 Oct 2024 15:50:19 GMT
GET DATA	200 OK	truncated / Frame 72B0	212 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash d19e9d957f8a95313ad5d6905245a3e1d955cfac1d43c1a75db173e21fc606f8 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H2	200	main.19.8.439.js Show response static.adsafeprotected.com/ Frame F8A4	207 KB 65 KB	48ms 8ms	Script application/javascript	2600:9000:223f:7800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.19.8.439.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rjss/st/1686300/75378868/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bidurl=https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0gAI21635b9xWLEj6qGZQY1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 09 Aug 2023 13:42:57 GMT x-amz-version-id jxULgCd28jZVPRI.j5D8yH73I4fVMdj5 content-encoding gzip via 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 5192194 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 08 Aug 2023 19:01:42 GMT server AmazonS3 etag W/"f00fcc2e1b804b8a3edfbb8cb19bddaa" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id ED6555t3di_blL9z5hiUV4ZSZ6pPDyZ-dU7Qbkl0qD7d5Hxw24jtxA==
GET H3	200	Enqz_20U.html Show response tpc.googlesyndication.com/sodar/ Frame 92CA	22 KB 8 KB	18ms 18ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/Enqz_20U.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 266998 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 8395 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 13:49:32 GMT expires Fri, 04 Oct 2024 13:49:32 GMT last-modified Tue, 03 Mar 2020 20:15:00 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	main.19.8.439.js Show response static.adsafeprotected.com/ Frame 72B0	207 KB 65 KB	8ms 8ms	Script application/javascript	2600:9000:223f:7800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/main.19.8.439.js Requested by Host: fw.adsafeprotected.com URL: https://fw.adsafeprotected.com/rjss/st/1686300/75378987/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bidurl=https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html&ias_dealId=&ias_xappb=&adsafe_par&ias_impId=v4~~ABAjH0hEinYeD0-ZqeEBAHMgEXYL Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash efc2b5f3cfb42ac86c11900be6091d645853af46ab4f01bfba7280c3ac37ae02 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 09 Aug 2023 13:42:57 GMT x-amz-version-id jxULgCd28jZVPRI.j5D8yH73I4fVMdj5 content-encoding gzip via 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 5192194 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 08 Aug 2023 19:01:42 GMT server AmazonS3 etag W/"f00fcc2e1b804b8a3edfbb8cb19bddaa" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id Pxe8OX14UkriJKcx2LMbq9WwO2_oMbqgHXfxlEUjLtDUUO2YhMfibQ==
GET H3	200	index.html Show response s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	137 KB 23 KB	18ms 17ms	Document text/html	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b59df8f9102ba4d4ccf63c5026e2d85bee8cf0d226d68e20bd9ae010c146469f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://googleads.g.doubleclick.net/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes access-control-allow-origin * age 282170 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 23864 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" cross-origin-resource-policy cross-origin date Thu, 05 Oct 2023 09:36:40 GMT expires Fri, 04 Oct 2024 09:36:40 GMT last-modified Fri, 29 Sep 2023 07:42:08 GMT report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-dns-prefetch-control off x-xss-protection 0
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame 72B0	0 0	53ms 52ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfQKSaCWK5X1xFhmxcRtcBAE-Wvgan2if1wqPypVHWwKNI7UoCIhcDXufzCrNXcjRi5S-b2roQVKOaWjikCECMBW_HMRB4Xf-jxscfY0--CVBqno54HyTq6RZ0smWoRQeRTWVd7D80RhlJnzsBIS9BKwdB0p35xgnKPy9KLQOS1tVrEtdNdTgfqla4-5ghM2EOcMqlWg4a-mH9fp4bzzCUfFZ1aD-dAhE9q2ey8XoUIuihcfYC2RWA2eCRI1qDBadune0FMI8vEUARqaEoZSqTHs2z_I6WZ_jpF8MG5LTuqqFzYtT2FCylcTCbCAAEQWsUW6DraTLYg3bhMYmy4vs5gckpSYJDzEv0n6SS4KtfnWDBw2JqBeSBzkIqQ4GOIXhRtyOYkbh_LpdLLmUtOhcpIuBbwNkArcdll5pECNZ1B7mUllS0ih5h23hno6sZr0_Vjhgl7FP4IGdzqZHLp0PqrpKfRLA8alOIqBkRlZwDFI3J2HSFeZ1XMVo7chwyk8Hr4cWzFPlK6y9QATWqCvKtPE4yoTMvgW7E3DDdOF3NgqVtVbNC2ENZPR4vqaeXWUcDq6HV3tBQFqQ9B_PVyep_Y7Xsq_rcJE_aDzEDEdEPC9VekUUpO5oCyv4kTdOnLDS7D0uANYYjjKbwCpZkICEyTYziLnoJ2MuzK--h7J2KD82CPsZG9iab6YVrLUOKfknS8yHS0UTo85OxMErRUdxIG3Hpz-MyqAl2hXxvrvPFwimKmH6qIywWHD4b3J9iTy_yAZHu_2JsCvd36dZcjFZ0O3P05bTXI2I2rsYUlMTN_Ae_2AApusVG_UsiP3v3aNfdLEDMi9aIPoqyKw01BNHs40CJppkt8W2_HbN-ZPfrBPI0A0ZigGml3RAghq1rqqqQ6Q6skLbjKXxXB5esw5npCMIQ4RxP-qZdF2MPC7Bw48LTufVTPdBSZ6fOhGH6OztT1QgoZwT6kBV-Y2j18pxlQK6qeds3G2olwVFA7iEeLAM5oSQDIHTBCGV-Tdymeb5CFF1WBdBPosS2CcUX0lTaDmGcPvkcxOjW9zZ9HQBTS1TpnJPPWl513Y6ltK3aGiAyNqt2ISuTEVtrftPNPVwhLdeCV45qVU11L3fxl896dZhwR9fcQe_oaskpQjOrgOUSxgwNzEqVzTl91-QDVABKBgXmI3yL5EfMTvMjixrCaEYo0GkLfQK0Hl8rqGUrSrXBtWkNNdOrW4gHXqPwkHjZXiOKSUgasp0-kQhAvfENFSilxYpLHwIs9cnxXbW2k5gL9cO4Luea5g&sai=AMfl-YR4NYRUmXKaClAPLipKQrHsGbR9SYhX0KPIis1tLnVEZCw_nilH_e0fQI0FLdBjh92G7e9-Rg-H4cjBwCL7LwcYSsc3f9VPlJs6oGxfzZpjwYaf8G80az1uCoJ62XEOT8PWF8VUnrsNQdEtO6DSeciojLS0XDfYJ3JIMaxklCYuldGey1iJtNZgNaLavD9dhY49OKHRKSeW2WspMImiz_6lFcNsYjRjbLuUljiODDnJ5J5dvUp8DPsrZC06fYjAslz0K98DliyD1ARyQkHGStgvaddllg5R&sig=Cg0ArKJSzJ_MOjxdQiaxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=133&cbvp=1&cstd=132&cisv=r20231004.76658&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers content-security-policy script-src 'none'; object-src 'none' date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-origin * content-type image/gif cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	93656 tags.bluekai.com/site/ Frame 72B0	62 B 455 B	169ms 169ms	Image image/gif	23.192.153.172 AKAMAI-AS
General Check archive.org Show headers Download Go to Show image Full URL https://tags.bluekai.com/site/93656?limit=0&phint=event%3Dimp&phint=aid%3D6531095&phint=cid%3D30606763&phint=crid%3D200802063&phint=pid%3D377231980 Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 23.192.153.172 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US), Reverse DNS a23-192-153-172.deploy.static.akamaitechnologies.com Software / Resource Hash 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT content-type image/gif p3p CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml" cache-control max-age=0, no-cache, no-store content-length 62 bk-server ad02 expires Thu, 01 Dec 1994 16:00:00 GMT
GET H2	200	view googleads4.g.doubleclick.net/pcs/ Frame F8A4	0 0	48ms 47ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvxv56E2D8fvPKgp84Z6I350JJ5t8Q64LeYLSn9usqascf_k11swWbk-VIJr3mv_tgbK1wpT3oYz93nKkATqVKF_PBvkqt0tjjb14s5LmeqZz9liiKD3EHIIL5ZL6kglmFFQpy4MIXJA0kYZJ8u9xiRFgeIkt7CF1u-ebjNqKEsxPbOa27LIjgsxPDk7NXvNgCawrhIihnDmEZAz6-k2_nzsZynn6dizHopLnHX0_JW6A12lS0JAFhnjq1H8l2s6W6-yGFTu6m6xO_AsYvg6q3ulBIp7wXifdi8GMauqPyLN6nKEegPDcSPOXznsa6w0KBRe8TdUyL7YYot7oEnK9v-IQvFcTPnpbMc6z-vNoMJESWb6Js4yZWaAKzSfkeI8kLjL_pFMYjGMOaPUKP9By8Ti6dVTphZpr5H8Idw0asf9lNs6ngyvNfPEnrev64B9nYMqUG8kidwOC4jeu4xEPlVzdSIKEy4qGunfDaX6llobmmjsqqBRcEPFysRCyz21SVLQ-UmaB4wMgTq1KuZPa4GzoVC1E0TpbV9sKkq-s3OFfOXvPCBEhGDw1L7JFwneHD7jeEgbRSmtrUC_V_9gmTrUw48_qCFl4ZkXU51OyJLSQsKNrMNSunwf5WMp59adQp-r9jeJoguy99ZD-eAFS0b0gZDEnm8vUNT7_IcVbepQp1nYJZCmwR2C3FU7mjNCUKXWv883xiuZVopEVOxUqe0To_6njVUDYqMkzLusZJacubz1izeBfCG2dDRheX--3mB9Bx_7i7Y1Co9h-Rnlyqw6JJZYnTPm_7tp6PGt7lsnZCQcpNLnQBz3jDk_BUO6qmRycblUprzyrgCPiCZCdRMbViK7-kISCGzNR08fV4QoMOADVdeBEaOgacFKd5jIMlsoLmBEISdutsc9lOReDZyRzr9s5vCvJHYXd7e8TMcT7I9QDOWYy_4lm_h9MLjDMOn3BS9f7gw8kj2hmTwDwuCIKnZJ-l69JWjLC-fDACousZLLrdOyUbLny6lDdhJRqPDsU0demkfeLZ9abKDwnzS6D4qq7HW0grVe6xTK14KA0gVNLV5AMLXiqVnd-s0KiO2EbvySTHtn3FIECNg6j-YSp1g_mDcUMXjelxiKiI-ZsOBPorzdMZ-Bl9MW_iIATGO9v5ao4BIeDkQhr505dDZF21zJu9qrfvzYYLl5Ug93jqnBPt_qrLVk9w_XPiWlVG1oBoMsYh_iEcJd_3m2nYaudXuoQ8YUx1JuhUu7vWu687sowPwpeZHdmE2TV52KTFOHyeLig1MJ34T&sai=AMfl-YSVLrBJ2NxkLf3VvmaOiwHEo3AHknaFwoiaZ9thi1xMDmhOOCaRw2qiyDoSSTKNBVB76dgwE8-4EoNY0FM_0kdLitwNZ4IclNMdnA8mb43Ud8-4fGDhKdLRQX42ovMlQU0z4OqU3o6wnafwUByWxvlFpoKJxU_QyLEVGtSSMhKgb6k9DKju-WBLV3oUB71YfWbxbXZ5v4MxWqH_9fRhQgtF1DdnuBdFHepBJrARlKDeMZaj--otQH1kJGnRgPv3wHT0cPIQjUdL7FXcyYIxPN7v2BBmBRP-&sig=Cg0ArKJSzKSy-Ld0uXWAEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=307&vt=11&dtpt=219&dett=3&cstd=87&cisv=r20231004.17486&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:30 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame 5F3F	2 KB 979 B	72ms 27ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 08 Oct 2023 15:59:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 08 Oct 2023 14:17:16 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 08 Oct 2023 15:59:31 GMT
GET H3	200	af9207a0cd9e781e6d61b1297b7280fc.png s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame 5F3F	21 KB 21 KB	22ms 22ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/af9207a0cd9e781e6d61b1297b7280fc.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7049516c1201eae8a55bee5b4d86ca350fdf595ca5034badb106177e21dfb45f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 16:16:55 GMT x-content-type-options nosniff age 171755 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21072 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 16:16:55 GMT
GET H3	200	fb2405b160d35da2c54812c244ca11bc.svg s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame 5F3F	7 KB 2 KB	26ms 26ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/fb2405b160d35da2c54812c244ca11bc.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 14:49:05 GMT content-encoding gzip x-content-type-options nosniff age 177025 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2357 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 14:49:05 GMT
GET H3	200	af9207a0cd9e781e6d61b1297b7280fc.png s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame AC3C	21 KB 21 KB	23ms 23ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/af9207a0cd9e781e6d61b1297b7280fc.png Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7049516c1201eae8a55bee5b4d86ca350fdf595ca5034badb106177e21dfb45f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 16:16:55 GMT x-content-type-options nosniff age 171755 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21072 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 16:16:55 GMT
GET H3	200	fb2405b160d35da2c54812c244ca11bc.svg s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame AC3C	7 KB 2 KB	26ms 26ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/fb2405b160d35da2c54812c244ca11bc.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 14:49:05 GMT content-encoding gzip x-content-type-options nosniff age 177025 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2357 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 14:49:05 GMT
GET H2	200	css fonts.googleapis.com/ Frame AC3C	2 KB 643 B	72ms 28ms	Stylesheet text/css	2a00:1450:4001:828::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Roboto:500 Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash fd3fad3e15262b0e096e7d7cc57efd2e684a679ccacb704d94542ba3d7d93d17 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Sun, 08 Oct 2023 15:59:31 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Sun, 08 Oct 2023 14:04:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Sun, 08 Oct 2023 15:59:31 GMT
GET H3	200	DcmEnabler_01_250.js Show response s0.2mdn.net/879366/ Frame CE81	32 KB 11 KB	19ms 19ms	Script text/javascript	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://s0.2mdn.net/879366/DcmEnabler_01_250.js Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash fc9fe8ec0612072dc6d3b4acd268e09d28c253807f47846a5f70dd8360d1a0d1 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sat, 07 Oct 2023 17:05:58 GMT content-encoding gzip x-content-type-options nosniff age 82412 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 11558 x-xss-protection 0 last-modified Tue, 14 Mar 2023 21:28:37 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type text/javascript access-control-allow-origin * cache-control public, max-age=86400 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sun, 08 Oct 2023 17:05:58 GMT
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame F8A4 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1686300/75378868/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bi... https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=	17 B 463 B	9ms 9ms	Script application/javascript	2600:9000:223f:7800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Server 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 16 Jan 2023 03:51:51 GMT x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 via 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 22939661 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id cAahoTbIvioNY3zSY5iCFypohW7ptSOOQhqA191hqxK_U-qr1uFbBQ== Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name app05.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 065D	91 KB 23 KB	8ms 8ms	Script application/javascript	2600:9000:223f:7800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 00:09:11 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1525821 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id 6-7SppRKciLHUvv5Py37bF-7-8Kn1F4dkkMgq_lEt9YZJ0FHvVu9jw==
GET H3	200	Visual4.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	4 KB 4 KB	19ms 18ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/Visual4.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f5a5ec59e7428ad7de8e5e9eb67482cd828998e7fbea889c885087219ead2ab3 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 02 Oct 2023 14:12:13 GMT x-content-type-options nosniff age 524838 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4181 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Tue, 01 Oct 2024 14:12:13 GMT
GET H3	200	Prise.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	3 KB 3 KB	21ms 20ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/Prise.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acb173caca15b7d5eed30ded54460747f02ebd7ee7bff077687f582d7ae54af6 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 19:16:00 GMT x-content-type-options nosniff age 247411 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2718 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 19:16:00 GMT
GET H3	200	Prod.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	7 KB 7 KB	22ms 21ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/Prod.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 938cf5b68d30192f442a8e26acfaf66c23a20bfa705d693d4ecc20c83bd59774 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 19:16:00 GMT x-content-type-options nosniff age 247411 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7462 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 19:16:00 GMT
GET H3	404	text2.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	43 B 69 B	68ms 66ms	Image image/gif	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/text2.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server sffe x-dns-prefetch-control off content-type image/gif access-control-allow-origin * cache-control public, max-age=0 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 expires Sun, 08 Oct 2023 15:59:31 GMT
GET H3	200	Visual2.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	1 KB 1 KB	24ms 22ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/Visual2.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dbf014778428c36a12a3c46dd90d45ad9dbb4435190753bc781d0040c8534522 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 11:58:42 GMT x-content-type-options nosniff age 273649 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1211 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 11:58:42 GMT
GET H3	200	Visual.jpg s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	6 KB 6 KB	22ms 21ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/Visual.jpg Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c50c09fd22c86cd879b4d4e4dadf8474974573a316da189d3f1c2691d77a5f32 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 11:00:08 GMT x-content-type-options nosniff age 277163 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6214 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 11:00:08 GMT
GET H3	200	Text1.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	2 KB 2 KB	21ms 20ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/Text1.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 5fecc31af625a0c543029cf595d99e2fd562f5396435b8c7c502a33dafe3a606 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 01:23:24 GMT x-content-type-options nosniff age 311767 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2315 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 01:23:24 GMT
GET H3	200	MM_Logo.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	1 KB 2 KB	24ms 23ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/MM_Logo.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cddad8fe5eebe649c094b2dba994f6a2f5d2f15c5a094b54a941bd2be5d09e56 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 11:36:03 GMT x-content-type-options nosniff age 275008 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1523 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 11:36:03 GMT
GET H3	200	SA_Logo.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	2 KB 2 KB	24ms 23ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/SA_Logo.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d337a3641f428b291fcb5d9f22cdaa4c56458cb7b5429aa92bfdfa0f467999c0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 21:56:59 GMT x-content-type-options nosniff age 324152 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1784 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 03 Oct 2024 21:56:59 GMT
GET H3	200	Visual1.png s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/ Frame 5995	21 KB 21 KB	24ms 23ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/Visual1.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 36d451b913a8b274502a8454aef8774f936cecefde7f3bcd5e831dc193f42dac Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/11499119635807365861/728x90%20LG%2055%20NANO%20756%20Q/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 21:56:59 GMT x-content-type-options nosniff age 324152 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21133 x-xss-protection 0 last-modified Fri, 29 Sep 2023 06:44:21 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 03 Oct 2024 21:56:59 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame F8A4	43 B 215 B	549ms 179ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=70d9b96b-84ed-f765-d733-4d60d66a5755&tv=%7Bc:qtlPID,pingTime:-3,time:212,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:159%7D,%7Bpiv:0,vs:o,r:l,t:212%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:213,n:212,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:158,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~728.90%5D%7D%7D,%7Bsl:o,t:212,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tS6Xc87+11%7C12%7C131%7C132%7C133%7C1411%7C1412%7C14131%7C1511%7C15121%7C1513%7C161*.1686300-75378868%7C1611%7C16121%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:160%7D&br=c Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt22.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame F8A4	43 B 215 B	543ms 180ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=70d9b96b-84ed-f765-d733-4d60d66a5755&tv=%7Bc:qtlPII,pingTime:-6,time:218,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:218,n:212,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:158,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~728.90%5D%7D%7D,%7Bsl:o,t:212,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B6~0%5D,as:%5B6~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tS6Xc87+11%7C12%7C131%7C132%7C133%7C1411%7C1412%7C14131%7C1511%7C15121%7C1513%7C161*.1686300-75378868%7C1611%7C16121%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:160%7D&tpiLookup=ao:s6.dosya.tc*%2Cgoogleads.g.doubleclick.net*&br=c Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt23.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Show response pagead2.googlesyndication.com/bg/ Frame 92CA	37 KB 14 KB	8ms 8ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/FvrbBlV_jFWbJeQ31HKG04hrbzYZAPR58b-SgZjo0Pc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 16fadb06557f8c559b25e437d47286d3886b6f361900f479f1bf928198e8d0f7 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 09:32:25 GMT content-encoding br x-content-type-options nosniff age 282426 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14696 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Fri, 04 Oct 2024 09:32:25 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame 5F3F	16 KB 16 KB	254ms 8ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 18:20:08 GMT x-content-type-options nosniff age 250763 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Oct 2024 18:20:08 GMT
GET H2	200	KFOlCnqEu92Fr1MmEU9fBBc4.woff2 fonts.gstatic.com/s/roboto/v30/ Frame AC3C	16 KB 16 KB	256ms 9ms	Font font/woff2	2a00:1450:4001:82f::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Roboto:500 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://s0.2mdn.net accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 18:20:08 GMT x-content-type-options nosniff age 250763 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15920 x-xss-protection 0 last-modified Wed, 11 May 2022 19:24:45 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Fri, 04 Oct 2024 18:20:08 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame F8A4	43 B 215 B	698ms 355ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=70d9b96b-84ed-f765-d733-4d60d66a5755&tv=%7Bc:qtlPJ4,pingTime:-2,time:239,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:550,beZ:551,mfA:694,cmA:695,inA:695,inZ:698,prA:699,prZ:704,si:709,poA:710,poZ:722,cmZ:722,mfZ:722,loA:767,loZ:769,ltA:788,ltZ:788,mdA:551,mdZ:608%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:159%7D,%7Bpiv:0,vs:o,r:l,t:212%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:239,n:212,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:158,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~728.90%5D%7D%7D,%7Bsl:o,t:212,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B27~0%5D,as:%5B27~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tS6Xc87+11%7C12%7C131%7C132%7C133%7C1411%7C1412%7C14131%7C1511%7C15121%7C1513%7C161*.1686300-75378868%7C1611%7C16121%7C1613,idMap:161*,pd:CV8L.internal-pdf-viewer,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:160,sinceFw:79,readyFired:true%7D&br=c Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt28.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	skeleton.js Show response static.adsafeprotected.com/ Frame 72B0 Redirect Chain https://fw.adsafeprotected.com/rfw/st/1686300/75378987/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=1014294059&ias_pubId=pub-9775275426073837&ias_chanId=1&ias_placementId=20600109049&bi... https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb=	17 B 466 B	8ms 8ms	Script application/javascript	2600:9000:223f:7800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb= Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H2 Server 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Mon, 16 Jan 2023 03:51:51 GMT x-amz-version-id nylqTweorRThFHMBJSrf_fHcWx3KVKN3 via 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 22939661 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED content-length 17 last-modified Mon, 17 Aug 2020 23:54:35 GMT server AmazonS3 etag "53fab767ecbd3bf07990b10246befbd4" content-type application/javascript cache-control max-age=315360000 accept-ranges bytes x-amz-cf-id LEMOE6AzIPvxUbsMBqzpDxb8wCSGLOPYdvp8a5--REuAYMPo5Z4zCQ== Redirect headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name app06.ie.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" location https://static.adsafeprotected.com/skeleton.js?bundleId=${BUNDLE_ID}&ias_xappb= cache-control no-cache content-length 0
GET H2	200	sca.17.6.2.js Show response static.adsafeprotected.com/ Frame 0318	91 KB 23 KB	9ms 9ms	Script application/javascript	2600:9000:223f:7800:8:48e:53c0:93a1 AMAZON-02
General Check archive.org Show headers Download Go to Full URL https://static.adsafeprotected.com/sca.17.6.2.js Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2600:9000:223f:7800:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US), Reverse DNS Software AmazonS3 / Resource Hash 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 21 Sep 2023 00:09:11 GMT x-amz-version-id go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy content-encoding gzip via 1.1 fc562aab29280948aa0691960bee3d6a.cloudfront.net (CloudFront) x-amz-cf-pop FRA56-P5 age 1525821 x-amz-server-side-encryption AES256 x-cache Hit from cloudfront x-amz-replication-status COMPLETED last-modified Tue, 20 Sep 2022 19:21:34 GMT server AmazonS3 etag W/"1f3488247c90bb5de253d3d0cb3b7458" vary Accept-Encoding content-type application/javascript cache-control max-age=315360000 x-amz-cf-id QGbz09eJgUINW2OsKgMBeKb-h9vda2KUS_K6GRh6HFfhDSZXS_sAJQ==
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 72B0	0 0	55ms 55ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstfQKSaCWK5X1xFhmxcRtcBAE-Wvgan2if1wqPypVHWwKNI7UoCIhcDXufzCrNXcjRi5S-b2roQVKOaWjikCECMBW_HMRB4Xf-jxscfY0--CVBqno54HyTq6RZ0smWoRQeRTWVd7D80RhlJnzsBIS9BKwdB0p35xgnKPy9KLQOS1tVrEtdNdTgfqla4-5ghM2EOcMqlWg4a-mH9fp4bzzCUfFZ1aD-dAhE9q2ey8XoUIuihcfYC2RWA2eCRI1qDBadune0FMI8vEUARqaEoZSqTHs2z_I6WZ_jpF8MG5LTuqqFzYtT2FCylcTCbCAAEQWsUW6DraTLYg3bhMYmy4vs5gckpSYJDzEv0n6SS4KtfnWDBw2JqBeSBzkIqQ4GOIXhRtyOYkbh_LpdLLmUtOhcpIuBbwNkArcdll5pECNZ1B7mUllS0ih5h23hno6sZr0_Vjhgl7FP4IGdzqZHLp0PqrpKfRLA8alOIqBkRlZwDFI3J2HSFeZ1XMVo7chwyk8Hr4cWzFPlK6y9QATWqCvKtPE4yoTMvgW7E3DDdOF3NgqVtVbNC2ENZPR4vqaeXWUcDq6HV3tBQFqQ9B_PVyep_Y7Xsq_rcJE_aDzEDEdEPC9VekUUpO5oCyv4kTdOnLDS7D0uANYYjjKbwCpZkICEyTYziLnoJ2MuzK--h7J2KD82CPsZG9iab6YVrLUOKfknS8yHS0UTo85OxMErRUdxIG3Hpz-MyqAl2hXxvrvPFwimKmH6qIywWHD4b3J9iTy_yAZHu_2JsCvd36dZcjFZ0O3P05bTXI2I2rsYUlMTN_Ae_2AApusVG_UsiP3v3aNfdLEDMi9aIPoqyKw01BNHs40CJppkt8W2_HbN-ZPfrBPI0A0ZigGml3RAghq1rqqqQ6Q6skLbjKXxXB5esw5npCMIQ4RxP-qZdF2MPC7Bw48LTufVTPdBSZ6fOhGH6OztT1QgoZwT6kBV-Y2j18pxlQK6qeds3G2olwVFA7iEeLAM5oSQDIHTBCGV-Tdymeb5CFF1WBdBPosS2CcUX0lTaDmGcPvkcxOjW9zZ9HQBTS1TpnJPPWl513Y6ltK3aGiAyNqt2ISuTEVtrftPNPVwhLdeCV45qVU11L3fxl896dZhwR9fcQe_oaskpQjOrgOUSxgwNzEqVzTl91-QDVABKBgXmI3yL5EfMTvMjixrCaEYo0GkLfQK0Hl8rqGUrSrXBtWkNNdOrW4gHXqPwkHjZXiOKSUgasp0-kQhAvfENFSilxYpLHwIs9cnxXbW2k5gL9cO4Luea5g&sai=AMfl-YR4NYRUmXKaClAPLipKQrHsGbR9SYhX0KPIis1tLnVEZCw_nilH_e0fQI0FLdBjh92G7e9-Rg-H4cjBwCL7LwcYSsc3f9VPlJs6oGxfzZpjwYaf8G80az1uCoJ62XEOT8PWF8VUnrsNQdEtO6DSeciojLS0XDfYJ3JIMaxklCYuldGey1iJtNZgNaLavD9dhY49OKHRKSeW2WspMImiz_6lFcNsYjRjbLuUljiODDnJ5J5dvUp8DPsrZC06fYjAslz0K98DliyD1ARyQkHGStgvaddllg5R&sig=Cg0ArKJSzJ_MOjxdQiaxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=324&vt=11&dtpt=191&dett=3&cstd=132&cisv=r20231004.76658&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame C637	0 20 B	114ms 113ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BM-je4tEiZZLcHr-WjuwPgranyAwAAAAAOAHgBAI&bg=!lJell9jNAAYMG8UMLBs7ADQBe5WfOEknlaycfjrG-M1D0ee6O-yul2OY_hMMXKjZuBmkhWLcL9lZ0YaL1_UBJSzdBFFcAgAAARJSAAAABWgBB5kC_92tK_v2JIKp2z-UPDKeUu8jUj0aBhTcvBdkdF4o85RxebxwmMWQyU_ME1Um7Q9d7HKir3iCMKijD1gbT8B8QU59zgJCWXTogpBZ8442DHyQUdiA8gXDoSasWZmlXjOQTT3pQMLeaLuoUoCnNqUQ5kKgpFmDK4WphGkuxEdsvPpqEuipCLMTx3xxDSDa01qOg-r6VvPh9jmQfGpk8pXqd2oNLlRFflEg7bxoayY25vaO9CzkGiyS-fN-rGTPIibRWeUX9z6Zkgikao7pX171hoI2rNTRFtd-TNcENeP70tXmKMrgVtBi6cC5Z0CoLuwRjm-wv8cDsbcMdSTj52bl9rD7BfYdCpI4bRJOhvyF5y1HBJchbzAfz6erCGJtnXR1g4uFI0U-AhEwprAVia2PzjXSi7A6gddBcVXVZh884_QJ4OPqwBrMlXfwCBjd2ppb5r0bgE3eevZn0_Qy5-0ZGPPyUWEPbO9deWhxF2SFwYi4eqE7OKsMvn59npHNH06NtptyrPqvDq0LTQqU75R6I0Jv8AH58rZLtVC_qnn1gtiD8rcSWE0M5HbG6obSAEUyBVuoxXJ4-ISxGbD79ppuPSmL0B6xhQz-hN8884nQyscu3HbZKMZh0Ywz717wFkNOftPeilr_JLm1HymCG3LbPPatbYRNHWp4GnpQJnwlOof67hLwuQOXvlOMiMi5pTAyRkqRejIBW9dDy2UB2rrmNfHSks3PzSMUMT_8RMX2IrYme50AbqldL0PVuSC4O_I5R6QbbXV0qIj0gnj1APkb3n5l4Ek3fiK98OGoPuL81K0QSwMEfCfNcIpXzWhadY-SWM4r5sFHAR5pb6Lr1aPweZ62jo8ogMtI4s4-xtcb6HWVpK8X2IOTT_BN-IanK-B_XAyWOCqCEzgFTvGqfK8EQhkfSvuY7yL3gcG-a0N0y0xPSZi3-F0bj-l_0Q9s2da6Wx2CznetDBOH2fl53I0-5UigyYEafoIztg_BjomluXs3ECFbG6MH1CfmvJWWYu9j Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 72B0	43 B 215 B	660ms 355ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=9b870df3-ff7d-688e-13f4-041dd36a9758&tv=%7Bc:qtlPJG,pingTime:-3,time:202,type:v,im:%7Bpci:%7Btdr:21%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:177%7D,%7Bpiv:-1,vs:n,r:,t:200%7D,%7Bpiv:0,vs:o,r:l,t:202%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:202,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:n,t:200,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~1,0~0%5D,as:%5B2~300.250%5D%7D%7D,%7Bsl:o,t:202,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tS6Xc9k+11%7C12%7C13*.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C1611%7C16121%7C1613%7C1614,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:177%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt25.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 72B0	43 B 216 B	483ms 178ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=9b870df3-ff7d-688e-13f4-041dd36a9758&tv=%7Bc:qtlPJH,pingTime:-6,time:203,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:203,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:n,t:200,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~1,0~0%5D,as:%5B2~300.250%5D%7D%7D,%7Bsl:o,t:202,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tS6Xc9k+11%7C12%7C13*.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C1611%7C16121%7C1613%7C1614,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:177%7D&tpiLookup=ao:s6.dosya.tc*&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt24.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame E995	0 20 B	113ms 113ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BH0NS4tEiZfjyHtjCx_APwLm96AgAAAAAOAHgBAI&bg=!S0ilSAfNAAYMG8UMLBs7ADQBe5WfONh0ZnyRQmNO-4tl-0WuAtzPl2IKwZeYPkwaZtpiPYeVqwybq9DTFrHem_zliONOAgAAATVSAAAABGgBBwoADpMn4T6LDOYs3uRh5Uk-mQMTaLxXvw1M2zMkJMiypagD492M302SFbLcjgDsr4iNCSqHmHJtY27RHKpzV2MNZIkx5vqPs2LTeergxZODsV2rOTO-yPLXXikw0Q__z0QVCIUTm9dxTBG-YAk830GjivzVPP-WFzomPTWfcID_tFnr9M-_XcOoQVUrT9VbQHoVDQ-JoJbNZWv0wfxXEhcRJjpO2Yq2qG2JuWH4TEKIrz2M2psHZM4j1ntAfOzUYixo1fE8N6SFK8jHqX4LXMGTPmlKYNc_jh5EDHEe5TGsGr0PHBJfXXIKANKSwEgictMgrcrWWK24n_gOsNWLgFVUHRAKjb-B1QAQUi-oeskwFK91lcHOk6GwsYB38EnE9fErBtw2xBrhusMaZjZtSHDKwO-oc67KR_tt78Vz_IzB1mIchQowngJWUdmHMqx2U5Lylh-KeW9y4ietmr5pFMRhIwZ5hFW9Z7W9LJj5cYU25Idk0B8Ru4DyEHDJsS8wPcJuZMq55q2qZDrYExpnH-IJ56Rgvaj8w6ZujnQrQBmiYDiP902PkB1bLG7xX5pKEOz9BvpOUE3X-CLFrFbKV4UNjHYOlJxoGmYGDC8tkcCF5bN9_v7Vl8m5Jo_riaUPyhisFleiL57jeRGEtgD2fZZio4D4rcN0CHXBS6kc2U1_1bjsbTvQfs7zRWfax9iQShXciSBgb41nWSU23Gxm0ORu-Ckew-mb20K7tCma83z0cZ1noyEo1mTh8RTazA5wQQajjBYwDplzNFts4j26HeuM460Wetsl-nk6Ar5CcvjAvwAQ6of2zMDPYSgOxS_IXeFWeYesEafKTvSD1Dq72aUgFUFsVFEXoMzD15la2erPztmZ7BfYzkA8hJGvWDGZoq4svJ6y_RdWqypTgsW5W2WO4MI9ThCwKezx1lpV91RtwMU-ThaQEH70m2ysNjjNVDl-858p8xde1YvlIKify7MEhconNa9a_TFYvMToZN2_6NtNAipV9dU3k1CGBdTEEX1S_OHAyOGQMjHatX1imnz_y3dKOtTjvYFaogVsnPYqCCfefRG1Ug Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/html/r20231004/r20110914/zrt_lookup.html?fsb=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 72B0	43 B 215 B	469ms 179ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=9b870df3-ff7d-688e-13f4-041dd36a9758&tv=%7Bc:qtlPJW,pingTime:-2,time:218,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:1728,beZ:1729,mfA:1899,cmA:1899,inA:1899,inZ:1900,prA:1900,prZ:1903,si:1905,poA:1905,poZ:1911,cmZ:1911,mfZ:1911,loA:1930,loZ:1931,ltA:1945,ltZ:1945,mdA:1729,mdZ:1741%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:177%7D,%7Bpiv:-1,vs:n,r:,t:200%7D,%7Bpiv:0,vs:o,r:l,t:202%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:218,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:n,t:200,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~1,0~0%5D,as:%5B2~300.250%5D%7D%7D,%7Bsl:o,t:202,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B16~0%5D,as:%5B16~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tS6Xc87+11%7C12%7C13*.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C161.1686300-75378868%7C1611%7C16121%7C1613%7C1614,idMap:13*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:177,sinceFw:40,readyFired:true%7D&br=c Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt26.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	Visual4.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	4 KB 4 KB	17ms 16ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/Visual4.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 8f134a359c4d6eddf5f209a60a7d36098e4b8b6d563d44d8c296f6a84f49bce9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 10:33:17 GMT x-content-type-options nosniff age 278774 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 4335 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 10:33:17 GMT
GET H3	200	CTA1.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	1 KB 1 KB	18ms 17ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/CTA1.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 700c5217840eb7f1cccc8f8baae216fe6ffdb92eeee3081162cda5c7bc11834a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 17:23:52 GMT x-content-type-options nosniff age 254139 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1123 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 17:23:52 GMT
GET H3	200	Prise.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	3 KB 3 KB	21ms 19ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/Prise.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0dc891189c0e460430f09f657392997892e731051e66841cff2ae057dc3ef09a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Wed, 04 Oct 2023 21:09:07 GMT x-content-type-options nosniff age 327024 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2887 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Thu, 03 Oct 2024 21:09:07 GMT
GET H3	200	Prod.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	7 KB 7 KB	20ms 18ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/Prod.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf16f842cfd8880951bd6b989188d431241be62d65251f67d14f49a40c7d5de8 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 07:33:07 GMT x-content-type-options nosniff age 289584 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 7091 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 07:33:07 GMT
GET H3	200	CTA.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	2 KB 2 KB	21ms 20ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/CTA.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3a965c47cdc93f20ec8e54a7245b166d7f02eb688401ded4f562c4d2e899bb99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 13:00:24 GMT x-content-type-options nosniff age 269947 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1692 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 13:00:24 GMT
GET H3	404	text2.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	43 B 69 B	295ms 293ms	Image image/gif	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/text2.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server sffe x-dns-prefetch-control off content-type image/gif access-control-allow-origin * cache-control public, max-age=0 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 43 x-xss-protection 0 expires Sun, 08 Oct 2023 15:59:31 GMT
GET H3	200	Visual2.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	1 KB 1 KB	21ms 19ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/Visual2.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 40c8cae4925d67c7252386f0912a2ea85d1ae5fe50c4d207d935e655187ba614 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 10:08:33 GMT x-content-type-options nosniff age 280258 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1036 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 10:08:33 GMT
GET H3	200	Visual.jpg s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	12 KB 12 KB	23ms 21ms	Image image/jpeg	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/Visual.jpg Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash aa93cc5f2ab65481616b2c5076e6be58c02dba501475ee1afb6f4ac7379c9726 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 01:32:50 GMT x-content-type-options nosniff age 311201 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12088 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 01:32:50 GMT
GET H3	200	Text1.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	2 KB 2 KB	22ms 21ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/Text1.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash dac17b5c97549812c5fc58f1b43d6d80295a29af6e053a6ab530bf67ce53a5e0 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 00:22:05 GMT x-content-type-options nosniff age 315446 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2281 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 00:22:05 GMT
GET H3	200	MM_Logo.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	1 KB 1 KB	22ms 21ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/MM_Logo.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 6cb6de4ede11071d20e1082219816a2bfb6758a033255620b5043c050c975958 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 16:53:48 GMT x-content-type-options nosniff age 255943 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1419 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 16:53:48 GMT
GET H3	200	SA_Logo.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	2 KB 2 KB	23ms 22ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/SA_Logo.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 14da64b505b2a1568681040ae22449a1dc2498504f619260fe383ca1772c3b60 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 14:26:38 GMT x-content-type-options nosniff age 264773 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1569 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 14:26:38 GMT
GET H3	200	Visual1.png s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/ Frame CE81	14 KB 14 KB	24ms 22ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/Visual1.png Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash d822f3c406b44748bac1021d8f25277d82c4371f39fa6e72b968e00e00fd3e07 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2021454657408300064/300x250%20Philips%20Kaffevollautomat/_export/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Thu, 05 Oct 2023 11:02:39 GMT x-content-type-options nosniff age 277012 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14559 x-xss-protection 0 last-modified Fri, 29 Sep 2023 07:42:08 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Fri, 04 Oct 2024 11:02:39 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 7D59	0 20 B	114ms 113ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BTLjo4tEiZZKlIvK8x_APz5efkAgAAAAAOAHgBAI&bg=!AwClAE_NAAYMG8UMLBs7ADQBe5WfONtMS90KWu50doMBOpoqxWIBFjzd6luIsBVIoQDJrEWItxJihOGoya5cwnjLupJrAgAAARNSAAAABGgBB5kDCIQDM35E8bKfNoqjzIaGg2sJDN_Q60jYSaKApaiZJKjVUZgat4ZW_4e7T3DmqSVjhpvc9GcObdDQ1GLW1uQ1PMHcobgnZJ1SZc-j_NZQir-e-OCvCn0e24YtrildXfZuY3ytIdJFM5mhhYCWu_D6Ypp_3QbrMidEnOculV12g26m-4MTJVPTZMJA6hrGPW_eUKgJnxGnTs5CeEtAoJi4del0r3IGhXcSXcgIZUZeDVwgp0mrScOSIfKaah-am75kLDcmo5i8fgjIsYUME_OJjIKSdmWzM7DbE8wIxtu8ZEIouvFOC2h9iKsNYbzxWOSYj5TXpyUFzuxY6WDVYDFh4uTw54BoiRxc9_o8evCkNXhwg24k8pyczEZSFSoxbMXnA01IMeF6mM0TtlDMQaYNuauSDQeAeSRW9e3Kgox13PBE5_7CrtLndvbWdvSSHAPox_JrcT-Zt2TocMipoE2hHZFBu3Y2P-7BwD-owTUFsusBimJYQLxP6_afe4r_BHv6ynnx9vP5fvXQwnAr09TZw_djfIFizTcJxRxU09XrLgSatDClEPCCEa87xccSTWXFlq1xQeYLKKtlIyoP5wodCW-zFSbc6HnN82iVzl2lektqoTng4YDq5ZSMr3LLFNn3aJnmCVg_F-mqHl4KcyzhqAF8buwzOJu9Bo4KtvMj-WdGk8MMFVYnOhj2riZeRVPPewLQ8BXNkkdkb3EOwS6Fq-BWA6Wlnfooh_X3gcZS0HLVcywj1C-pwgLy1eyQPooyZYwcHSLYmxE1gPOzb_MBpTUsoeur67AcVrG3KqNHEiy8fuJswgQJ36Wwpr_lgPc4PhdTo_LpoylTrKf88IZhoUL4ZMTDQVxDjypGfMSHZwxE5SHyXzw3Jm4ozDHM0fO13E5i4RBOpEYgzRs4oqBQk1zgTKZMG5ENGLoWOMD01elbJnfxxYY9LzJIPsrAIoscDL35q4QSJmEPmdS2W8NoimcygN_RH60bgU5iydzqy1yn9W65rk83hkAk0EaRflCRwYjrvJQlpBAO Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame B2A0	0 0	55ms 55ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssgIYpnyEyh5xB0Qd4CO4xVvtH-dag9Yzayo3HkUSDuBqp3IGMi6qFI0ogdtWdrWco4Nbf-z8z2F7-Sk-isWbmBl1blB54TyHCiLtja5_lsUeOLzAlimfqtA775qUTM_b79P7nx_0j4b1uW9_2YyzRjFogqQgOlrLPvpKDHc66QbQIdA2OOh83wc9-qyceHL_Et9H7ojceCE2IXVbGmsk--hnaKfZ00RPa0xNPLBaHdW8q-PS6B0LYWhXISvaGxINPTQm7hew9qZT1xWx6SCA5_-aYFA18lky7iAX6lUEAaiBUgxVbissyUhj57M3WxmDl49BK8NaZu4oT1aoJP2yATqloGfTyuBc4NVLfUIm5car6ffLseHyRDPt8-dagAVAKPz2aEm3TIrhpiW7aXdg6zeOo4awZyQPbKNlhMeM6cOqRnVkm7ovZ2_rSpUiR8dO68JuiO4j97B0ols8ZFDFOgxdU3JhuNhsSqMIWv2RZMuj48_GFlsyRQTc4AzLt8pIdifgwUgUE3TTBICD6UTXKQcoCKwRWteeWVEWP1bD9lhjsTPb6dDnMiPgWff7EC_IZyDF9Jty32antUAcYFXWMHA6e8AfwJVFg0MGU4zvDEKYb5SK8Sg_YcIBPJHr3RXaTKz9S2fJeONxgBmgoYL7jcQ6rBKj2lqMMf-a-p9hV2MpXdPVp6B0QpVzVuEbHB-OQDy_BK7LCqyfc-lEPqt9pP00aNplkGNpW-ZKHhzj_l3UEXAyMX8vdzQjdIu57nA6MdP7uRVcv575KtZLY2xpaplAvMOZhh0UdaK5lUGW3eUroulie1H2JZYQ1R9iAfMfXXlby4_v6l-WF4lUEVvhtPv__XF6w1MFusAtXT15CvnONaHS_hAsC4PHHTlFPR9jc8WIuRW20a5x-91C_HxJwc5sGFZcSUkrLtWonLvZpmVTKrBk12lIyKsjHnMdNP5m7bXeHgIL0tlHBA-AZX6MSet22ognldrY1WPDgzHs4VdzHMKIozU6jXWtb469O-nE7LGi1YQM64uX2jyMXVpFZfwpjriLMpptjsCiPlFCBlBaX8d6t3jXSBF-2HhWi1OW0GZwW1_EE23-GpjogdHYIq2Z-5N4SAMoLRwT-KrWico6uxmLIYzbF0uJQ7wzNZBVKxPmG6shrEr8DB-9w8zEPbvfNkC-ExC12u8VjSNEQ2sR6kjQ9mmemzQTQuUgJX4_au2Hw-NIpAG6g0INwdelKyR2Q27WYTUkXtKGweIM4G21fYZ5eBpqg5YKVqVNkAA87mwZPTW1-GcY6EfkIe38XFMs7IJcjNaOfOnP0&sai=AMfl-YQeeeeFxm8AbBZmPvVZbAqspBkNEPpk7V_Jax5pOuZ5HD-eTuY6mRiwYs6iJbPWFed6bj0iHfuectVfj6rBaihZV7D39GYEXBoBRcKPUl2etXGyNnZgVemiUYQuyH2-QgSj8IRrdep6cu4PPUv7zJbYSc10PmPBiKQu8YzH3ctHe0N1nZPJJ4tuJQg3GFcEDcWf-_6PxkM_f3H6LxQS7ol0CeEKjfFM_Jtym7rUrTTvAcOc8kzqIOkGXBjpojugYKqxMrhHGJKHYL0HELzwWI3EZv9-pfPpYi1JaB5HZS97Secgpm-ex0o6&sig=Cg0ArKJSzBSrugj_wEdhEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=746&vt=11&dtpt=638&dett=3&cstd=107&cisv=r20231004.52769&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET DATA	200 OK	truncated / Frame B2A0	210 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 1ef504ec5c676ab3098fe2ca1edc7baaac98aaeb7475516850656b2151758a25 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H3	200	fb2405b160d35da2c54812c244ca11bc.svg s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame 5F3F	7 KB 2 KB	17ms 17ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/fb2405b160d35da2c54812c244ca11bc.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 14:49:05 GMT content-encoding gzip x-content-type-options nosniff age 177026 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2357 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 14:49:05 GMT
GET H3	200	view googleads4.g.doubleclick.net/pcs/ Frame 73B3	0 0	54ms 54ms	Fetch image/gif	142.250.184.194 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst5OsmbJv7DDVopNheZb-HT-JadWEYwwXXDC3wGK4Tvi3iE1zAgIuI0odR7h_bVmsEgL4OgAy5fGAIKHsBBOkrwdlPt_NV3faMnPE2Z_IYAQ5u7zA-vFT76mJX-D88tr8ubnVx5q_UjVIJSb7Sqy3nvKz26q8si9UN0zJeJ9Q-z9T_iaN757-xgyCGFsF9IN4YoWy22kM9q9ds_G-NJqYR-82CN2LHS-4P5wiFOzLXrxkQuf51J180GW3zg9b6j6KJkzA9ze4q1yMp0tOHNf87x5WvpxlTI0ZgR87RdMxgRweGSmDLSD0vNV6sBYdZUMbWi68ju7HTNXWjl5--LaWSQTQkYMK2Xn7z0MU8XO5tjJUIEWqLYTlIOWp9jZkHUfHRGanizqPkXQ-WMPGb6T_BHFDPCOKg2U5pSa_iAxzbfEHzXUZCCh-24VUMd5rFG6A3psAtHi3t9-xw0XTPVWphRoyVxB3iVnX5rl6pOePLGy3MtfDugSnk1SepCQigr-Ya3_3NUZy-ZoRJ8xzC-LWdxfbfJrxEyyrWRqirScLsU2TfDRuEDYYf_Jx6PhsS5up2cKwGmsPDzV4LQfufrHUnmxwR7FSeMktB5n-3hDRzlwrkloq6y4APMTsxbz1bJ-aujZwv-Oz83rnrTxhz7oq7NYib-hBXMy8BDEorOz7Dn0_10VgAzPtAe9Ep0nYhHEjknp7lvXn_jtJuDGYD9vRUyIVl-NWuo_5jVHTlZXtvgEmX56cc6Cji3c6bK1QqmV0avslNGXJcAJssz_XcJavCK4CMhy3szoI-MDvsmhHGNWzQukIYg_bQt-Cl5R7tI5r_e5njOehd-3uLszyP0Gii8udpwxa3zumCP-0Zgxbv66ehOu6ptV-YYv1yJYohXmuLYz9D5Smclihum7w-MYJBMj7lvgiCwIawIPU0Tt3qL61124O-m6fxKVU_schJydon99gHf68tzR4h7CncbQgt7lR0JZBrvC-qF_GtTXHFMjpVydBnVERC4Hs6kHOCa50BAy2XNY1tA7cSCS7JE01ZlgIToAse1i_fjRsX6V0HUko6QmEEfpoDx1gG-KaG-onlqrgSNv__xzBnd6ZsRCwMukix-ofIsVLXN3k2OwwByhXp7vala305z6jzphDSGsaqjO78Ogy5VfSdZaVPX9nBY50Dqp3F8AYG2eDeAdCcltVfXEux1USQWpb_dHj2wIKMmq5v4X8L-ffkdSSna3XwSaEzsZO9hMzcpha3vYwrFjs_c0ohNHbjlTvfmt5t-2Xwoaj64ophYRQotY5q9GQPccxoYHFQfsszkPP4&sai=AMfl-YRIevpW8V4imslQCy3S8Fy_EwinpVhknGM-Lm9fXIBtNxT-x2fyBj8DNziyfcGJGF9STi6rTSqK5OahjF4LCIDj0Q3t_Sb8GsnU-cof-iQ8DuIM5DARBb7xAYLTQUmKxu4WxMjuHjHYtaqq8cjjvP_69_fgAyvaoCm63G2pm9ordJkSH2b-3Uq8FSNjkx1zVXT2bBnnmyhFU7lTmA7YsjlS8-PhLa0kilZwXXYzIFP3JE5oBvQ98GC5A09amlVWP7-k_lw55lbgeuMI4yDS8Fs8sXmdkII6cEvrA9gjKSoJXh3TkrNYKV8_&sig=Cg0ArKJSzAM10K9YTZkjEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=823&vt=11&dtpt=661&dett=3&cstd=160&cisv=r20231004.09753&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl= Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 142.250.184.194 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra24s11-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff accept-ch Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64 server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	af9207a0cd9e781e6d61b1297b7280fc.png s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame 5F3F	21 KB 21 KB	16ms 16ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/af9207a0cd9e781e6d61b1297b7280fc.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7049516c1201eae8a55bee5b4d86ca350fdf595ca5034badb106177e21dfb45f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 16:16:55 GMT x-content-type-options nosniff age 171756 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21072 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 16:16:55 GMT
GET DATA	200 OK	truncated / Frame 73B3	213 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2dcdc9d88b73fb02252ee9a672d9cec5707cd7c4b5e2517c540bf0d9b7c2de54 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers Content-Type image/png
GET H3	200	fb2405b160d35da2c54812c244ca11bc.svg s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame AC3C	7 KB 2 KB	17ms 16ms	Image image/svg+xml	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/fb2405b160d35da2c54812c244ca11bc.svg Requested by Host: s0.2mdn.net URL: https://s0.2mdn.net/sadbundle/2820510171590749393/8d07b282c8e661b71feb1e048005bbde.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3ae0acf8f41b691001b7f1ab5413ddb845dc438f0edf7e354960a305f3f9d1bb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 14:49:05 GMT content-encoding gzip x-content-type-options nosniff age 177026 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2357 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe vary Accept-Encoding report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/svg+xml access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 14:49:05 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame F8A4	43 B 215 B	375ms 354ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=70d9b96b-84ed-f765-d733-4d60d66a5755&tv=%7Bc:qtlPOg,pingTime:-10,time:561,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696780771423%7C%7C40ecb6cd710919a81b4662b14aa58d59%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7C69da61e9aae5784b6e7638a92bc7d5d8%7C%7C332537a270b4b80ae1e31f078abcc978%7C%7C6727726959da7a6954b046e7205fc9fc%7C%7Cb4e50aea51553e85c4e2c5f64e28ef0a%7C%7C5d7180baf2ba78df51116c1eb5779cfa%7C%7C1663701684%7D Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt27.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	af9207a0cd9e781e6d61b1297b7280fc.png s0.2mdn.net/sadbundle/2820510171590749393/media/ Frame AC3C	21 KB 21 KB	19ms 18ms	Image image/png	2a00:1450:4001:827::2006 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://s0.2mdn.net/sadbundle/2820510171590749393/media/af9207a0cd9e781e6d61b1297b7280fc.png Requested by Host: s6.dosya.tc URL: https://s6.dosya.tc/server15/u8r2cw/screy_gri.rar.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 7049516c1201eae8a55bee5b4d86ca350fdf595ca5034badb106177e21dfb45f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s0.2mdn.net/sadbundle/2820510171590749393/index.html?ev=01_250 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Fri, 06 Oct 2023 16:16:55 GMT x-content-type-options nosniff age 171756 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 21072 x-xss-protection 0 last-modified Wed, 29 Mar 2023 14:41:42 GMT server sffe report-to {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="ads-doubleclick-media" expires Sat, 05 Oct 2024 16:16:55 GMT
GET H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 92CA	0 20 B	114ms 114ms	Image image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BmCPc4tEiZYWPLIm5x_AP77mEqAoAAAAAOAHgBAI&bg=!Xl2lXRLNAAYMG8UMLBs7ADQBe5WfOBTLQHqpYZTnDE7K-xAZk1QGCaehsIGoNZdwYPGtuD6GS6wFATse5VXRZ04tHLuZAgAAAH1SAAAAB2gBB5kC1SOZfFrK70XuADpxIFvd3OZxtrukIb5zlwXXSXy8UZOuBUxeEDN7VG7BYi-GQdn9Yfp07M7G7ORpCZCKMzVrnHARraHef9xz3Q4a52-SsIhTfVlzaiOS63jd9XsI1GLbLvwQaYSRVolofIK-NwLpP-y7oyp0FM2HvkF2zqIJOD-PH7vjiGhYSGat2ofKhDV5g-gV5Tx7fGlI0q9TNo9goBX4HCRasXYfiJrR59c_hExW8WtUAW61lUU8lAqP7L6elJtNQbOXqWMPZ_wqYeYIHtpADjDAJbqw3FEQkcD3T9_iGnzNT2fEnifLyXBd9DvtR4tlfUt4DeacGzaThADtBZEZObGZPkAOdq-P3EWFx3fAEeZk1NfnCqnW-gKNUsgIn0UT3B4P3Cprdc_9dfafUFEFmfvw3ltb_UkdjSOg4oSc_0rZQ1YXelYeSuyU4aCbag6WaRPU8ojGrWcqzT638gyrZuoV2rsjqceWCwIHG_M03NaMgl2se8GOsPaGBmbf4dKbpqleDuDsV0BaJ-82REvARGrnaFuasIUwlQZnZ7O3JSdI8Emdrt3mSe4iAYJ5Mrqk4XMh3692YxJ2_bvl1T-POOTOjUIx1cBjw3TFOhIXbrnZGO4useP1d1dJYg9N1xpWSao-h4jNm59o8SOyIRFz7updixHuya7tSc_uOK4cZpqH8zR5OO0msQtt6JIO3b7D4S_4SKnJq6BwxtpLP1MMNVtIAxvTF8CtXnejinPK4FbgaZ1VRdjtWA1rDahKV1DzbQ4H3COMDUk--4x8tyrTUk5lYCvdyga45z-H8vV527-JxhW1qPTKIBV2aba3b_w8KnSks4IFX1JITi4V4pueXlQWjUzq5_AYdYDDCdu6Cj3VVR3rtl7Qs2EEkCcSbRD7zVuOJTqn3kWoePe2jowexidU6u-RSE61FU5GLQ1MYyrijDopEBTn61lz0-saz-FhTPbM Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame 72B0	43 B 215 B	179ms 179ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=9b870df3-ff7d-688e-13f4-041dd36a9758&tv=%7Bc:qtlPS2,pingTime:-10,time:720,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwtMTIwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE3LjAuNTkzOC4xNDkgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1696780771658%7C%7C8705c02e7951172a01a744ebee557097%7C%7C8e5269e98501ac65ff2ab303e742fcb1%7C%7C28aa2acc887a25a8e5f97ab2247c2af3%7C%7C5bafaa9f9278e787fca3a3976471beb8%7C%7C1840b758fbe0adca3a10c3e4de920b80%7C%7Cb9da1d154e58846274b891e58b304a3a%7C%7C0f5a830951df0f4a3f21a9b637f0307b%7C%7C1663701684%7D Requested by Host: googleads.g.doubleclick.net URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-9775275426073837&output=html&h=250&slotname=8144100105&adk=3870207184&adf=2904689491&pi=t.ma~as.8144100105&w=300&lmt=1696773569&format=300x250&url=https%3A%2F%2Fs6.dosya.tc%2Fserver15%2Fu8r2cw%2Fscrey_gri.rar.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1696780768920&bpp=1&bdt=198&idt=286&shv=r20231004&mjsv=m202310020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6644968593830&frm=20&pv=1&ga_vid=2145869572.1696780769&ga_sid=1696780769&ga_hid=1510779643&ga_fc=1&u_tz=120&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=800&ady=175&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44801484%2C44804783&oid=2&pvsid=232416423136216&tmod=565048093&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2v1pSgCoXT&p=https%3A//s6.dosya.tc&dtd=290 Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT server nginx x-server-name dt12.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame F8A4	42 B 174 B	115ms 114ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssANroT9eg4NxGlpVoD8M2KRoIr0nsh7WuC9tKlpgC5mEPnHf9nPGBWxTXrzTIBKkXSOWnO8x6OKjqb_VdIN4w3UduQqARRrDWc9Vi9R8184OxmgqzITuug4W3GPET7QF-o2rLQW1Yna6SS&sai=AMfl-YQdc0YcQivP3huVulvjy3lIVeSLRqyTHvCzQyoZtGefLsn5JHnuq66Qv8Ml31R7lbTwK6exPnay1GeWkJNCEOEHpI4SdtY4jUJxjKJUL7kR37fiPkYzugYb-gSfUuDxPlKhT9o3frHnV09R&sig=Cg0ArKJSzFV0oLQ1GcFOEAE&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=457,946,1000,1000,1000&tos=457,489,54,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696780770314&rpt=351&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	84ms 83ms	XHR application/json	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231004&st=env Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash b8c1d64faca7086294ab912f46380f18c1765591fba588377aae1a16f360b937 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:31 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12192 x-xss-protection 0
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 72B0	42 B 64 B	133ms 133ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvJLc9hAYEi4BMg9GObw4RRmGxY5meaS_51_JfJVAxQeRFbjugBOAmPmPCqdPxNHzuv50sqfkwCdqe7OhAK0ivOzWQnTlZoxcO-4R62ArOmRQsfi_7eD4K442YySH6n3IZcAwdFPgngesAA&sai=AMfl-YRveGgFGtG14BF-gY6ST_VA_JvLQSGjOVccbVRPOxGRhpmrk256lpt0NkyAExQ2UQNuYBJBs6DrQS1A7f2f7cmmWp1iyy1XPlJlOHFeDZcAJY7OZohiTNEYbbKLpfg7XRkaitO72Ei2btLx&sig=Cg0ArKJSzCswdqo14Ug5EAE&cid=CAQSSwDICaaNwfGzBMFk6K1w-AnPZw9GdTpO4Ke6hr5UjXAhrQn7jXhBrPnnwj8jOeUz3EIBVsQTveyHYH6nU7Z6SNSasH4HOJ5ZqQBD5hgB&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3870207184&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696780769210&rpt=1632&met=ce&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:31 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 6 KB	262ms 262ms	Script text/javascript	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310020101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-9775275426073837&plah=s6.dosya.tc Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:32 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Sun, 08 Oct 2023 15:59:32 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame F8A4	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=4355684868074&version=m202309260101&ct=76&x=1&cor=6443121171443670000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	dt dt.adsafeprotected.com/ Frame F8A4	43 B 215 B	180ms 180ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=70d9b96b-84ed-f765-d733-4d60d66a5755&tv=%7Bc:qtlPZB,pingTime:1,time:1264,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:159%7D,%7Bpiv:0,vs:o,r:l,t:212%7D,%7Bpiv:94,vs:i,r:,t:263%7D,%7Bpiv:100,t:464%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:263,n:212,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:158,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~728.90%5D%7D%7D,%7Bsl:o,t:212,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D,%7Bsl:i,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,800~100%5D,as:%5B1001~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:699,fm:tS6Xc87+11%7C12%7C13.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C14131%7C1511%7C15121%7C1513%7C161*.1686300-75378868%7C1611%7C16121%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:160,sis:294%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT server nginx x-server-name dt10.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 72B0	43 B 215 B	181ms 180ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=9b870df3-ff7d-688e-13f4-041dd36a9758&tv=%7Bc:qtlQ06,pingTime:1,time:1220,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:177%7D,%7Bpiv:-1,vs:n,r:,t:200%7D,%7Bpiv:0,vs:o,r:l,t:202%7D,%7Bpiv:100,vs:i,r:,t:219%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:219,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:n,t:200,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~1,0~0%5D,as:%5B2~300.250%5D%7D%7D,%7Bsl:o,t:202,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:i,t:219,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:181,fm:tS6Xc87+11%7C12%7C13*.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C161.1686300-75378868%7C1611%7C16121%7C1613%7C1614,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:177,sis:467%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT server nginx x-server-name dt19.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H2	200	dt dt.adsafeprotected.com/ Frame 72B0	43 B 215 B	180ms 180ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=9b870df3-ff7d-688e-13f4-041dd36a9758&tv=%7Bc:qtlQ06,pingTime:1,time:1220,type:pf,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:250,t:177%7D,%7Bpiv:-1,vs:n,r:,t:200%7D,%7Bpiv:0,vs:o,r:l,t:202%7D,%7Bpiv:100,vs:i,r:,t:219%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:219,n:2,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:177,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B28~0%5D,as:%5B28~300.250%5D%7D%7D,%7Bsl:n,t:200,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~1,0~0%5D,as:%5B2~300.250%5D%7D%7D,%7Bsl:o,t:202,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B17~0%5D,as:%5B17~300.250%5D%7D%7D,%7Bsl:i,t:219,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:4,em:true,fr:false,e:,tt:rjss,dtt:181,fm:tS6Xc87+11%7C12%7C13*.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C1413%7C1511%7C1512%7C1513%7C161.1686300-75378868%7C1611%7C16121%7C1613%7C1614,idMap:13*,rmeas:1,rend:1,renddet:XIFRAME.qs.lf,siq:177,sis:467%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT server nginx x-server-name dt20.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
GET H3	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame E31B	13 KB 5 KB	27ms 26ms	Document text/html	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 3567 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:00:05 GMT expires Mon, 07 Oct 2024 15:00:05 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 0CF6	829 B 1 KB	68ms 19ms	Document text/html	2a00:1450:4001:828::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash 6c4c9707c3a4bedb4d7c9287447bcd12aae57516bb06681fec4be797ebad56be Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-mZFwDCNWnZVFG939aL7nzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://s6.dosya.tc/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-mZFwDCNWnZVFG939aL7nzg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Sun, 08 Oct 2023 15:59:32 GMT expires Sun, 08 Oct 2023 15:59:32 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Show response pagead2.googlesyndication.com/bg/ Frame E31B	37 KB 14 KB	9ms 8ms	Script text/javascript	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/YeTNF82ErcXtSc42GSWrie2SEIEL8DxR64dbf1nZkSc.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61e4cd17cd84adc5ed49ce361925ab89ed9210810bf03c51eb875b7f59d99127 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 14:30:57 GMT content-encoding br x-content-type-options nosniff age 5315 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 14663 x-xss-protection 0 last-modified Mon, 02 Oct 2023 14:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Mon, 07 Oct 2024 14:30:57 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 0CF6	0 0	154ms 154ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231004&jk=232416423136216&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame E31B	0 10 B	27ms 26ms	Image text/plain	2a00:1450:4001:830::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?fgMpxg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers date Sun, 08 Oct 2023 15:59:32 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET H2	200	dt dt.adsafeprotected.com/ Frame F8A4	43 B 215 B	179ms 179ms	Image image/gif	2600:1f13:800:7782:e12d:34:a2a5:c8e8 AMAZON-02
General Check archive.org Show headers Download Go to Show image Full URL https://dt.adsafeprotected.com/dt?advEntityId=1686300&asId=70d9b96b-84ed-f765-d733-4d60d66a5755&tv=%7Bc:qtlQ2P,pingTime:1,time:1464,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:159%7D,%7Bpiv:0,vs:o,r:l,t:212%7D,%7Bpiv:94,vs:i,r:,t:263%7D,%7Bpiv:100,t:464%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1201,o:263,n:212,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:158,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B65~1,0~0%5D,as:%5B65~728.90%5D%7D%7D,%7Bsl:o,t:212,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B51~0%5D,as:%5B51~728.90%5D%7D%7D,%7Bsl:i,t:263,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B201~75,1000~100%5D,as:%5B1201~728.90%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:189,fm:tS6Xc87+11%7C12%7C13.1686300-75378987%7C131%7C132%7C133%7C1411%7C1412%7C14131%7C1511%7C15121%7C1513%7C161*.1686300-75378868%7C1611%7C16121%7C1613,idMap:161*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:160,sis:294%7D&br=c Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 2600:1f13:800:7782:e12d:34:a2a5:c8e8 Boardman, United States, ASN16509 (AMAZON-02, US), Reverse DNS Software nginx / Resource Hash b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT server nginx x-server-name dt04.or.303net.net p3p CP="COM NAV INT STA NID OUR IND NOI" content-type image/gif cache-control no-cache content-length 43
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame B2A0	0 20 B	109ms 109ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=2699971117653&version=m202309260101&ct=76&x=1&cor=5900418081909504000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 73B3	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=6692896761671&version=m202309260101&ct=76&x=1&cor=9502703168247263000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame B2A0	42 B 64 B	134ms 134ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstsvOX1LdxOnYnbtdIhNflYyAXVhlGzjMCGZgcBzLTT5AH7681qHPkT5yhRSfI_ZdG1YL2Y8Y5ae9u1T8tgjXeK_P5siHK8PM6Lq3lrOChi1yHRBQZS8j7h2Spce2NQmQoUBFOUuvQagBEL&sai=AMfl-YTiWzqV1KO_tGE-6eI8eTw5gUntvzrHh5iuqFfuA1ifu-h33yr0XgKmdAFze5tQr3fh9NKNe4RmIYYjqK2q0QbTnw6FeaPCcOiwMqfxDo-vj-IdPZTtaAVtMx_7wJEdYlAoSErSwHx-p_qe&sig=Cg0ArKJSzC6-r9L4sHCyEAE&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696780770270&rpt=363&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 73B3	42 B 64 B	138ms 137ms	Fetch image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvbradQ4-wVNG4LAsmsy02Tr1UnsdGu3oG3lcpwwZimWajANE65Q8jT5WyjO2hIQVxOPdEhWGqFjc6SNar7i92ekcaJhlXkDLuDyg9KNx2DPNjjvgKOYUimZFE9m5rBacOA2xnpVnXs7q9S&sai=AMfl-YStdPZ4PdMySQ2tpQdhFj0PN0sudph1RkGyfoDCdldY091PRmL_JTe5J171VMMX2RpFSyaJzilWIOe8ncFaJ1KWmJNKuj2soXqU7WxMnRWPn0PYDhvam8M3qpKs_pFuec8PoJSrFXQwPAnK&sig=Cg0ArKJSzBn_zSAR7Z9EEAE&cid=CAQSSwDICaaNH5LiVIlxTSJIu82uQP5T1ErL0ytMUPRpeXr-ew0B0DMb1VGru5E21GPkjFI0ldMnG0mibcX4FYirJsbj_4JlJ0xdrY9mhRgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231004&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1696780770298&rpt=303&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	160ms 160ms	Image text/html	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231004&jk=232416423136216&bg=!BAelB0jNAAbjlzx0w5c7ADQBe5WfOJVQtrG-jdR14pgKP_gH41udoe9Eutf-Y9kyzqyQJew7jNFgnIOKF6pge-wQEe_pAgAAAEVSAAAABWgBBwoA1vduROS9KYBYnxy3fvtC2ErU41g6qT03fFgpjgD4nsdshqPxRBwgaPxVzbil40_ej2egR0nvKK0oPVOVsauCv68Ip0xxcQavVrHEjiIAZanatqd05O6gJ2Sxv3VqZJQ4mPbONA0Aa15FsJrLJS1H_IIe2r1EUyhE56XPyzuP3W8JmhATeYA6u3ylvjwEkG5VGhVx219XsDINomE8MiM2M3fdyfWpVnJ4UOnEaJMKHXbWdtMsygS5pUXenDUc0MO2yRMdLay-WndPRQso7LM2IK0NBkkXL9mZArP4qPlRfRP5GlZq1woRWMSVDsbfBR1LIM36wtL8CPFW6LqKr_RhEGZPiUPCpPr3IHgaEIuhwM3Dg9icq6RZZnU3UhjJeV41VDvu2LEtTJDFQITGn_hZ2yTw5NcVDtyJUQXeK9ZJqrGOGctyQPMfCT5wiect4YJVm_SKysHboXON397sq5e1pn4FyVuybCLqHHR58bkGNUxsqk0TSssZxX-C2sRc7ivWwDzHfKqHqGr1Gbh5XI9anjxNLKIZbJ03BUmORImAGs8Za-wBH-TtWeQpAY-AHqu2Pu0Mc-3_uOmPnBcgB2rwbySPfbGz1mlqXPa6qf_B2U6x4b2TCSo4MOiFGmKIuAkuUq1_8FFa903aTGMCo3b1tYfEvvPn5tj8tHuxkywHJVhReT0rzuWxP0ZKXKSZ0OX0r9Jve_Pdo75MUZXZxIvXeSNpB1oPagLaxR3dJC3Tk_-XJ_sazRkrB3iJH3scpBB6F67c1KkGu3rLZK_Z3ceYU4b-b-zO0rWh6WQng631XJd4gum2xx54TYY6t_JMMhBRg8Gc_bItSUSxgAe7xVIaK-4KVWQsafvM8Lzt7kzyESy7D0fw11M6D5SkV4ambiVWaqjxheICMWmclaIHAJTGTQgp2dotu7seIPrthVxDay8L0hF2J7y7YMUZ4SN0XuE3JTehY1VLGRSxuDzd6mhlM7rdsCVuwMY48-2y6-J1fZrUIWsp2oAGot3XozxOiHD2MP1XbtnPBXfDmIq_V4TkY-DhaqRRnjcAR5nu4Baka4tJ7OIfTV0tDzUWPkVcp0DcSZqG5A_BLmnEF8Sz64lPy2BAPaitSOlbZFV5lW4b8z86ujvmzUyNraJ9zLa-DiYfIoPWN6dYQyHk5pVDfsa_wfmQKpt70ld1sexf_UCIGdxFbhJGITG1Hnw2P9-W Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://s6.dosya.tc/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers
POST H3	204	gen_204 pagead2.googlesyndication.com/pagead/ Frame 72B0	0 20 B	108ms 108ms	Ping image/gif	2a00:1450:4001:831::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=8101768236193&version=m202309260101&ct=76&x=1&cor=2672066130820731000 Requested by Host: pagead2.googlesyndication.com URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://googleads.g.doubleclick.net/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.5938.149 Safari/537.36 Response headers pragma no-cache date Sun, 08 Oct 2023 15:59:32 GMT x-content-type-options nosniff server cafe content-type image/gif p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT