fornoob.com Open in urlscan Pro
2606:4700:20::ac43:4913 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Submission: On June 14 via manual (June 14th 2022, 8:11:20 pm UTC) from US — Scanned from DE

Summary HTTP 908 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 79 IPs in 14 countries across 71 domains to perform 908 HTTP transactions. The main IP is 2606:4700:20::ac43:4913, located in United States and belongs to CLOUDFLARENET, US. The main domain is fornoob.com. The Cisco Umbrella rank of the primary domain is 661836.
TLS certificate: Issued by E1 on June 9th 2022. Valid for: 3 months.

This is the only time fornoob.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	2606:4700:20:... 2606:4700:20::ac43:4913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	37.59.253.100 37.59.253.100	16276 (OVH) (OVH)
19	217.182.102.207 217.182.102.207	16276 (OVH) (OVH)
7	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
27	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
10	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
9	2606:4700::68... 2606:4700::6812:1f31	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10 20	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
36	143.204.93.3 143.204.93.3	16509 (AMAZON-02) (AMAZON-02)
18	2606:4700:20:... 2606:4700:20::ac43:4bf1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	141.95.98.66 141.95.98.66	16276 (OVH) (OVH)
20	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
9 27	104.92.74.8 104.92.74.8	16625 (AKAMAI-AS) (AKAMAI-AS)
27	37.157.3.29 37.157.3.29	198622 (ADFORM) (ADFORM)
27	2606:4700:20:... 2606:4700:20::681a:9b2	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 25	51.75.86.98 51.75.86.98	16276 (OVH) (OVH)
9	147.75.85.234 147.75.85.234	54825 (PACKET) (PACKET)
9	3.122.214.173 3.122.214.173	16509 (AMAZON-02) (AMAZON-02)
11 40	37.252.173.27 37.252.173.27	29990 (ASN-APPNEX) (ASN-APPNEX)
9	2606:4700::68... 2606:4700::6812:372	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	185.86.139.96 185.86.139.96	201081 (SMARTADSE...) (SMARTADSERVER)
9	52.58.67.200 52.58.67.200	16509 (AMAZON-02) (AMAZON-02)
9	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
10	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	23.206.210.112 23.206.210.112	16625 (AKAMAI-AS) (AKAMAI-AS)
9	46.105.202.126 46.105.202.126	16276 (OVH) (OVH)
1 81	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
19	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
48	2a00:1450:400... 2a00:1450:4001:80f::2006	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
10	18.195.155.181 18.195.155.181	16509 (AMAZON-02) (AMAZON-02)
97	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
17 72	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4 8	23.35.236.247 23.35.236.247	16625 (AKAMAI-AS) (AKAMAI-AS)
2	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.92.106.130 104.92.106.130	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a02:26f0:b60... 2a02:26f0:b600:1af::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a00:1450:400... 2a00:1450:400e:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400e:801::200e	15169 (GOOGLE) (GOOGLE)
3 4	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
2 4	54.93.76.211 54.93.76.211	16509 (AMAZON-02) (AMAZON-02)
12	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1 2	34.249.219.119 34.249.219.119	16509 (AMAZON-02) (AMAZON-02)
5 5	18.156.0.31 18.156.0.31	16509 (AMAZON-02) (AMAZON-02)
2 4	23.35.229.117 23.35.229.117	16625 (AKAMAI-AS) (AKAMAI-AS)
4	2001:4860:480... 2001:4860:4802:32::3	15169 (GOOGLE) (GOOGLE)
2	142.250.102.157 142.250.102.157	15169 (GOOGLE) (GOOGLE)
2 2	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:65::a	15169 (GOOGLE) (GOOGLE)
2	34.149.12.213 34.149.12.213	15169 (GOOGLE) (GOOGLE)
3 3	52.29.123.29 52.29.123.29	16509 (AMAZON-02) (AMAZON-02)
2 2	103.229.205.243 103.229.205.243	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1 1	159.65.196.12 159.65.196.12	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
5	174.137.133.49 174.137.133.49	27257 (WEBAIR-IN...) (WEBAIR-INTERNET)
4 4	72.251.249.14 72.251.249.14	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	185.86.139.101 185.86.139.101	201081 (SMARTADSE...) (SMARTADSERVER)
2 4	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
4 4	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 1	139.162.78.222 139.162.78.222	63949 (LINODE-AP...) (LINODE-AP Linode)
1 1	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
2	2600:9000:223... 2600:9000:223f:a400:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2600:1f18:1ac... 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1 1	46.243.142.239 46.243.142.239	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	178.162.133.149 178.162.133.149	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
9	159.89.25.223 159.89.25.223	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
5 5	193.232.148.142 193.232.148.142	48061 (UMA-TECH-AS) (UMA-TECH-AS)
2 2	52.54.46.88 52.54.46.88	14618 (AMAZON-AES) (AMAZON-AES)
3 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
2 2	35.205.207.25 35.205.207.25	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	66.155.71.150 66.155.71.150	13768 (COGECO-PEER1) (COGECO-PEER1)
4 6	64.74.236.63 64.74.236.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	52.212.248.230 52.212.248.230	16509 (AMAZON-02) (AMAZON-02)
1 1	151.101.194.49 151.101.194.49	54113 (FASTLY) (FASTLY)
2 2	2a05:d018:d29... 2a05:d018:d29:3605:381e:fa43:f4d:caac	16509 (AMAZON-02) (AMAZON-02)
1 1	2600:9000:215... 2600:9000:2156:ba00:1b:5138:8a40:93a1	16509 (AMAZON-02) (AMAZON-02)
1 1	202.241.208.56 202.241.208.56	4694 (IDCF IDC ...) (IDCF IDC Frontier Inc.)
1	159.203.145.121 159.203.145.121	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
2 2	217.66.147.168 217.66.147.168	29209 (SPBMTS-AS...) (SPBMTS-AS Malaya Monetnaya Street 2-A)
1 1	213.87.44.187 213.87.44.187	13174 (MTSNET Mo...) (MTSNET Moscow)
18	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
9	151.101.65.108 151.101.65.108	54113 (FASTLY) (FASTLY)
9	104.17.119.107 104.17.119.107	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1370	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	54.64.206.14 54.64.206.14	16509 (AMAZON-02) (AMAZON-02)
908	79

6 2606:4700:20::ac43:4913 (United States)

ASN13335 (CLOUDFLARENET, US)

fornoob.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.59.253.100 (France)

ASN16276 (OVH, FR)
PTR: vh11.eris-h.of.pl

video.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 217.182.102.207 (France)

ASN16276 (OVH, FR)
PTR: vh11b.eris-w20.of.pl

cdn.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnt.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdnf.onnetwork.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:1f31 (United States)

ASN13335 (CLOUDFLARENET, US)

stpd.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638::1c (France) 10 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 143.204.93.3 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-93-3.fra50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)

script.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 141.95.98.66 (France)

ASN16276 (OVH, FR)
PTR: ns3216537.ip-141-95-98.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 104.92.74.8 (Frankfurt am Main, Germany) 9 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-74-8.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 37.157.3.29 (Denmark)

ASN198622 (ADFORM, DK)

adx.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2606:4700:20::681a:9b2 (United States)

ASN13335 (CLOUDFLARENET, US)

prebid-stag.setupad.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 51.75.86.98 (France) 4 redirects

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.122.214.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

40 37.252.173.27 (Frankfurt am Main, Germany) 11 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)

mp.4dex.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 185.86.139.96 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.58.67.200 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com

secure.cdn.fastclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 46.105.202.126 (France)

ASN16276 (OVH, FR)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

81 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel-eu.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

48 2a00:1450:4001:80f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s2.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com

cs.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

97 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

72 142.250.185.194 (United States) 17 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 23.35.236.247 (Frankfurt am Main, Germany) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.92.106.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-106-130.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:b600:1af::4469 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400e:810::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400e:801::200e (Ireland)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.125 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.93.76.211 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-76-211.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.249.219.119 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-219-119.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.156.0.31 (Frankfurt am Main, Germany) 5 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.35.229.117 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-229-117.deploy.static.akamaitechnologies.com

ads.stickyadstv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:32::3 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.102.157 (United States)

ASN15169 (GOOGLE, US)
PTR: rb-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:65::a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

r5---sn-4g5e6nz7.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtbc-eu3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.29.123.29 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-123-29.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 103.229.205.243 (Singapore) 2 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Sankt Georgen im Schwarzwald, Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.196.12 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 174.137.133.49 (United States)

ASN27257 (WEBAIR-INTERNET, US)

dsp.adkernel.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
rtb2-useast.e-volution.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 72.251.249.14 (Amsterdam, Netherlands) 4 redirects

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.101 (France)

ASN201081 (SMARTADSERVER, FR)

ssbsync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 169.50.137.184 (United States) 4 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 139.162.78.222 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1558-222.members.linode.com

a.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.160 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.129 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:a400:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.142.239 (Ukraine) 1 redirects

ASN208677 (SBERCLOUD-AS, RU)

google-sync.rutarget.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 159.89.25.223 (Frankfurt am Main, Germany)

ASN14061 (DIGITALOCEAN-ASN, US)

node.setupad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:21::14 (United States) 2 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.193.173 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.232.148.142 (Russian Federation) 5 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp3.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.54.46.88 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-54-46-88.compute-1.amazonaws.com

sync.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.205.207.25 (Brussels, Belgium) 2 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 25.207.205.35.bc.googleusercontent.com

ads.avads.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.155.71.150 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)

pixel-sync.sitescout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 64.74.236.63 (United States) 4 redirects

ASN22075 (AS-OUTBRAIN, US)
PTR: chi.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.248.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-248-230.eu-west-1.compute.amazonaws.com

ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.49 (United States) 1 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3605:381e:fa43:f4d:caac (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:ba00:1b:5138:8a40:93a1 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.ad.smaato.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 202.241.208.56 (Japan) 1 redirects

ASN4694 (IDCF IDC Frontier Inc., JP)

tg.socdm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.203.145.121 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

cs.chocolateplatform.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 217.66.147.168 (St Petersburg, Russian Federation) 2 redirects

ASN29209 (SPBMTS-AS Malaya Monetnaya Street 2-A, RU)
PTR: host-168-147-66-217.spbmts.ru

sm.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.87.44.187 (Russian Federation) 1 redirects

ASN13174 (MTSNET Moscow, Russia, RU)
PTR: infrastructure-187-44.mts.ru

tech.rtb.mts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 151.101.65.108 (United States)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 104.17.119.107 (None, )

ASN13335 (CLOUDFLARENET, US)

biddr.brealtime.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.64.206.14 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-206-14.ap-northeast-1.compute.amazonaws.com

cc.adingo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
204	googlesyndication.com 1 redirects bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 150 f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 115 ade.googlesyndication.com — Cisco Umbrella Rank: 262	1 MB
132	doubleclick.net 17 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213 pubads.g.doubleclick.net — Cisco Umbrella Rank: 458 googleads.g.doubleclick.net — Cisco Umbrella Rank: 55 cm.g.doubleclick.net — Cisco Umbrella Rank: 217 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 283 bid.g.doubleclick.net — Cisco Umbrella Rank: 477 ad.doubleclick.net — Cisco Umbrella Rank: 203	2 MB
54	2mdn.net 2 redirects s0.2mdn.net — Cisco Umbrella Rank: 265 gcdn.2mdn.net — Cisco Umbrella Rank: 896 r5---sn-4g5e6nz7.c.2mdn.net s2.2mdn.net — Cisco Umbrella Rank: 11186	2 MB
49	adnxs.com 11 redirects ib.adnxs.com — Cisco Umbrella Rank: 247 acdn.adnxs.com — Cisco Umbrella Rank: 603	190 KB
48	criteo.com 10 redirects gum.criteo.com — Cisco Umbrella Rank: 394 mug.criteo.com — Cisco Umbrella Rank: 2507 bidder.criteo.com — Cisco Umbrella Rank: 739	21 KB
37	rubiconproject.com 9 redirects secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1193 eus.rubiconproject.com — Cisco Umbrella Rank: 601 token.rubiconproject.com — Cisco Umbrella Rank: 762 pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2555	95 KB
36	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 323	387 KB
29	google.com adservice.google.com — Cisco Umbrella Rank: 92 www.google.com — Cisco Umbrella Rank: 9	7 KB
28	gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn2.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn0.gstatic.com csi.gstatic.com	323 KB
27	setupad.net prebid-stag.setupad.net — Cisco Umbrella Rank: 38844	10 KB
27	adform.net adx.adform.net — Cisco Umbrella Rank: 4033 cm.adform.net — Cisco Umbrella Rank: 1757	4 KB
27	4dex.io script.4dex.io — Cisco Umbrella Rank: 2430 mp.4dex.io — Cisco Umbrella Rank: 3434	209 KB
25	onetag-sys.com 4 redirects onetag-sys.com — Cisco Umbrella Rank: 813	5 KB
23	onnetwork.tv video.onnetwork.tv — Cisco Umbrella Rank: 45074 cdn.onnetwork.tv — Cisco Umbrella Rank: 45169 cdnt.onnetwork.tv — Cisco Umbrella Rank: 55645 cdnf.onnetwork.tv — Cisco Umbrella Rank: 232970	366 KB
20	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	656 KB
19	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 2469 cs.emxdgt.com — Cisco Umbrella Rank: 1011	1 KB
18	criteo.net static.criteo.net — Cisco Umbrella Rank: 605	506 KB
18	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 581 cdn.id5-sync.com — Cisco Umbrella Rank: 1574	110 KB
14	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 67 imasdk.googleapis.com — Cisco Umbrella Rank: 403	612 KB
10	smartadserver.com prg.smartadserver.com — Cisco Umbrella Rank: 1397 ssbsync.smartadserver.com — Cisco Umbrella Rank: 1292	5 KB
10	google.de adservice.google.de — Cisco Umbrella Rank: 7295	2 KB
9	brealtime.com biddr.brealtime.com — Cisco Umbrella Rank: 2930	10 KB
9	setupad.com node.setupad.com — Cisco Umbrella Rank: 39883	2 KB
9	adsafeprotected.com 1 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 791 static.adsafeprotected.com — Cisco Umbrella Rank: 532 dt.adsafeprotected.com — Cisco Umbrella Rank: 475	95 KB
9	fastclick.net secure.cdn.fastclick.net — Cisco Umbrella Rank: 1700	152 KB
9	sharethrough.com btlr.sharethrough.com — Cisco Umbrella Rank: 1304	991 B
9	a-mo.net prebid.a-mo.net — Cisco Umbrella Rank: 1259	3 KB
9	stpd.cloud stpd.cloud — Cisco Umbrella Rank: 41725	1 MB
8	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623	7 KB
7	yahoo.com 7 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 308 pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 512	3 KB
6	zemanta.com 4 redirects b1sync.zemanta.com — Cisco Umbrella Rank: 600	2 KB
6	fornoob.com fornoob.com — Cisco Umbrella Rank: 661836	102 KB
5	adhigh.net 5 redirects px.adhigh.net — Cisco Umbrella Rank: 10559	2 KB
4	simpli.fi 4 redirects um.simpli.fi — Cisco Umbrella Rank: 969	2 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 836 r.turn.com — Cisco Umbrella Rank: 3376	2 KB
4	lijit.com 4 redirects ap.lijit.com — Cisco Umbrella Rank: 683	3 KB
4	stickyadstv.com 2 redirects ads.stickyadstv.com — Cisco Umbrella Rank: 716	3 KB
4	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 520	1 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 530	2 KB
4	doubleverify.com cdn.doubleverify.com — Cisco Umbrella Rank: 441 rtb0.doubleverify.com — Cisco Umbrella Rank: 636 rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 14350	21 KB
4	openx.net us-u.openx.net — Cisco Umbrella Rank: 402 rtb.openx.net — Cisco Umbrella Rank: 1652	834 B
3	mts.ru 3 redirects sm.rtb.mts.ru — Cisco Umbrella Rank: 30374 tech.rtb.mts.ru — Cisco Umbrella Rank: 30942	2 KB
3	3lift.com 3 redirects eb2.3lift.com — Cisco Umbrella Rank: 417	1 KB
3	adkernel.com dsp.adkernel.com — Cisco Umbrella Rank: 5558	699 B
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1010	3 KB
2	avads.net 2 redirects ads.avads.net — Cisco Umbrella Rank: 22252	819 B
2	stackadapt.com 2 redirects sync.srv.stackadapt.com — Cisco Umbrella Rank: 944	1 KB
2	ctnsnet.com 2 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 38313	632 B
2	linkedin.com 2 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 370	1 KB
2	e-volution.ai rtb2-useast.e-volution.ai — Cisco Umbrella Rank: 6325	466 B
2	mathtag.com 2 redirects sync.mathtag.com — Cisco Umbrella Rank: 464	2 KB
2	teads.tv sync.teads.tv — Cisco Umbrella Rank: 1069	344 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	20 KB
1	adingo.jp cc.adingo.jp — Cisco Umbrella Rank: 3354	44 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 652	166 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3276	104 B
1	chocolateplatform.com cs.chocolateplatform.com — Cisco Umbrella Rank: 2087	68 B
1	socdm.com 1 redirects tg.socdm.com — Cisco Umbrella Rank: 1583	1 KB
1	smaato.net 1 redirects s.ad.smaato.net — Cisco Umbrella Rank: 769	442 B
1	everesttech.net 1 redirects sync-tm.everesttech.net — Cisco Umbrella Rank: 687	536 B
1	yieldmo.com ads.yieldmo.com — Cisco Umbrella Rank: 694	35 B
1	sitescout.com pixel-sync.sitescout.com — Cisco Umbrella Rank: 638	191 B
1	sonobi.com sync.go.sonobi.com — Cisco Umbrella Rank: 1109	478 B
1	rutarget.ru 1 redirects google-sync.rutarget.ru — Cisco Umbrella Rank: 175638	573 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 246	32 KB
1	rfihub.com 1 redirects a.rfihub.com — Cisco Umbrella Rank: 3359	1 KB
1	sniperlog.ru 1 redirects sync3.sniperlog.ru — Cisco Umbrella Rank: 44225	677 B
1	appier.net 1 redirects a.c.appier.net — Cisco Umbrella Rank: 19724	558 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2909	550 B
1	adition.com 1 redirects dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1725	584 B
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 444	93 KB
908	71

	Domain	Requested by
97	pagead2.googlesyndication.com	securepubads.g.doubleclick.net 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com googleads.g.doubleclick.net f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com fornoob.com tpc.googlesyndication.com s0.2mdn.net ad.doubleclick.net www.googletagservices.com
81	tpc.googlesyndication.com	1 redirects bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com securepubads.g.doubleclick.net f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com imasdk.googleapis.com s0.2mdn.net ad.doubleclick.net fornoob.com
72	cm.g.doubleclick.net	17 redirects googleads.g.doubleclick.net 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com fornoob.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
47	s0.2mdn.net	bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com imasdk.googleapis.com fornoob.com s0.2mdn.net 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
40	ib.adnxs.com	11 redirects stpd.cloud googleads.g.doubleclick.net acdn.adnxs.com
36	c.amazon-adsystem.com	fornoob.com c.amazon-adsystem.com
27	prebid-stag.setupad.net	stpd.cloud fornoob.com
27	securepubads.g.doubleclick.net	fornoob.com securepubads.g.doubleclick.net www.googletagservices.com bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
25	onetag-sys.com	4 redirects stpd.cloud 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com fornoob.com f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
20	www.googletagservices.com	fornoob.com bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com cdn.doubleverify.com www.googletagservices.com
20	gum.criteo.com	10 redirects static.criteo.net
19	www.google.com	bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com tpc.googlesyndication.com
19	mug.criteo.com	fornoob.com
18	static.criteo.net	stpd.cloud static.criteo.net
18	adx.adform.net	stpd.cloud
18	eus.rubiconproject.com	fornoob.com eus.rubiconproject.com
18	script.4dex.io	stpd.cloud script.4dex.io
13	googleads.g.doubleclick.net	bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com fornoob.com f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
12	googleads4.g.doubleclick.net	fornoob.com ad.doubleclick.net
12	cdn.onnetwork.tv	video.onnetwork.tv fornoob.com
10	cs.emxdgt.com	stpd.cloud 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
10	www.gstatic.com	video.onnetwork.tv bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com www.gstatic.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
10	adservice.google.com	securepubads.g.doubleclick.net
10	adservice.google.de	securepubads.g.doubleclick.net
9	biddr.brealtime.com	stpd.cloud
9	acdn.adnxs.com	stpd.cloud
9	node.setupad.com	fornoob.com
9	token.rubiconproject.com	eus.rubiconproject.com
9	cdn.id5-sync.com	fornoob.com
9	secure.cdn.fastclick.net	fornoob.com
9	cm.adform.net	fornoob.com stpd.cloud
9	bidder.criteo.com	stpd.cloud
9	hb.emxdgt.com	stpd.cloud
9	prg.smartadserver.com	stpd.cloud
9	mp.4dex.io	stpd.cloud
9	btlr.sharethrough.com	stpd.cloud
9	prebid.a-mo.net	stpd.cloud
9	secure-assets.rubiconproject.com	9 redirects
9	id5-sync.com	stpd.cloud
9	stpd.cloud	fornoob.com
8	dsum-sec.casalemedia.com	4 redirects googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com cdn.onnetwork.tv
7	imasdk.googleapis.com	video.onnetwork.tv imasdk.googleapis.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
7	fonts.googleapis.com	video.onnetwork.tv bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
6	b1sync.zemanta.com	4 redirects fornoob.com
6	cdnt.onnetwork.tv	video.onnetwork.tv fornoob.com
6	fornoob.com	fornoob.com
5	ade.googlesyndication.com
5	px.adhigh.net	5 redirects
5	dt.adsafeprotected.com	f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com fornoob.com
5	ups.analytics.yahoo.com	5 redirects
5	pubads.g.doubleclick.net	fornoob.com
4	um.simpli.fi	4 redirects
4	ap.lijit.com	4 redirects
4	r5---sn-4g5e6nz7.c.2mdn.net	8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
4	csi.gstatic.com	imasdk.googleapis.com
4	ads.stickyadstv.com	2 redirects googleads.g.doubleclick.net
4	pixel.advertising.com	2 redirects googleads.g.doubleclick.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	video.onnetwork.tv	fornoob.com video.onnetwork.tv
3	eb2.3lift.com	3 redirects
3	dsp.adkernel.com	8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
3	pm.w55c.net	3 redirects
3	encrypted-tbn2.gstatic.com	ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
3	bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	sm.rtb.mts.ru	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	ads.avads.net	2 redirects
2	sync.srv.stackadapt.com	2 redirects
2	gcm.ctnsnet.com	2 redirects
2	px.ads.linkedin.com	2 redirects
2	rtb2-useast.e-volution.ai	ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
2	rtb.openx.net	ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
2	static.adsafeprotected.com	f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
2	r.turn.com	2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com fornoob.com
2	ad.turn.com	2 redirects
2	sync.mathtag.com	2 redirects
2	gcdn.2mdn.net	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	fw.adsafeprotected.com	1 redirects fornoob.com
2	encrypted-tbn1.gstatic.com	ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
2	cdn.doubleverify.com	22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com cdn.doubleverify.com
2	sync.teads.tv	googleads.g.doubleclick.net
2	us-u.openx.net	googleads.g.doubleclick.net
2	ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.google-analytics.com	fornoob.com www.google-analytics.com
1	cc.adingo.jp	a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
1	image6.pubmatic.com	22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
1	dclk-match.dotomi.com	22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
1	s2.2mdn.net	22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
1	ad.doubleclick.net	www.googletagservices.com
1	tech.rtb.mts.ru	1 redirects
1	cs.chocolateplatform.com	0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
1	tg.socdm.com	1 redirects
1	s.ad.smaato.net	1 redirects
1	sync-tm.everesttech.net	1 redirects
1	ads.yieldmo.com	f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
1	pixel-sync.sitescout.com	f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
1	rtbc-eu3.doubleverify.com	cdn.doubleverify.com
1	sync.go.sonobi.com	ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
1	google-sync.rutarget.ru	1 redirects
1	cdnjs.cloudflare.com	s0.2mdn.net
1	a.rfihub.com	1 redirects
1	sync3.sniperlog.ru	1 redirects
1	a.c.appier.net	1 redirects
1	ssbsync.smartadserver.com	8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
1	match.adsby.bidtheatre.com	1 redirects
1	dsp.adfarm1.adition.com	1 redirects
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	encrypted-tbn0.gstatic.com	ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
1	pixel-eu.rubiconproject.com	eus.rubiconproject.com
1	cdn.jsdelivr.net	video.onnetwork.tv
1	cdnf.onnetwork.tv	client
908	121

This site contains links to these domains. Also see Links.

Domain
br.fornoob.com
tw.fornoob.com
jp.fornoob.com
fr.fornoob.com
de.fornoob.com
www.facebook.com
www.pinterest.com
twitter.com

Subject Issuer	Validity	Valid
*.fornoob.com E1	`2022-06-09` - `2022-09-07`	3 months	crt.sh
onnetwork.tv R3	`2022-04-04` - `2022-07-03`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.stpd.cloud E1	`2022-05-04` - `2022-08-02`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-07`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-07` - `2023-06-06`	a year	crt.sh
*.id5-sync.com R3	`2022-05-31` - `2022-08-29`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-17` - `2023-04-04`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2021-09-06` - `2022-10-07`	a year	crt.sh
*.onetag-sys.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-10` - `2023-01-03`	a year	crt.sh
*.a-mo.net R3	`2022-05-05` - `2022-08-03`	3 months	crt.sh
*.sharethrough.com Amazon	`2021-08-13` - `2022-09-11`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-01-25` - `2023-01-25`	a year	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
secure.cdn.fastclick.net DigiCert SHA2 Secure Server CA	`2022-01-15` - `2023-01-17`	a year	crt.sh
cdn.id5-sync.com R3	`2022-04-13` - `2022-07-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-30` - `2022-08-22`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-25` - `2022-08-17`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
teads.tv R3	`2022-06-01` - `2022-08-30`	3 months	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-12-23` - `2022-12-23`	a year	crt.sh
fw.adsafeprotected.com Amazon	`2022-04-28` - `2023-05-27`	a year	crt.sh
*.adkernel.com AlphaSSL CA - SHA256 - G2	`2021-12-30` - `2023-01-31`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-09-05` - `2022-10-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2022-04-10` - `2023-05-08`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2021-12-08` - `2023-01-09`	a year	crt.sh
*.e-volution.ai Sectigo RSA Domain Validation Secure Server CA	`2021-09-13` - `2022-10-14`	a year	crt.sh
node.setupad.com R3	`2022-05-01` - `2022-07-30`	3 months	crt.sh
*.sitescout.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2021-12-15` - `2023-01-15`	a year	crt.sh
*.yieldmo.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
cs.chocolateplatform.com ZeroSSL RSA Domain Secure Site CA	`2022-03-31` - `2022-06-29`	3 months	crt.sh
*.c.docs.google.com GTS CA 1C3	`2022-06-07` - `2022-08-16`	2 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
cdn.adnxs.com GeoTrust TLS RSA CA G1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.brealtime.com Go Daddy Secure Certificate Authority - G2	`2022-01-21` - `2023-02-22`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2021-08-10` - `2022-09-11`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2021-08-04` - `2022-09-04`	a year	crt.sh
*.adingo.jp DigiCert TLS RSA SHA256 2020 CA1	`2022-04-06` - `2023-04-14`	a year	crt.sh

This page contains 134 frames:

Primary Page: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Frame ID: 834B0D4310BE31656F947643B7B6C269
Requests: 26 HTTP requests in this frame

Frame: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538
Frame ID: C4268FA8D19E4ABFF0D6B554DF1BE1C8
Requests: 10 HTTP requests in this frame

Frame: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 9FC3A2CB84553D9431CCC918959252AB
Requests: 1 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 9F91A02C0792977CC6C7ADC11E39208C
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 19E8C81B365DA6B09F6FEE7FCAD7C636
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: EB9FD13BE433AAFF41420B9535A101DF
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: E6F02216A822B14F068FF42EC9FEA74A
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: C7AA1702076FD76F0F31684E0BD6A10B
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 06DDBBFE402E1201FB76DE750C19E6A0
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 3D0E95B7B0EA9A99BFF22C217BAC3858
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 5125FFBE99AD0F56FB2FA9500941EBFE
Requests: 35 HTTP requests in this frame

Frame: https://stpd.cloud/assets/postbid/stpd220112.js
Frame ID: 35527240261BB033FBD99857F255E998
Requests: 35 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: D2C30E448ED08B2050C8EF7E91530181
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 0431DC01DA1E793F5061807914439DBB
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 49C684ADE9CB3BB0932B651F63273FF6
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: BAA4BD75BCAE8E3972CF0AD941115049
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 533902F34722FA1BC499405D39423B59
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: F620421B01FB2814DBCAB45AB720DFCF
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 7F875BB787E019D90EB18E8525941E57
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: FF5C5C561B4C6C45FB7C1D9F664C6C11
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Frame ID: 15A7092D3DC3884BCDBC2D03AAFDDD4A
Requests: 3 HTTP requests in this frame

Frame: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: FA90E9235E69A41D83A009C5E36F5691
Requests: 16 HTTP requests in this frame

Frame: https://cdn.onnetwork.tv/css/roboto.css
Frame ID: 96AAB035A676539B12ADD619D9A79911
Requests: 20 HTTP requests in this frame

Frame: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F6C721FD941CC6861F0C2298B948DDCB
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_lv.html
Frame ID: E4D15F121B946CAD38C86742960BF05C
Requests: 1 HTTP requests in this frame

Frame: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 409229E71719D3F92DBDFE51C481E160
Requests: 1 HTTP requests in this frame

Frame: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: B0108BCDA06C2A4566C5F7D0AB20B0A5
Requests: 1 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: EA5671BC6E6B3A6C36E5B779A258BB52
Requests: 8 HTTP requests in this frame

Frame: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 974BD8351D9637C4850CAF0F7707B2F1
Requests: 1 HTTP requests in this frame

Frame: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 34AF0A2DE3FAE81FB97466A7D79F2CA3
Requests: 1 HTTP requests in this frame

Frame: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: E06608192EBA71C5AB09E3262AF1A796
Requests: 1 HTTP requests in this frame

Frame: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 49D02E2CB9D4F23F5BE556AC721D2890
Requests: 1 HTTP requests in this frame

Frame: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 6A7D455F7EBF737964F0C5E46884129C
Requests: 1 HTTP requests in this frame

Frame: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 54E7D91EEF68606A725DB163676D0F0B
Requests: 1 HTTP requests in this frame

Frame: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 18054BBE16B63A7D1F10C6A7A32AC351
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: CC7213523B5D23C6E3D676F219C42324
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 92598035223DCC08119EDB0261D2DEFC
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 51DFBCF8FD89DD45945D9FD5D7C8A39D
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 04BD66F2767431E327B2ADFED8A8F4F5
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: EE5649B76C7A6C6550A1A2D11B15EAE5
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 074FE85C31AB75691706C045691C5590
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: A6271F0968D32D3F9B69CF4C07D6AA46
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: E5973354094FF8594B2129E10C45ACFC
Requests: 1 HTTP requests in this frame

Frame: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Frame ID: 41C38A2F048FB939ED14BAA3B33CFB35
Requests: 1 HTTP requests in this frame

Frame: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: A2B11BBC11CF8CBB4F6E03835CAB4339
Requests: 16 HTTP requests in this frame

Frame: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: C7AD357C327B24AE8BE9CA0EF6AF9FD2
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVyGJm3pIqbZZd7WBWyo5WcpYFAk65S8XI-uEln4iRvhr8DZmAnjcO83d17y-tK32CJDkZB6RqG5Poc3uvmzI53GDEj2l6wbOoHZ9mbkBRcwqaXgcxHOj1GAuyXGMo-xRnXWN0oL7T2htMGl3JmXsHyWZ8mBQ-eWTtIjjQu_9XWv6sFoE9E8hqF18RUDKEcTwIBmc34Cr50rPGQtZKZHGMj2dmAgQ
Frame ID: 4D95B2FBFB31DF6B29B7C217DF6A0D94
Requests: 5 HTTP requests in this frame

Frame: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 63D4D0BE1AF6478440C3404EAF8CCF45
Requests: 16 HTTP requests in this frame

Frame: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: 99280E7E90D14669ACE1D3CC06CE1A86
Requests: 18 HTTP requests in this frame

Frame: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: A70C53D33E5A108FC826B7A74D012369
Requests: 22 HTTP requests in this frame

Frame: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: AB93DD229E5DDAFF899D02F7DE4510A0
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNXLko_SADZGoRBtSkKak9xtv_ocV8dz758-Ld3TaQvv2V7adRZ4va59gJyskBct-V1-zZGuXqj9LzBgUPqxYMOk1aMDdPCpCF8-L_57oKYGd7cW9iUjpQceTivreS6Aqk9jCgiog5CymaacM0MP4yKs93lcKoTv-ncTujsTX0xihDspnmLHAwY_7g4cz_QJLllm5fonJ94w1OXo8XGuAtWlThj8xw
Frame ID: 4AC4351B0AE62C5120D0B3C2EDACD6E0
Requests: 5 HTTP requests in this frame

Frame: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: B9AF2178E1314E198B9041849627942F
Requests: 16 HTTP requests in this frame

Frame: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 09CC15CB83B3D4FA5099AFA05E7FF008
Requests: 23 HTTP requests in this frame

Frame: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Frame ID: EEBF4506D2F5C6EA274ABDE24658F2CB
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY99LAywEwAQ&v=APEucNURXgxerERHYf67La9ZD2n14678z1RzRX6EbzeysgmVZzZsoXa2k2ptoreyv-dKGxsE0ejzyWjpTMu7UdhofyRc3CZUshE2l0ZCpxxPA_OosSl4UXD3FckHiYvdzrvMTNDuNgVl2jmI5PRMuHOQ0WjkdkRC3G9e_1Hcxkp-2m5uNW4SCWc77pZQzJ1LjFdl1DH7yCru75CvpC0fhaJIF2Z2zIa72Q
Frame ID: 08D79CE199249272A2B10662B64CC7DB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6NqpuwEwAQ&v=APEucNXmGDQugHTl0aObGWmAdF9lIbbsc485tR3T9KIOgTSggf__mHIfAMcDsf8qBifretxwBmEedk6yuEQqOHmwRyF44kcm-dPn0_qaja7V-IP5HtR4d1jgddRkn8E2oBza_ElbtMy2xveoEqpJo-gTeufp5Ji_SFyKRWmsFw3Y-WjMkkbTQCMOZG8jcy4hNoqkQ5VUlijLGg1jreU2Gm2Dx7ZzWWLRgg
Frame ID: 1608AE3FDB02809F9B5CA06030A17579
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVMYhNz2589ktgGSXPdDG1y2aW93s-KeFKyVjo1kls1Z2Gjm9JkkCmCndIABU8c0HLu3L-C1WiBOUPcY6yXh4b8ZMVi111ULkFBpsawn9czTxIHfUKBHU45xPF1qTQFNMe-zU5DNIQOftwKnDBTpYSy75MLEkvGdBNtGIKSwoiYESwupxeIhoOdir2jd5DwUakhzltMswsWeurkFJPxMZrO0uR_5w
Frame ID: CA0CB6ABF32FD74165165E8BC65F3BFE
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGKmVr8wBMAE&v=APEucNUaWL7Q5j6Q0mlIBua8ou7fUcU0LvwiGjLQpX3jYXOtR7j2uzTTPiBGybEwrkalSjSAAgjW3mIZpKy0QAzxgiIgtRFO3bKn31hcjXrV1Cc95UCkS6kT2K_nJ4cMxcbrowkQwJQ5qAeQsRJvgvNHXN-HwssVIAJOrjknrbnBrmHDCaQV1fCjxHudO75-8FIpg-Ch-unjtkTtGeXzQ2y_qegJhnanJQ
Frame ID: 9CE6626B55E76BD3F210F74E861EB323
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/20862571333860544/index.html
Frame ID: 88CE12508AC785F1265365F088FCE10E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EAEDB02CFA4E08ABCE4EF566F3676923
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7F0AE96EE6F52756364E8FA68FD3E3CF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FDD002A05EF59813604073150E905AC6
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2F89A2994ED539D1BE5CAA05CCDC24A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4CDFC79CE56577DF6C99903C7D1EB0B8
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F93D08879D7CE7DF6468B5BC49FC46F5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3111E7741D55221A77A62E5A4B321278
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8BDA1A5274CA72F4E5E044D8A46B65E7
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/20862571333860544/index.html
Frame ID: 44CA79B1559B68C4C44BCBD71AD13E57
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4D74DFA4ADBFD5C95FB2207E52093D89
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24FA8DD1C0FD625628A7A9520FAFE870
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: A60E05A689B6D5B39FA96D3ADB55A12F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9EB2F998A8306377D8EFB6C3B5E78C9E
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2DD910FA114B145E05E0496F9404E418
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E0CEF83E23CDA1DE679E5A08E9AB5E05
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 52C750326A80F9C9612C9C4D36722B58
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0E01087E82B9434895A279566C8C7328
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 46C2A5F4D973F98F0FF49167BB39D4B4
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EB1534249A268F7F9E184CF444519A60
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 877030FD7CB26E708C1DC02B554F351A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4590DAC076B1421D9DA01BEE18508BA3
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
Frame ID: A446C670DD3036E00385E14DD4962E90
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: F62A62A766E4E9C462358CBB97FCDCF0
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27320F251E7499CA8A537E613CF941BF
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2CE7AF593E47E783DDBC73CD86FB99A8
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 0BEDC571D28F2E9986E3E1DCEA430D24
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 20FFC3E4376244170E8716CAD02E076E
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 42B9559CCCD749257BEFE3D6A3ED1F36
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
Frame ID: 5D4A7829385C75B89778C96C32228592
Requests: 23 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.12.js
Frame ID: 105BE13E2AA33F668F5099953323C532
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: AD013E86D03E574478AEEE5AC671AD1F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 81B70E662EEFDB23A3B5DEEB0F2539D1
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B658A89C1E42D33A01B63EB9D4CA9DA5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 626702E5F55B26CB2A80CBCFBB7469C0
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B8BD9B6C8BC4A56930742EE86E893769
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8CC0086B0EEAE9EA77B86985EDC6B620
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js
Frame ID: 73183137D967423A4D3FEDDB013E1DB7
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: A7B97C35F298EEED9A8D5DA73A9C844B
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464670
Frame ID: 0789ADBC1F2EB10CAA1E782C9AB35E14
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 8049B717086E817BD4E7388808B6664B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464700
Frame ID: FCBB3428E210CD472B87AF1751CD0F1F
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 1BD85C2ECC993E30C65FF1D1DAE6F28F
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 89F07B6C0306E308B281442E28F2929A
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 791C9C01614DBEAAFCC60793EF616872
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464676
Frame ID: 396B1D47FD925E5965412E2D1529CF1A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 18C140212C012816377C967B8D0CC842
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 2E0C9AACA807ED50BBE9A81234E99146
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 73EF7800C3F6B3B2060CA2A38819EDD3
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464744
Frame ID: F4CB45C6E1F8AE3B709F51D6EA9BF9B4
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464730
Frame ID: 2606D9F6379851F6ABC0B270C6FCBA2E
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 3F81A5D29951AB82963DFA0ADFB6CBE3
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 1547A8F332FD064FA7C5A90577195157
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: C35472E426AE84A02CA52173550DB675
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464826
Frame ID: 2BDDACBE8EB5F6C0A5F0822ADD341387
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 3FCED0242340DD474217E0D858D8CD7A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 77270CA22E5FBBA140FCAA067F69882E
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464679
Frame ID: 08829DEDAC2E9DDD708B13A24090BFD0
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 3C1BE18B1C76D211405A9A5ED77DF16A
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: FD70883DFF85F59660BCF4231E4A7D00
Requests: 3 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: E691489F773107EDD3C8C5FC4F7DD26B
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464740
Frame ID: E41EE5EF204107AE5327BD9D4B46ADAA
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3086AE775EDC43D2C8015BABF005C2C7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js
Frame ID: 087DF7C75F2028D611527EF839D546D2
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js
Frame ID: 819DFA47E194F949B773A9DAA2ABF296
Requests: 1 HTTP requests in this frame

Frame: https://biddr.brealtime.com/check.html
Frame ID: 4FD7C52037A91998AA4A9B2A7661589E
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1655237464733
Frame ID: D2E3B7351BF51333CB7DF26743983278
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B94172849205284C8E31F7CD8D172FD8
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6E0C421BAE6F4230BE9EFFCF3A4F085E
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/2733685237513348699/index.html
Frame ID: E13BFE19E84325EC1D91F4AFBC31118F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 3BDC7CEBFECD03CD84F58759E1718B2E
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 27550C6D6B56551E4C152A249CDF6DAC
Requests: 3 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fornoob.com
Frame ID: E4F0E9C7F4AE19E7D2CEBF5A9E15ABCD
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 24B402807913FE37F1AE257675EFCACA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1312D1DE7EE71EDB8E6578AE7D1B950A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

What does Win32 : cabinet Self extractor mean? - ForNoob

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

908
Requests

90 %
HTTPS

35 %
IPv6

71
Domains

121
Subdomains

79
IPs

14
Countries

9746 kB
Transfer

28358 kB
Size

59
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: https://br.fornoob.com/
Title: ForNoob Brazil

Search URL Search Domain Scan URL

URL: https://tw.fornoob.com/
Title: ForNoob Taiwan

Search URL Search Domain Scan URL

URL: https://jp.fornoob.com/
Title: ForNoob Japan

Search URL Search Domain Scan URL

URL: https://fr.fornoob.com/
Title: Fornoob France

Search URL Search Domain Scan URL

URL: https://de.fornoob.com/
Title: ForNoob Germany

Search URL Search Domain Scan URL

URL: https://www.facebook.com/fornoobdotcom/

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/fornoobdotcom/

Search URL Search Domain Scan URL

URL: https://twitter.com/fornoobdotcom

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=TIduqXw0cjVaQW1mWThDc3BaQkU4REdkVFpjelo4RVp1dkpYOTM5NS9Kazk1cDFRbzBOMWlBcEtuZHdrcG5ySzEzQnlDeTUzSkVvYlJiNW4wOFVwZzRkbVhwMEphdWtqN01VaGc3VUFJSU5DWkNzREZJVmd2TzJianNqOWhlbEFyeU1WODJISXM3RGw2bXhOMnZhUktYMHoxeWtYMTllWHdKY0FjWHdYaTlyNUw0dldoMlhSYjgxajNDbllmTTh6NElNbi9NeUswRjFpOVR3eHBuMERqWUN2dWtRWXdTSGxoTkpheVdzdHZtdnpmb3pRPXw&cppv=2

Request Chain 46

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 50

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Jbrb63wrMjJsdVpLakFvOFRWbFBlYThyQkxyOFFSNVhsYlRtTDc5bzlTSkJSN2tSeEtZZkhkeFMyVmU5bzhsVnFXSCtFOXhlcVJ5cy8rTXRtMVRzSWxDY0hLVGZBYkEySmN2TjdrSnh3bmhVNVpTVWREQytTeXJVQWs3REJHaXRJa0EwdlZPUG5IM1JNK29XZkp5Nkd5bFByT2RaUVFZZEh4WklBU0RrQzFoS1I2RVI2cjhwUXo5cGFqb1cvMnIrbEpWREtQeVZYZ3VHZ25RVm1lb1dHUHltaml6dGQwVUhONjRrRkZlNHlLaHdRT0QwPXw&cppv=2

Request Chain 53

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 57

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=R3igBXxEVVRDWStCYktPN2RjWHhDVUJJSVRKUWhrSVo5TnpxMDg0SWJNMWRIRll3bDhpWjByNkdFTStBaDhhekJjalNPOHloaWUvL0Z6bDRDYmhaK01hQzBreVlEMWU1ekc3Y3JVTlo2NUpLV3h0KzBsWnRNQ1BxZmc0Z0tKaXFVNlNuNEpCNnRJdlEvU2dsenhZYTJtOFdUOWpza0k4TGxiUCtsd0FTaXptUTN2MzBRQ2E2cTk4Q1RocE85M0oxcUtLd2IyNzlha0ZlWWZicnZ0K2FwWmxhQ0VmY0E0c2Z0aFZXZEZhZ1hnWXRzUmFBPXw&cppv=2

Request Chain 60

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 64

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=MLCr0XxldGp3OHNLR0l1eXp4SVZYMStVR1Y2VXBTOVRNSFI0Vm53ZTU2MWEvZ3crSUFOa01MKzN5UFZFVXJ4cGs5am5XNDI0UGp1TFJlYnF0WUd5bmJTb3RYWlA1enJwSDZTSDhWUkpmbFlqR3ludFNGZ0Z1MUdCaTFnWEFoZW0rdDZ1dlZvYnNRZmUvRnp6UVBkZFoyZ01VVHBvOVA5QlhQVEFrODJjNS9CU2ViSW81dnJkRE5wWVo3d2NYRkpieWJ4WGNaK29BL0xBSTNkdkxqUzNoOXIxYVM4cW4zOFAvVXA4YUtzaEdhUUg2S084PXw&cppv=2

Request Chain 67

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 71

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=IGXm4HxPQmlrbGhQa3JWVzZER0NlV2htdnpuTmJHZHFBb0ZZbm5ab0RFNThlZGZnam9LdC96cStrNm1mQlpITnV2OEF4elVGTGhLK2RqeVRUMlZPNGFjbUtEV2hPVUVLYXY0a0d5NUtZUXNTUlNyZEJ0L290STlLWEtwSEhkNWNBcTNTaUpwZHdGSFBxbHRrejRjdGl1REJocEcrUzkySWdRbXN4UmhCb3RJN2REQjRCVnpwYkhVZ0VjQ3lCRkJhb3RGZ21vZEpXYlZyWjNqUFVHMU1hTnhaZzIzUCsyUEZLY3JGdzBHczRuQUdDc2o4PXw&cppv=2

Request Chain 74

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 78

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=iwkyLHx1bGIza1phVUhOeVVWZTduQVNpaDU4bUNQell5aWRiSFVHQ0dSQWJ3MEd6eW1EYXd5S3hOSHRvSzlCWUtXbklzVVE1aDljRnBINy9EY2xQUndsOEpqQ2Vadk9ndTVBLzh6VlJNRGFlU1ZvaVVVbzJySitqalBhdnRRYWF1Mng3NnllWUtRR1lKQlhPYlA5QlR3VDZKZkd2VFArQTNkc2FGd2Flb3ZzeTVTSlgyOFZDa1hlUEtYZTN5WHNTbEROWG4vR1hHemNpNGJ6MkhoaGlVQ1drSGsxTExabFBDM2tFVnZPUWtqRzFja3dVPXw&cppv=2

Request Chain 81

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 85

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=k_Cpi3xKMHo4TmRGV1VkYmVkYXU2QWF2ZUo2aGNFKzh1ZFhmb3MyMGl5VkZhbjBzNHBPN21LY2ZjV0ZqNkIvRExEbW5WeU5OdnM5Z2dzR2wwNElRaEsxb3AyZVNjWGtkY05Za296cEJ5VWZyejFacEY2VzJYQXhSRnoxc2JNWmxvUHorVW8vOU9JQXUyM09jMVNuVllvL3RKRmJ6ODlNekpUWk5sS2xuTk9KVmFCUW1rOGVFbVp2L3QrOWU3TE93bStHOTBpL1ppZ3g3L0pKL2p6M2toUG9JQ1NKOFBmTWk1b0RlZGc5V3M5RU9YWUc0PXw&cppv=2

Request Chain 88

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 92

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=jwZyG3xHbGhwSm9Ob0phWk1yUlB2MGs3RXZNWEhTNE9sbHNLdXlPUFY0WWNBTE9pOXpYSmo5Tzl0bW1LcWpCNTVKNExqNTRmb0VOMFNIYVZGdUYvTlc5T3lIckNBbDU5b1NURVpmamQwanZrYWZuSmRYNWVPcm1JN3ZNUm85NWl1bUlYZWdaamtzNWxrZnVTU2ZxN1U2RjYxcnFnaFkvaEd0ZTFHM0d2UUZKczVOaU1wajZMRUpqZVlpOElTMXYvS0lhVlF6TXdFVmEvaVVCbXo1WFd6bFVzQjFreWtxaEo2cmVCUEVIMk93amxmUURzPXw&cppv=2

Request Chain 95

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 100

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dUb6K3xjY3FOa1ZZWlJheTF1d3o3RkJTZ1pVUHZCV0tkeTA4dm9iTzNzSVAwZlRueHpyb0xvdlZ1TkM5RG56clJ2V05IalNWaEw0V2ZsdUsraEU0ZGFmZFVta09jYnZiT0w4MitnbmpaSzZZTHdlbVJUV1BxTzRnQzE3UWtIWWFkbTJtWUd3VW44YUwzR0hJZGxDODVHVnk0SEdLWG44dVNZZ1FMaE1tdHJnNEZkMWRCakF6MHRDbnFuMGRvdFlHc3ZtUk1yN2I0SDVhLzBzSUc5OUJEdThJWjNGT3NHSFU5WjNPRElLTGJpdVFOdHhvPXw&cppv=2

Request Chain 104

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

Request Chain 331

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 332

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 333

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 334

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 335

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 336

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 337

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 340

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 341

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

Request Chain 456

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1

Request Chain 457

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqjrWuBsPP2TJxA5v.X9oQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2

Request Chain 458

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1

Request Chain 459

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D

Request Chain 477

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1

Request Chain 478

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqjrWuBsPP2TJxA5v.X9oQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2

Request Chain 479

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1

Request Chain 480

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D

Request Chain 501

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyU-iYETGRhS-vgU4Zl4bE&google_cver=1

Request Chain 503

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEFSGYydeIehabLuYr0VVrxo&google_cver=1

Request Chain 533

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl- HTTP 301
https://tpc.googlesyndication.com/simgad/1855790038366648222

Request Chain 534

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBntacHEv6fNsFjpANpt7JM&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBntacHEv6fNsFjpANpt7JM&google_cver=1&__user_check__=1&sync_id=1fa146bf-ec1e-11ec-a474-132476d60406

Request Chain 535

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=1fa15374-ec1e-11ec-9287-1860f0710106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWZhMTQ2ODMtZWMxZS0xMWVjLWE0NzQtMTMyNDc2ZDYwNDA2

Request Chain 536

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEGAFYCtxVFHUTa7L_rzhHpQ&_origin=1&google_cver=1 HTTP 302
https://pixel.advertising.com/ups/55946/sync?uid=CAESEGAFYCtxVFHUTa7L_rzhHpQ&_origin=1&google_cver=1&verify=true

Request Chain 537

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true HTTP 302
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

Request Chain 544

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B

Request Chain 545

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1

Request Chain 546

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OGQ5ZDRhMTc2Y2M4MjZkZjk3YzU4ZjI1YTc1NjdhZg==&gdpr=0&gdpr_consent=

Request Chain 547

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B

Request Chain 548

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm HTTP 302
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1

Request Chain 549

https://ads.stickyadstv.com/user-matching?id=11 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2ZjY2JiMjJiODUxZjNiYWQ3OTNjYWI4ZjFmMGE5MQ==&gdpr=0&gdpr_consent=

Request Chain 595

https://gcdn.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/7EB21907173BDC49F710D83C9618A8B803DC50DF.942ACFEFF2856EF024A6628949F129DA3EB6AD83/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01A5A7314ED4D1130713AADF133FC359DB1B59C5.47059C4CD51B83A99F48DB0DF6656E4B706611C1/key/cms1/cms_redirect/yes/mh/N7/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1655236645/mv/u/mvi/5/pl/29/file/file.mp4

Request Chain 598

https://gcdn.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/B2974D78452367758A8BD1F6BD96463E23315C6B.6F6BA980C360AC52F8A3747FBC0D044194A2B985/key/ck2/file/file.mp4 HTTP 302
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/41E68D1F49028FDB7C8F4E7B76B09DFC9C163FD8.6D95C4EACBA8FC17DEA0B9060DB6EDC580981F76/key/cms1/cms_redirect/yes/mh/N7/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1655236645/mv/u/mvi/5/pl/29/file/file.mp4

Request Chain 615

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GA_rZoFCU6p2PfO1sAvQKZonQwTpkTHv2ISU8nOdz5j5uapFNPa6q36JSQn8IyXEX6PF55ZvhKZSCOENgU4JoGbumDxgl3X HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GA_rZoFCU6p2PfO1sAvQKZonQwTpkTHv2ISU8nOdz5j5uapFNPa6q36JSQn8IyXEX6PF55ZvhKZSCOENgU4JoGbumDxgl3X HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GA_rZoFCU6p2PfO1sAvQKZonQwTpkTHv2ISU8nOdz5j5uapFNPa6q36JSQn8IyXEX6PF55ZvhKZSCOENgU4JoGbumDxgl3X

Request Chain 616

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKSHYSBi7vtDjx8s6ZdxMXI&google_cver=1&google_push=ARnp8GCi47DCS2QK0dGw8edwIEYE7echAWy1MkcvfQzzO77l-D_eQy-p_ZUmZ1HEHVhf4aA31nCUz_UW7KR6kFfDt76moq5wH5o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi47DCS2QK0dGw8edwIEYE7echAWy1MkcvfQzzO77l-D_eQy-p_ZUmZ1HEHVhf4aA31nCUz_UW7KR6kFfDt76moq5wH5o

Request Chain 617

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMzg2g6BuWdfjgpGUPUDor8&google_cver=1&google_push=ARnp8GBDXsVGTRKUg7f9mBjcIVIZG7fysog4jAG2TtAfBzHEqIjEvFyI856oZyjJTtbODO8Y5Scl9oypTuRBEmzEQY--D8JwCPS2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwOTE5MDc4MzYxNDU4MDg5MA%3D%3D&google_push=ARnp8GBDXsVGTRKUg7f9mBjcIVIZG7fysog4jAG2TtAfBzHEqIjEvFyI856oZyjJTtbODO8Y5Scl9oypTuRBEmzEQY--D8JwCPS2

Request Chain 618

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKKkVwW-2s7WS8-i0XpqHFI&google_cver=1&google_push=ARnp8GAQLihUImry9DRMQc5E8fOEW-296NEz2XZt8BmIIPZ0Kx1qJMEGNX-2ykczfv0fKGiexWMPcfcU-K_wAIS_nDg5aDk-1fF1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GAQLihUImry9DRMQc5E8fOEW-296NEz2XZt8BmIIPZ0Kx1qJMEGNX-2ykczfv0fKGiexWMPcfcU-K_wAIS_nDg5aDk-1fF1

Request Chain 620

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFvmfqqgy8EsXZgopk8DF-E&google_cver=1&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q42KqqsLVvj7 HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFvmfqqgy8EsXZgopk8DF-E&google_cver=1&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q42KqqsLVvj7&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q42KqqsLVvj7&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

Request Chain 623

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA9pGKj3v5XtgC4xt9tCKJ4&google_cver=1&google_push=ARnp8GBaveavn4XkvsyZkshmgU6oZrWwJKzlWRd9aPa-y0McZa19h0DhMMHI2qzO_pVShEZx5M68857b3xr93jzi8eXjsu4q6Dc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA0NjgxMzU3NjU4NDM4Mjg5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1

Request Chain 624

https://um.simpli.fi/gp_match?google_gid=CAESEHpzzclNJjwDTpXwl08PNWk&google_cver=1&google_push=ARnp8GDvS9PoaJqpKR_0IXjLRh5mgVT9WdXgDVmOBZPfjUORp46I_1s5ICuCTLAzoMS4AIZ0CXBDvFg3QJPPQteyQcs7QC8ztsI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDvS9PoaJqpKR_0IXjLRh5mgVT9WdXgDVmOBZPfjUORp46I_1s5ICuCTLAzoMS4AIZ0CXBDvFg3QJPPQteyQcs7QC8ztsI

Request Chain 625

https://a.c.appier.net/gcm?google_gid=CAESELswxJq1uoJV9kRFOn5WgpY&google_cver=1&google_push=ARnp8GD2l_qOfHuCflB6WtdFA-GchrYEU-uesLDD3lxO_LiQJ78-3WCRLwKmGP5gB1UVCyyyJMxv_b25yNJcs6QRfeBJwpuXZQgk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=X1FqdTViNXREeDZHNXFuQlctdW9ZZw%3D%3D&google_push=ARnp8GD2l_qOfHuCflB6WtdFA-GchrYEU-uesLDD3lxO_LiQJ78-3WCRLwKmGP5gB1UVCyyyJMxv_b25yNJcs6QRfeBJwpuXZQgk

Request Chain 626

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESECGUuPJEBiGkuo_v_d3yPtw&google_cver=1&google_push=ARnp8GDFQAEH6LyxeiGrHrCIfAK28qKjHruBhotZa9KWvMpLMXUkuBUhMSJY8OwHk4vMN-sVyEfhrv0oK9K2gXVPCSmlU8FCAgMt HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=ARnp8GDFQAEH6LyxeiGrHrCIfAK28qKjHruBhotZa9KWvMpLMXUkuBUhMSJY8OwHk4vMN-sVyEfhrv0oK9K2gXVPCSmlU8FCAgMt

Request Chain 627

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEC1XlcLL2GaJlYRZNM4QOWc&google_cver=1&google_push=ARnp8GBVmHdK7NyOpMrUSqSefxamIXyk9N_zva0lPNHxQ8euXMDR9_p1WItF12HhZINi9VtsJZDC9Mb99scBrpE2EICKdi3DKEAs4w HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBVmHdK7NyOpMrUSqSefxamIXyk9N_zva0lPNHxQ8euXMDR9_p1WItF12HhZINi9VtsJZDC9Mb99scBrpE2EICKdi3DKEAs4w&google_hm=MjgyOTA4Nzc1NjM2OTgxOTkyMQ==

Request Chain 629

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPBazvNK3gTDxrfidKyDgVo&google_cver=1&google_push=ARnp8GCJn7_RTxW573uDbKXpVnuA6uvsyaT5VR-oXbxLCJKCJlercGNfoVnX998PvIlHfz7AoNCcZ9L3MlfB2s1vQgup6ixBECRntg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCJn7_RTxW573uDbKXpVnuA6uvsyaT5VR-oXbxLCJKCJlercGNfoVnX998PvIlHfz7AoNCcZ9L3MlfB2s1vQgup6ixBECRntg HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 631

https://fw.adsafeprotected.com/rfw/st/886862/58750208/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adContainerId=brand_safety_WuuoYu3oCv3U7_UP4b276Ao&cbFunctionName=goog_wrapCb_WuuoYu3oCv3U7_UP4b276Ao&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_300x600.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Ffornoob.com&adsafe_type=g&adsafe_url=https%3A%2F%2Ffornoob.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ff9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ff9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D2&adsafe_type=d&adsafe_jsinfo=,id:29767ff5-dd44-eb1d-b4c2-1dbebf1d967d,c:fxR6ej,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-6c56678d8-b6dd8,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,br:c,abv:na,an:n,oam:0,scm:grpm1,nbld:0,mtim:2,fm:t8LtIZZ+1111%7C1112%7C11131%7C1114%7C1115%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1311%7C1312%7C13131%7C13132%7C13133%7C1314%7C1315%7C1411%7C1412%7C14131%7C1414%7C1415%7C1511%7C1512%7C15131%7C1514%7C1515%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C1714%7C1715%7C1811%7C1812%7C18131%7C1814%7C1815%7C1911%7C1912%7C1913*.886862-58750208%7C19131%7C19132%7C19133%7C1914%7C1915%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c32%7C1c33%7C1c4%7C1c5%7C1d1%7C1d2%7C1e%7C1f1,idMap:1913*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:29,oid:1f9512d7-ec1e-11ec-b263-4e24b34eb44c,v:19.8.319,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4.js

Request Chain 648

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA9pGKj3v5XtgC4xt9tCKJ4&google_cver=1&google_push=ARnp8GDf6EjleA5kfwVHoDtf5ULiInZB1iGztoYciPiM1Ch-jh_a6HW63-gqgOB3qC1rkT2q54xUX0ZACZgJASdVbvU1s3xAlctp HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA0NjgxMzU3NjU4NDM4Mjg5Ng==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1

Request Chain 649

https://um.simpli.fi/gp_match?google_gid=CAESEHpzzclNJjwDTpXwl08PNWk&google_cver=1&google_push=ARnp8GDFRdD6hLonryMJBKeSLtZjZaPAaEEPnicG8iGXzF8Tz3Z1cz5JSaugkSCxcaFQHae2NUWP8HEuGCO_mR7vcPj7S1r9Y7A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDFRdD6hLonryMJBKeSLtZjZaPAaEEPnicG8iGXzF8Tz3Z1cz5JSaugkSCxcaFQHae2NUWP8HEuGCO_mR7vcPj7S1r9Y7A

Request Chain 651

https://google-sync.rutarget.ru/sync?google_gid=CAESEGb47rR_hzQ2hcKwFUow0G8&google_cver=1&google_push=ARnp8GC6jbQhNChK98xyhaa83juE3XM4mXJMJsRHEAz8VnYI6ChO5DCZwnPcXwn_D7iFFY9JB25ZmWNozDx9i50zrApSb4VHYFw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Q1BkRjBWMXBFVkxX&google_ula=2046794&google_push=ARnp8GC6jbQhNChK98xyhaa83juE3XM4mXJMJsRHEAz8VnYI6ChO5DCZwnPcXwn_D7iFFY9JB25ZmWNozDx9i50zrApSb4VHYFw

Request Chain 654

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPBazvNK3gTDxrfidKyDgVo&google_cver=1&google_push=ARnp8GD-9wCNdpOKwfer-QI5RJkLGt8YCwo0oa8O4v-Qf3Jd7owRm3Kc7E0pmBM8KevYrG7z6nXnB7QkcStLuiIHMGIzQqoxflI_TQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GD-9wCNdpOKwfer-QI5RJkLGt8YCwo0oa8O4v-Qf3Jd7owRm3Kc7E0pmBM8KevYrG7z6nXnB7QkcStLuiIHMGIzQqoxflI_TQ HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 681

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGe-RlcUAXUsS2QjIwpwVa4&google_cver=1&google_push=ARnp8GCn2HSTZrQc8BFIszbWu7UGGWaFHzccmSgKTEOuIvAjK-GLPf4HLWaKCYd0N5F-irO9FS9OPJj6JNBshI6bDD0j52IRHg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCn2HSTZrQc8BFIszbWu7UGGWaFHzccmSgKTEOuIvAjK-GLPf4HLWaKCYd0N5F-irO9FS9OPJj6JNBshI6bDD0j52IRHg

Request Chain 682

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIGxKlIwpESKQDx_Jj3A0DQ&google_cver=1&google_push=ARnp8GCUqmzj5KnW2Oq6CP-CaZNCb6KgpybfUjsXpxzt-i5AaxOLC7RX6dZZPVo2TOx_VG1RwTaQ7Mav1YnJNaNzDZvN8qAHFLc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GCUqmzj5KnW2Oq6CP-CaZNCb6KgpybfUjsXpxzt-i5AaxOLC7RX6dZZPVo2TOx_VG1RwTaQ7Mav1YnJNaNzDZvN8qAHFLc&google_hm=mfJw7tYcQjGZP4AtELz7nRU

Request Chain 683

https://px.adhigh.net/p/gm/rub?google_gid=CAESEIDlNN-oSUvY0DhBWF87uHM&google_cver=1&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw HTTP 302
https://px.adhigh.net/p/gm/rub?google_gid=CAESEIDlNN-oSUvY0DhBWF87uHM&google_cver=1&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw&bounced=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D

Request Chain 684

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELnVvJ--sCkWs4oyyGMSdVM&google_cver=1&google_push=ARnp8GCJXsjrKudxEhNIXy8RLe0AZf-E-PeETEBNw6fsNCV2X7GgPmLsx9EpzhqCdbTC2S3v1ZfHSbTmp8jvYAgO-s0NH2R2cvM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZEHk-kN2SBBtU6uvCA0QVNly2hU&google_push=ARnp8GCJXsjrKudxEhNIXy8RLe0AZf-E-PeETEBNw6fsNCV2X7GgPmLsx9EpzhqCdbTC2S3v1ZfHSbTmp8jvYAgO-s0NH2R2cvM

Request Chain 685

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFvmfqqgy8EsXZgopk8DF-E&google_cver=1&google_push=ARnp8GCw_6mqRODz_k4l7s4iu9c1K2pfI-tSjVxiLBDjV9q_ZLgKVGkJZuzUEt7k_dq-epn4nIDXxdJx5UxzAdbCx4nIrkkJ4g HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GCw_6mqRODz_k4l7s4iu9c1K2pfI-tSjVxiLBDjV9q_ZLgKVGkJZuzUEt7k_dq-epn4nIDXxdJx5UxzAdbCx4nIrkkJ4g&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

Request Chain 686

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOr9oyo4zYrIsNJowm6gags&google_cver=1&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs7EOX20MqlM7bo5nOWOZ3swO2TVXXRgBW_Pmi0r7zYJw HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs7EOX20MqlM7bo5nOWOZ3swO2TVXXRgBW_Pmi0r7zYJw&google_gid=CAESEOr9oyo4zYrIsNJowm6gags HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs7EOX20MqlM7bo5nOWOZ3swO2TVXXRgBW_Pmi0r7zYJw

Request Chain 687

https://ads.avads.net/sync/ggl?google_gid=CAESEPlNLv3i6CoMc7ncPSvvF00&google_cver=1&google_push=ARnp8GD431nsB2Cjn3oIwlmMVsGVNIH4LBmsMrGdFwbyUD3xSePKRPtj_dEVi8_tRQvtUfk0FZSknHq7I1KNDu29u17-RviA7p7r HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzBlZmQ0MzYtM2VjOS00MzQwLWFlNGQtZGEzMWIzNzE4NzM0&google_push=ARnp8GD431nsB2Cjn3oIwlmMVsGVNIH4LBmsMrGdFwbyUD3xSePKRPtj_dEVi8_tRQvtUfk0FZSknHq7I1KNDu29u17-RviA7p7r

Request Chain 690

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIbjXSHvqSJMirtIcY31QC0&google_cver=1&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0C1ypZaWswmPZbbl HTTP 302
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIbjXSHvqSJMirtIcY31QC0&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0C1ypZaWswmPZbbl&s=2 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0C1ypZaWswmPZbbl&google_hm=RThvX01XSGtKNmN3QVBIUGRkLVU=

Request Chain 692

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBtcFX39lHsJmgUnTCKp0ic&google_cver=1&google_push=ARnp8GB5v5NeTpL0CJVE7iY-6I4xehSwvp45dsQacwFZR3EL5jmrs-aq1K7mzUI1b-lq9bLQ_BDki5J-2X9AWJs0YF6StRvMMms8zQ HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GB5v5NeTpL0CJVE7iY-6I4xehSwvp45dsQacwFZR3EL5jmrs-aq1K7mzUI1b-lq9bLQ_BDki5J-2X9AWJs0YF6StRvMMms8zQ&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

Request Chain 694

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ5UlzXB-zTWQF7ttuJY2CE&google_cver=1&google_push=ARnp8GDujYeskF4Ee8_CjDrSFjjOVKVL4djOpbOMAKe85zeyGhLcxd7Bpo4hIxTmWIv3f58p3bItfoITkiT7GTNY30ISPDtYOuwKb_Q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDujYeskF4Ee8_CjDrSFjjOVKVL4djOpbOMAKe85zeyGhLcxd7Bpo4hIxTmWIv3f58p3bItfoITkiT7GTNY30ISPDtYOuwKb_Q HTTP 302
https://onetag-sys.com/match/?int_id=19&google_error=5

Request Chain 695

https://b1sync.zemanta.com/usersync?google_gid=CAESEEyo2tUTe2OkkX8mYw1ohEU&google_cver=1&google_push=ARnp8GByykpZWXxnI6_PE61ll8gL4qW7mgV_DUWBKEaK_3mJdavk5Vj4G_DW7exAVlafuAn2bbTWfsb-CwPdG8Cyw7H_wmlV7B8-CQ4 HTTP 301
https://b1sync.zemanta.com/usersync/?google_gid=CAESEEyo2tUTe2OkkX8mYw1ohEU&google_cver=1&google_push=ARnp8GByykpZWXxnI6_PE61ll8gL4qW7mgV_DUWBKEaK_3mJdavk5Vj4G_DW7exAVlafuAn2bbTWfsb-CwPdG8Cyw7H_wmlV7B8-CQ4

Request Chain 698

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKSHYSBi7vtDjx8s6ZdxMXI&google_cver=1&google_push=ARnp8GCi1mc3wabxiHLG8wBv4-ChUrcYFYDQKHWMHWPyB25xMTxV5kXM6ASvOOPve5w4LjsUc5BdPKnxpYPcCM3fpZ61xyBfgeph HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi1mc3wabxiHLG8wBv4-ChUrcYFYDQKHWMHWPyB25xMTxV5kXM6ASvOOPve5w4LjsUc5BdPKnxpYPcCM3fpZ61xyBfgeph

Request Chain 699

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESEKcdJ1eBZ9SPvS7tVtzfwDs&google_cver=1&google_push=ARnp8GBwgG_L6CyyCruJdbaM7stYAW-SH39UTXubGA5Vvhm1yI5DDGSGV3u9ppgE96HExAhaOdNcuoh9Sv68uy7XEent9tZbpqsF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcdJ1eBZ9SPvS7tVtzfwDs&google_push=ARnp8GBwgG_L6CyyCruJdbaM7stYAW-SH39UTXubGA5Vvhm1yI5DDGSGV3u9ppgE96HExAhaOdNcuoh9Sv68uy7XEent9tZbpqsF

Request Chain 700

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENh3MT7DjqwREEkrFZWWlbs&google_cver=1&google_push=ARnp8GBVqeKOWmOTDwLPpoe4svhaqO9gZnuPpGV_DYyQdiDxWCssvdDaYtWakrz2Ps0kX_vbeFRctKsaumy26z7UnKIfwRsuXZsL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GBVqeKOWmOTDwLPpoe4svhaqO9gZnuPpGV_DYyQdiDxWCssvdDaYtWakrz2Ps0kX_vbeFRctKsaumy26z7UnKIfwRsuXZsL&google_hm=Mjc1MzUzNTEwOTY0MDg5MDcxOA%3D%3D

Request Chain 701

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMtnLhjJ7KSumjI5H31Xb5w&google_cver=1&google_push=ARnp8GD3mB8nZCoQTl-l7PtgY3AWBfu5JUe-LlYojIKR9xZsZThAjfeboTS9aBh-ASFlOp-IIi5rIJ847kabLPFafdIPDaQDhwcF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD3mB8nZCoQTl-l7PtgY3AWBfu5JUe-LlYojIKR9xZsZThAjfeboTS9aBh-ASFlOp-IIi5rIJ847kabLPFafdIPDaQDhwcF

Request Chain 702

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKmE0jA438ah1CAXvpX9Ohc&google_cver=1&google_push=ARnp8GCBPLAXE-tTP5DVIh9XU9zGxvRlaf4GENYdOBjpO0PHSwaPg1kdshqrCO9yHIPnfqxW1aHYDHwkn8YHvzwztSIgU2ShyX-z HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ARnp8GCBPLAXE-tTP5DVIh9XU9zGxvRlaf4GENYdOBjpO0PHSwaPg1kdshqrCO9yHIPnfqxW1aHYDHwkn8YHvzwztSIgU2ShyX-z&google_hm=WXFqclc4Q281dWdBQU4xaXNFOEFBQUFB

Request Chain 704

https://ads.avads.net/sync/ggl?google_gid=CAESEPlNLv3i6CoMc7ncPSvvF00&google_cver=1&google_push=ARnp8GAW34mGEt7_9EU9T2L9s5_dRBu-2Or5eri320z2EjWPXzDne0nRZ0oj3wXVdXWqVhf6LNbt-8njfPq398q6xfi_kP4D0KpR6g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2JiMGI2ZmQtYzM4Mi00N2FkLWJjNWEtZjNlMTUwNjQ3ZjJm&google_push=ARnp8GAW34mGEt7_9EU9T2L9s5_dRBu-2Or5eri320z2EjWPXzDne0nRZ0oj3wXVdXWqVhf6LNbt-8njfPq398q6xfi_kP4D0KpR6g

Request Chain 707

https://um.simpli.fi/gp_match?google_gid=CAESEMvxofntg3cwstkm9ZlBr_A&google_cver=1&google_push=ARnp8GAy2ihkjUIt_g2R_E76GzI7XujAXfAj1pYsG1cuyis4-NE7fiz-I85VYsy6tWxzh1i9sqsMk6M7I706HGqV2XF1--9YOgsfkg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GAy2ihkjUIt_g2R_E76GzI7XujAXfAj1pYsG1cuyis4-NE7fiz-I85VYsy6tWxzh1i9sqsMk6M7I706HGqV2XF1--9YOgsfkg

Request Chain 708

https://px.adhigh.net/p/gm/rub?google_gid=CAESEBQCwSQs9zXdZESIUarv8m4&google_cver=1&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLmg HTTP 302
https://px.adhigh.net/p/gm/rub?google_gid=CAESEBQCwSQs9zXdZESIUarv8m4&google_cver=1&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLmg&bounced=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLmg&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D

Request Chain 709

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMGwIWyo_TXH9TxFX_N7eVs&google_cver=1&google_push=ARnp8GANPIePEGhkdCZxLBbSwnJ80tEKa6T0YMy4bmihFNgVP9olrrCHpdEuY1NeS7GiVcystgI6-ki4lgohxyVA6OeZ8GIu2uHCdg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GANPIePEGhkdCZxLBbSwnJ80tEKa6T0YMy4bmihFNgVP9olrrCHpdEuY1NeS7GiVcystgI6-ki4lgohxyVA6OeZ8GIu2uHCdg&google_hm=Mjc1MzUzNTEwOTY0MDg5MDcxOA%3D%3D

Request Chain 710

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMxmnhM3S4kxQF09pHcYXko&google_cver=1&google_push=ARnp8GCWu5rPc6BOVbD1sKR9VbplDffi4pnV_eBBZhWZ8R-12_yFY-ozBl2easFZJt3vwYRtySer_h7Ct2jUyjehIXatUEmlU35q HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1EpwWvjoSAtu7Dv4BBWS29ly2hU&google_push=ARnp8GCWu5rPc6BOVbD1sKR9VbplDffi4pnV_eBBZhWZ8R-12_yFY-ozBl2easFZJt3vwYRtySer_h7Ct2jUyjehIXatUEmlU35q

Request Chain 712

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEMZaquyIWq8cWxZ6iFhOTK4&google_cver=1&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA_RwJbvG8rxWrg HTTP 301
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA_RwJbvG8rxWrg&exu=CAESEMZaquyIWq8cWxZ6iFhOTK4 HTTP 301
https://tech.rtb.mts.ru/?dsp_uid=fa1f5779-5985-4dda-9ac0-09d819f68307&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3Dfa1f5779-5985-4dda-9ac0-09d819f68307%26google_push%3DARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA_RwJbvG8rxWrg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=fa1f5779-5985-4dda-9ac0-09d819f68307&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA_RwJbvG8rxWrg

Request Chain 713

https://b1sync.zemanta.com/usersync?google_gid=CAESEKVC6rPu6wNSBeKiHDEkeJU&google_cver=1&google_push=ARnp8GBnT1X358SL5h45fHmRcG_STI4FgAtu8AiAFiJc9nJrAahv2MYXpn7px41nPnpvCCiMSppAhZexd_Qmm4AZbVaNVXLUHEwm6fw HTTP 301
https://b1sync.zemanta.com/usersync/?google_gid=CAESEKVC6rPu6wNSBeKiHDEkeJU&google_cver=1&google_push=ARnp8GBnT1X358SL5h45fHmRcG_STI4FgAtu8AiAFiJc9nJrAahv2MYXpn7px41nPnpvCCiMSppAhZexd_Qmm4AZbVaNVXLUHEwm6fw

Request Chain 840

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GCkZD0zWEijzN-82y0n9fzYFchjo3Vs10c1u7i0OY7taBflObHSswtK8nTEdQ3M4whjpm5mpN98EbCCcodJ7zeGzp0Uhpo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GCkZD0zWEijzN-82y0n9fzYFchjo3Vs10c1u7i0OY7taBflObHSswtK8nTEdQ3M4whjpm5mpN98EbCCcodJ7zeGzp0Uhpo

Request Chain 841

https://um.simpli.fi/gp_match?google_gid=CAESEHpzzclNJjwDTpXwl08PNWk&google_cver=1&google_push=ARnp8GApHXpL-L-uw5uiB96HQSEPR1NeZg-K_V_AcxkzgEbNHWzdoWhZPj8y1O7pKL5IlKu0NgUMmX97PyBXWUxr7-3FjNTGxw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GApHXpL-L-uw5uiB96HQSEPR1NeZg-K_V_AcxkzgEbNHWzdoWhZPj8y1O7pKL5IlKu0NgUMmX97PyBXWUxr7-3FjNTGxw

Request Chain 866

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGe-RlcUAXUsS2QjIwpwVa4&google_cver=1&google_push=ARnp8GCf_br9IqfBcNVo1AzwsEqYaYWJaX4q_fciUHUEjzrMJYbhTYcTlS4p4HOcWLC4kuHKq2gxS9UdhjGghRXUOzKCJaQbicE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCf_br9IqfBcNVo1AzwsEqYaYWJaX4q_fciUHUEjzrMJYbhTYcTlS4p4HOcWLC4kuHKq2gxS9UdhjGghRXUOzKCJaQbicE

Request Chain 867

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIGxKlIwpESKQDx_Jj3A0DQ&google_cver=1&google_push=ARnp8GA5k7q_F0cQk1jB4Ub03KkJ6T_pBtC7xX31hG_8_qtoZPhaRje5OScmCRXbLd2F7AdALW_4da3pHpCBDXq1g_X-PSeYJpc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA5k7q_F0cQk1jB4Ub03KkJ6T_pBtC7xX31hG_8_qtoZPhaRje5OScmCRXbLd2F7AdALW_4da3pHpCBDXq1g_X-PSeYJpc&google_hm=mfJw7tYcQjGZP4AtELz7nRU

Request Chain 868

https://px.adhigh.net/p/gm/rub?google_gid=CAESEIDlNN-oSUvY0DhBWF87uHM&google_cver=1&google_push=ARnp8GBDV4LpyfEgM44eFZhapdm1isN_5MXdBBo3BOL9qSRdFe7crznPUKzmraJBNPnxf5Qqt75g3Wz1_noaR1zIYqVJ4zsLTw4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GBDV4LpyfEgM44eFZhapdm1isN_5MXdBBo3BOL9qSRdFe7crznPUKzmraJBNPnxf5Qqt75g3Wz1_noaR1zIYqVJ4zsLTw4&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D

Request Chain 869

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPBazvNK3gTDxrfidKyDgVo&google_cver=1&google_push=ARnp8GDZ9R0NkEC8o5hUljrYFEsZQhOnYvrnFXQylmOybo53eyapjlK12vdEl4WBVyfvfxVLqkj8pBopNuxSPd4xTL9KaOJVQK0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDZ9R0NkEC8o5hUljrYFEsZQhOnYvrnFXQylmOybo53eyapjlK12vdEl4WBVyfvfxVLqkj8pBopNuxSPd4xTL9KaOJVQK0

Request Chain 870

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOr9oyo4zYrIsNJowm6gags&google_cver=1&google_push=ARnp8GA31nhUFts-5TUqmCcqzngFgahP2RPhtFBKEVR3ECd48fno2gubWAJxNfzHfdMoVr0IA9VKLm0kJUwyqFautmfYqczN4bI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GA31nhUFts-5TUqmCcqzngFgahP2RPhtFBKEVR3ECd48fno2gubWAJxNfzHfdMoVr0IA9VKLm0kJUwyqFautmfYqczN4bI

Request Chain 872

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJTlXlmtEr3d8OwNCvZEA9A&google_cver=1&google_push=ARnp8GCvtB7H2J4_5cnlbsJ5RfPCuu4L2vGQoJXiGjNeYDcHaRWU9bC4awwsbRr8zmrBoEopeuqvqLkR2gLVhIKt8viiienmvkzY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02UWg1RWNWRTJ1SFFFV1dwUkRfVWk3Y185LmpQZFE0ZX5B&google_push=ARnp8GCvtB7H2J4_5cnlbsJ5RfPCuu4L2vGQoJXiGjNeYDcHaRWU9bC4awwsbRr8zmrBoEopeuqvqLkR2gLVhIKt8viiienmvkzY

Request Chain 892

https://gum.criteo.com/sid/json?origin=publishertag&domain=fornoob.com&sn=ChromeSyncframe&so=3&topUrl=fornoob.com&bundle=MYUl919XJTJCVU91VHpDYVFvJTJGblpEeWFGMTM4RVlJbXUzUFFTaW4wVXRZT053dU53VGNpR1VjYU5sa2lRUDlrWlFEbU9iM0pzREhtaFg5TUdlQjR3N3V1dDRSSFpJWEFQek5ZSSUyQjBqVkpBb1VkZEdLMWxnSjdsdzZDejc4RjZCSTNVQiUyRndI&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=VDJETnxKSmhtVUdBODl6aUkwMTBFU0VTS1pBZW0yL0NPYjlmU2V1c3o5cnhyaHNFMWhwNGdybHppU3Z6UERSckU0ZWdDV1dJZ3JlYkdTRWcvd2RETGt5MzhQM2JiQWtsL0w3WTZycEQ1ZmlNa1dJWElvZERDYXhNMHpPNW9YUDZ4U1czMlBkTkNybFRsMjBxZGFyNGtFdk1zU21INDBaQTdPTUxjSkZhS1cvdWFkaTloV040MFNLRVRlb3Z1K0R2NTNmbnhycldUOXBQZnM3dGNxbDFLWk5BSllUZU1BeFE2TkZhdU03LzdTSjFNbjI3NHpCZTFBWEtsWm9va0QwOTk5aG5tV2VlT0ZLWlZDMGFJVlJkNi9Rak53cm9hUXpVb0swWmVsbHg0VDhUZllGdz18&cppv=2

908 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
fornoob.com/what-does-win32-cabinet-self-extractor-mean/ 52 KB
12 KB 330ms
275ms Document
text/html 2606:4700:20::ac43:4913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::ac43:4913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a4173c56c14dcb29524c9b72a851c3d939a69d979ea07f6a1cad622f580983cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cf-cache-status: DYNAMIC
cf-ray: 71b5b6803cdd9bda-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified: Tue, 14 Jun 2022 20:11:03 GMT
link: <https://fornoob.com/wp-json/>; rel="https://api.w.org/" <https://fornoob.com/wp-json/wp/v2/posts/5820>; rel="alternate"; type="application/json" <https://fornoob.com/?p=5820>; rel=shortlink
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OL5I467Bp7%2Blz8QzlC7ZEfHoSdnXaMvg1xpfCvE25%2BAGRvwW4SwYCrxCXRyCuuBmmHDrTw6k0CxT4HZ6YF5e5BpRqRAGA%2FJLV%2B6Gy%2BYJ%2Bdm%2BDhMaCuv0kiYXPgdabL71%2BovTzeRvC%2BXN"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 37308d47c17bb490c1c37387537ad0b6.css
fornoob.com/wp-content/cache/min/1/ 367 KB
52 KB 38ms
37ms Stylesheet
text/css 2606:4700:20::ac43:4913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fornoob.com/wp-content/cache/min/1/37308d47c17bb490c1c37387537ad0b6.css
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ec3516ef45e173122744794d177313b4ff33a740df5b8c0f8229b0f39d138f59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102018
pragma: public
last-modified: Mon, 13 Jun 2022 00:50:35 GMT
server: cloudflare
etag: W/"62a689db-ca6f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uwLH%2BhYB6RcIH5VVIHLJPpx3uFeaHb0ood61YVJ2lp6ZkH%2Bhtb5MWiA4IAxYR3dMMyuhm%2Bwnh03wXsNGn403d8UaAd4nf2EbIPjH4GQxvZbvQ2XqaaV9Jq%2FMaMrtw82CB3yBIdeenSt%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 71b5b68208fa9bda-FRA
expires: Wed, 13 Jul 2022 15:50:45 GMT

GET
H2 404 fl-icons.woff2
fornoob.com/wp-content/themes/flatsome/assets/css/icons/ 0
0 273ms
272ms Font
text/html 2606:4700:20::ac43:4913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fornoob.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Origin: https://fornoob.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7zVB%2FQ4SXL77rIVK4KIO95%2FKli5Tz5AC0%2B3BFkejzugiuXMEcVMVfrpSB%2FoyHri68Bm%2BUa6nBi2asGWoSJtaioyph1Yix8eXEhICO5%2BEm3Ydu3v%2FSiu3%2FaiHWXJKxRzu79ah30oy%2Fe4S"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: max-age=14400, must-revalidate
x-ua-compatible: IE=edge
cf-ray: 71b5b68208ff9bda-FRA
link: <https://fornoob.com/wp-json/>; rel="https://api.w.org/"
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 logo.png
fornoob.com/wp-content/uploads/2022/06/ 1013 B
1 KB 27ms
26ms Image
image/png 2606:4700:20::ac43:4913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fornoob.com/wp-content/uploads/2022/06/logo.png
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 66e7fea44f72271e4712d515ad2b03f60ceb13c59d586950775b379c29fbd8ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 102018
content-length: 1013
pragma: public
last-modified: Sun, 05 Jun 2022 05:22:04 GMT
server: cloudflare
etag: "629c3d7c-3f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gLwdtyLYyVsf5J6ZqgpugOumzpEUP2Ao8OzWcAExVFEe5sjMpg2k3lAYds8qBIXYSAX5KY%2BRsji2aPjAU3LPCFgT1yj2d4eD19WOqlUwJX%2FJNoHgqnBRpGRwHfOs%2FB7c2PP%2BpX1f%2BJDo"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 71b5b68269ba9bda-FRA
expires: Wed, 13 Jul 2022 15:50:45 GMT

GET
H2 200 widget_scrolllist.php Show response
video.onnetwork.tv/widget/ 3 KB
3 KB 130ms
41ms Script
text/html 37.59.253.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=686

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-h.of.pl

Software

XO.webservant /

Resource Hash

0a54f1024d39902bdd38bbff1c73f476a3baea6e300213718f762ce11f60b6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
last-modified: Tue, 14 Jun 2022 20:11:03 GMT
server: XO.webservant
date: Tue, 14 Jun 2022 20:11:03 GMT
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
content-type: text/html; charset=utf-8
content-length: 2706
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2 200 96c835028b99d50b722edfd686fe921f.js Show response
fornoob.com/wp-content/cache/min/1/ 167 KB
29 KB 31ms
31ms Script
application/javascript 2606:4700:20::ac43:4913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e690a8e7022a292b43eb1444309acc4f055763a2447e09ea79027940b391cb6f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 56744
pragma: public
last-modified: Tue, 14 Jun 2022 03:56:29 GMT
server: cloudflare
etag: W/"62a806ed-dcea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bbXYrshQWnE9Fqh3w%2FcavTsE2UhLuXanho%2Bufd%2BLlrm%2FQ%2FnZ0sU3Gdix3PxxE7IsFqLxHIMjhM19%2B6Dmj8CjDKgE8hTaeHnNWP%2FMBJTSZ5bWi0bds2d%2BUddm0AjrypeHrgbekgIzRWDB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2592000, must-revalidate, proxy-revalidate
cf-ray: 71b5b68269bb9bda-FRA
expires: Thu, 14 Jul 2022 04:25:19 GMT

GET
H2 200 widget_scrolllist_list.php Show response
video.onnetwork.tv/widget/ Frame C426 21 KB
21 KB 48ms
48ms Document
text/html 37.59.253.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=686

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-h.of.pl

Software

XO.webservant /

Resource Hash

efec2578abc0ee7a655ce3ff2cbdb033e0fa575274a6ae036bce38b41ade5537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
content-type: text/html; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: Tue, 14 Jun 2022 20:11:04 GMT
last-modified: Tue, 14 Jun 2022 20:11:03 GMT
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
pragma: no-cache
server: XO.webservant
strict-transport-security: max-age=31536000

GET
H2 200 socialicon.ttf
fornoob.com/wp-content/plugins/wp-social-widget/assets/fonts/ 7 KB
7 KB 45ms
45ms Font
application/octet-stream 2606:4700:20::ac43:4913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fornoob.com/wp-content/plugins/wp-social-widget/assets/fonts/socialicon.ttf?4xqn5s
Requested by: Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/37308d47c17bb490c1c37387537ad0b6.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4913 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb9db485216f124d7c0e9f03367653abf87d68417d62555a46849111a6a94d48

Request headers

Referer: https://fornoob.com/wp-content/cache/min/1/37308d47c17bb490c1c37387537ad0b6.css
Origin: https://fornoob.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-length: 6700
pragma: public
last-modified: Sun, 05 Jun 2022 13:07:43 GMT
server: cloudflare
etag: "629caa9f-1a2c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hJKyFZTTegXb7xbtPvpSJ%2FGv9yUaCxVEMJU9Y8iKPk%2FQPniMuV8YAGxdQ0QK9GIrHPUcwj8A6OkwtQTqil5Z9yTQzFOA1zhkmKyeXkJOHC0L8INrJllzLiwTo97Eo3jc3EhES8jyGEuO"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
cache-control: max-age=2592000, public, must-revalidate, proxy-revalidate
accept-ranges: bytes
cf-ray: 71b5b683acf39bda-FRA
expires: Thu, 14 Jul 2022 20:11:03 GMT

GET
H2 200 jquery-3.2.1.min.js Show response
cdn.onnetwork.tv/js/ Frame C426 85 KB
35 KB 165ms
57ms Script
application/javascript 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/jquery-3.2.1.min.js
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: gzip
last-modified: Mon, 20 Mar 2017 19:01:15 GMT
server: XO.webservantpro
etag: W/"58d026fb-15283"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Sat, 31 Dec 2022 20:11:03 GMT

GET
H2 200 jquery.dotdotdot.js Show response
cdn.onnetwork.tv/js/ Frame C426 6 KB
3 KB 192ms
85ms Script
application/javascript 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/jquery.dotdotdot.js
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: 9f89b224cc40bc2b75f400bf2b21049fe5bb0f0053853976b1a7f22d652cb836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: gzip
last-modified: Fri, 21 Dec 2018 20:59:52 GMT
server: XO.webservantpro
etag: W/"5c1d5448-19a1"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Sat, 31 Dec 2022 20:11:03 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C426 6 KB
1 KB 81ms
30ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 19:23:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 20:11:03 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 20:11:03 GMT

GET
H2 200 501063_6m.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame C426 18 KB
18 KB 56ms
30ms Image
image/jpeg 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/501063_6m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

217.182.102.207 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w20.of.pl

Software

XO.webservantpro /

Resource Hash

35161087449f5392585e55fb5a372467498e9f79389298a40f037be9e9b3b63e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
last-modified: Tue, 09 Nov 2021 14:12:43 GMT
server: XO.webservantpro
etag: "618a81db-482e"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 18478
expires: Sat, 31 Dec 2022 20:11:03 GMT

GET
H2 200 501071_2m.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame C426 40 KB
40 KB 30ms
30ms Image
image/jpeg 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/501071_2m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

217.182.102.207 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w20.of.pl

Software

XO.webservantpro /

Resource Hash

3053474f92ad8e6303c18971ddc7cedf65d2d476b7596db714a02e145ab2d676

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
last-modified: Tue, 09 Nov 2021 14:17:44 GMT
server: XO.webservantpro
etag: "618a8308-a0d2"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 41170
expires: Sat, 31 Dec 2022 20:11:03 GMT

GET
H2 200 501069_3m.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame C426 18 KB
19 KB 58ms
57ms Image
image/jpeg 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/501069_3m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

217.182.102.207 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w20.of.pl

Software

XO.webservantpro /

Resource Hash

dd39c12fe55c899372fd041f0e8ef2c0d65845a7c1897b7a7c5727a9e6b89ad5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
last-modified: Tue, 09 Nov 2021 14:16:35 GMT
server: XO.webservantpro
etag: "618a82c3-49fd"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 18941
expires: Sat, 31 Dec 2022 20:11:03 GMT

GET
H2 200 501915_4m.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame C426 21 KB
21 KB 58ms
58ms Image
image/jpeg 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/501915_4m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

217.182.102.207 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w20.of.pl

Software

XO.webservantpro /

Resource Hash

981aa1188d4ff0c8370b2ed7c99e45c5caab354303cf0196770c12315b837e97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
last-modified: Wed, 10 Nov 2021 13:49:27 GMT
server: XO.webservantpro
etag: "618bcde7-5329"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 21289
expires: Sat, 31 Dec 2022 20:11:03 GMT

GET
H2 200 pubads_impl_2022060801.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 97ms
23ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 06:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 48845
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127852
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 08:45:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 06:36:58 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 92 B
718 B 103ms
30ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=fornoob.com

Requested by

Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

21dba61f0b5581ec4827be27460855fbb358a88ae28b85896aa301d6065d72b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82
x-xss-protection: 0
expires: Tue, 14 Jun 2022 20:11:03 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
13 KB 209ms
113ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22590330937/fornoob.com_970x250_billboard_DFP&sz=970x250%7C300x250&t=Placement_type%3Dserving&1655237463629

Requested by

Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

674629bc63f0f47b5e119d1b57d792d6120af0fe7e8589a9c89aa1b7c1cff8e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
google-lineitem-id: 5787594191
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381795325
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
13 KB 197ms
103ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22590330937/fornoob.com_300x250_double_desktop_1_DFP&sz=300x250&t=Placement_type%3Dserving&1655237463630

Requested by

Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7fc2e01e875a4c8523e07ead8807d7cb72d785eed655789df5f368b55debcfdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12978
x-xss-protection: 0
google-lineitem-id: 5790053944
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381319011
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
13 KB 180ms
86ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22590330937/fornoob.com_300x250_double_desktop_2_DFP&sz=300x250&t=Placement_type%3Dserving&1655237463631

Requested by

Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

7d4994d845cd36b42d82fd29074e901745dae8a4560e44b98ba87681a08a52d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12981
x-xss-protection: 0
google-lineitem-id: 5790056137
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381799900
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 56 KB
13 KB 213ms
118ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22590330937/fornoob.com_300x600_DFP&sz=300x600&t=Placement_type%3Dserving&1655237463631

Requested by

Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

3908470a1f6dc68cac03dd8e2c37387ecdee65517d9e179b8685d0f69d12864f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13208
x-xss-protection: 0
google-lineitem-id: 5785714680
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138381316923
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adx Show response
pubads.g.doubleclick.net/gampad/ 55 KB
13 KB 202ms
108ms XHR
text/html 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/adx?iu=/147246189,22590330937/fornoob.com_970x90_anchor_DFP&sz=970x90%7C320x100&t=Placement_type%3Dserving&1655237463631

Requested by

Host: fornoob.com
URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

880168392143215f08060fa0b955fb150e7db46baf8915c059861402ca8e457c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13045
x-xss-protection: 0
google-lineitem-id: 5786858360
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138363060012
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 598682_6m.jpg
cdnt.onnetwork.tv/poster/5/9/ Frame C426 16 KB
17 KB 59ms
58ms Image
image/jpeg 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/9/598682_6m.jpg

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist_list.php?nl=1&widget=686&iid=1655237463538&cId=pid1655237463538

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

217.182.102.207 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w20.of.pl

Software

XO.webservantpro /

Resource Hash

2eefd0639df393ca14a8bc78ec8183d7c94fbb46dceebc695f2472395928dd17

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://video.onnetwork.tv/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
last-modified: Tue, 01 Mar 2022 09:53:26 GMT
server: XO.webservantpro
etag: "621ded16-41f0"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 16880
expires: Sat, 31 Dec 2022 20:11:03 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 120ms
30ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 114 KB
30 KB 688ms
687ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3994408074161760&correlator=2705882713995993&eid=31067855%2C42531605&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_interstitial&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=1&adks=3871859432&sfv=1-0-38&ecs=20220614&ists=1&fas=8&fsapi=false&stss=1&sc=1&cookie_enabled=1&abxe=1&dt=1655237463829&lmt=1655237463&dlt=1655237463351&idt=452&biw=1600&bih=1200&adxs=-9&adys=-9&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1&msz=0x-1&fws=2&ohw=0&ga_vid=1109303929.1655237464&ga_sid=1655237464&ga_hid=7641545&ga_fc=false&btvi=-1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5a0273a4fff7d84e274862157b609ce0f1748a6c0c5a20fb89f90820e17f7292

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30638
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 81 KB
28 KB 421ms
421ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3994408074161760&correlator=2705882713995993&eid=31067855%2C42531605&output=ldjh&gdfp_req=1&vrg=2022060801&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_native_multi&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50&fluid=height&ifi=2&adks=1597442951&sfv=1-0-38&ecs=20220614&fsapi=false&stss=1&sc=1&cookie_enabled=1&abxe=1&dt=1655237463834&lmt=1655237463&dlt=1655237463351&idt=452&biw=1600&bih=1200&adxs=200&adys=2804&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=20&vis=1&scr_x=0&scr_y=0&psz=820x0&msz=820x0&fws=0&ohw=0&ga_vid=1109303929.1655237464&ga_sid=1655237464&ga_hid=7641545&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

7d0e1fa5cd1fdae253f1b77c35a1dc4daa6b9ab0652cebce8c16ed49848ebb6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28101
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9FC3 6 KB
4 KB 125ms
30ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: Wed, 14 Jun 2023 20:11:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pubads_impl_page_level_ads_2022060801.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 782ms
781ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022060801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

92245b71c3514c75e468315016a811a400a9ba3a5232a50ec17c87eb0488ce08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13409
x-xss-protection: 0
last-modified: Wed, 08 Jun 2022 08:45:55 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 20:11:04 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C426 15 KB
16 KB 69ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://video.onnetwork.tv
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 118996
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:47 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 9F91 478 KB
147 KB 93ms
34ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd779b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 19E8 478 KB
147 KB 116ms
58ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd7a9b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame EB9F 478 KB
147 KB 110ms
54ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd7c9b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame E6F0 478 KB
147 KB 114ms
59ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd7d9b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame C7AA 478 KB
147 KB 105ms
60ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b6861dab9b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 06DD 478 KB
147 KB 77ms
35ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd809b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 3D0E 478 KB
147 KB 100ms
60ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd839b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 5125 478 KB
147 KB 72ms
33ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd859b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 stpd220112.js Show response
stpd.cloud/assets/postbid/ Frame 3552 478 KB
147 KB 83ms
55ms Script
application/javascript 2606:4700::6812:1f31
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://stpd.cloud/assets/postbid/stpd220112.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1f31 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
cf-cache-status: HIT
content-md5: bDGrZ1LqinsbttFnOfc0iQ==
age: 1158
x-ms-lease-status: unlocked
last-modified: Mon, 13 Jun 2022 07:50:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 65d53fff-101e-004d-71fa-7e307b000000
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 71b5b685fd7f9b5b-FRA
expires: Wed, 15 Jun 2022 00:11:04 GMT

GET
H2 200 embed.php Show response
video.onnetwork.tv/ 62 KB
13 KB 42ms
42ms Script
text/javascript 37.59.253.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/widget/widget_scrolllist.php?widget=686

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-h.of.pl

Software

XO.webservant /

Resource Hash

4276b7dd1652906361646152b34750c26661aee8881fc678c85aac7fedc1dbb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 20:11:02 GMT
server: XO.webservant
date: Tue, 14 Jun 2022 20:11:03 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
content-type: text/javascript;charset=utf-8
expires: Tue, 14 Jun 2022 20:11:02 GMT

GET
H2 200 mobile_small_size_of_miniplayer_and_eng_close_icon_for_desktop_and_mobile_21_febuary_2022.css
cdnf.onnetwork.tv/f/4/2/4244/css/lt/ 694 B
450 B 65ms
30ms Stylesheet
text/css 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnf.onnetwork.tv/f/4/2/4244/css/lt/mobile_small_size_of_miniplayer_and_eng_close_icon_for_desktop_and_mobile_21_febuary_2022.css

Requested by

Host: client
URL: about:client

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

217.182.102.207 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w20.of.pl

Software

XO.webservantpro /

Resource Hash

4b0323f97097c4561e62bfba2e4eed39cd68a548c3c0f342f213c53bea479679

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Mon, 21 Feb 2022 09:49:58 GMT
server: XO.webservantpro
etag: W/"62136046-2b6"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
strict-transport-security: max-age=31536000

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 92ms
30ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1148
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 9F91 140 KB
38 KB 112ms
28ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
content-encoding: gzip
x-amz-cf-id: HbCOlqb61pFXYZJvAqwQf8AA5MKcOBvSky7r1gVgoUFduRgi8HZpnQ==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 9F91 483 B
551 B 85ms
31ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxVLsbbrdNil3cLEORc9M0u%2FStuOq7BBIUEeP4AZWLfCXaIb7Ff7h7PGbrG9s%2Fbe3EelClJUgGtEml2f3vktps%2BvL3XpEgldoDhoR4nDjTsnT3ou9kPSCaNj%2BsewM3yIgTAh3RD%2BPWDB2FSu"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b6872f399016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 9F91
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=TIduqXw0cjVaQW1mWThDc3BaQkU4REdkVFpjelo4RVp1dkpYOTM5NS9Kazk1cDFRbzBOMWlBcEtuZHdrcG5ySzEzQnlDeTUzSkVvYlJiNW4wOFVwZzRkbVhwMEphdWtqN01VaGc3VUFJSU5DWkNzREZJVmd2TzJianNqOW...

347 B
615 B

91ms
30ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=TIduqXw0cjVaQW1mWThDc3BaQkU4REdkVFpjelo4RVp1dkpYOTM5NS9Kazk1cDFRbzBOMWlBcEtuZHdrcG5ySzEzQnlDeTUzSkVvYlJiNW4wOFVwZzRkbVhwMEphdWtqN01VaGc3VUFJSU5DWkNzREZJVmd2TzJianNqOWhlbEFyeU1WODJISXM3RGw2bXhOMnZhUktYMHoxeWtYMTllWHdKY0FjWHdYaTlyNUw0dldoMlhSYjgxajNDbllmTTh6NElNbi9NeUswRjFpOVR3eHBuMERqWUN2dWtRWXdTSGxoTkpheVdzdHZtdnpmb3pRPXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

28b8379f5b0aba159f6156c73e6047d805269d618535d31705d0b003bf0bf513

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3007
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=TIduqXw0cjVaQW1mWThDc3BaQkU4REdkVFpjelo4RVp1dkpYOTM5NS9Kazk1cDFRbzBOMWlBcEtuZHdrcG5ySzEzQnlDeTUzSkVvYlJiNW4wOFVwZzRkbVhwMEphdWtqN01VaGc3VUFJSU5DWkNzREZJVmd2TzJianNqOWhlbEFyeU1WODJISXM3RGw2bXhOMnZhUktYMHoxeWtYMTllWHdKY0FjWHdYaTlyNUw0dldoMlhSYjgxajNDbllmTTh6NElNbi9NeUswRjFpOVR3eHBuMERqWUN2dWtRWXdTSGxoTkpheVdzdHZtdnpmb3pRPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1576
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 9F91 213 B
618 B 72ms
21ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

5d7c976aba9aee65aa3a55d7ada3cccb6872557c42a810cdde2b8673bd747977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 9F91 81 KB
28 KB 93ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

282d434381220cc38e21f556bd09359943732a38dccbea6d232cc3ae573dcb87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27871
x-xss-protection: 0
server: sffe
etag: "1245 / 35 of 1000 / last-modified: 1655217774"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame D2C3
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

30ms
22ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 65ms
30ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1108
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame EB9F 140 KB
39 KB 124ms
69ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
x-amz-cf-id: m4ACjya2g4rDnyzR5FnW1wpZ0SnjQ20mfgikMz3p4D6lHt0ccazGOg==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame EB9F 483 B
552 B 56ms
31ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X1a%2FkR6LxxbRNEjdd9QewSHnGGFStZfl1LoK5r%2BkJYp4xZ5pHBZt5khxZTKTrAG2Bba2KDkbPP8pbQAzbtfpfpIGa%2BdnJkOzLBuSOvqrMwF6enSIvfOG95lwwErgRj0Gg2vu0L22%2BnC0U9Vz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b6872f3a9016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame EB9F
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=Jbrb63wrMjJsdVpLakFvOFRWbFBlYThyQkxyOFFSNVhsYlRtTDc5bzlTSkJSN2tSeEtZZkhkeFMyVmU5bzhsVnFXSCtFOXhlcVJ5cy8rTXRtMVRzSWxDY0hLVGZBYkEySmN2TjdrSnh3bmhVNVpTVWREQytTeXJVQWs3RE...

340 B
613 B

92ms
30ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Jbrb63wrMjJsdVpLakFvOFRWbFBlYThyQkxyOFFSNVhsYlRtTDc5bzlTSkJSN2tSeEtZZkhkeFMyVmU5bzhsVnFXSCtFOXhlcVJ5cy8rTXRtMVRzSWxDY0hLVGZBYkEySmN2TjdrSnh3bmhVNVpTVWREQytTeXJVQWs3REJHaXRJa0EwdlZPUG5IM1JNK29XZkp5Nkd5bFByT2RaUVFZZEh4WklBU0RrQzFoS1I2RVI2cjhwUXo5cGFqb1cvMnIrbEpWREtQeVZYZ3VHZ25RVm1lb1dHUHltaml6dGQwVUhONjRrRkZlNHlLaHdRT0QwPXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

70fe7cbc3b1e26442bff822cbc36420c0a9e634bdac2eab31d8535659310a152

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2666
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://mug.criteo.com/sid?cpp=Jbrb63wrMjJsdVpLakFvOFRWbFBlYThyQkxyOFFSNVhsYlRtTDc5bzlTSkJSN2tSeEtZZkhkeFMyVmU5bzhsVnFXSCtFOXhlcVJ5cy8rTXRtMVRzSWxDY0hLVGZBYkEySmN2TjdrSnh3bmhVNVpTVWREQytTeXJVQWs3REJHaXRJa0EwdlZPUG5IM1JNK29XZkp5Nkd5bFByT2RaUVFZZEh4WklBU0RrQzFoS1I2RVI2cjhwUXo5cGFqb1cvMnIrbEpWREtQeVZYZ3VHZ25RVm1lb1dHUHltaml6dGQwVUhONjRrRkZlNHlLaHdRT0QwPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1615
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame EB9F 213 B
618 B 64ms
22ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

ed99828fb66c854a31efaf80a6b7a2c6364720d517f180a7b2921e83c309b97f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame EB9F 81 KB
27 KB 98ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d4b2e31056b0ec81498f445e4be96795b909cc37830c76632ceb29281c3ed74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27869
x-xss-protection: 0
server: sffe
etag: "1245 / 1 of 1000 / last-modified: 1655217774"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 0431
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

29ms
23ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 49ms
31ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1041
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 19E8 140 KB
38 KB 88ms
50ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
content-encoding: gzip
x-amz-cf-id: eM29vclQDHRmCv7012s8IJWk4rCZIQBDrxNGWFMSZe_3ovsekK6ITQ==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 19E8 483 B
937 B 38ms
30ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9CXkyR%2BmcaKBrTOuIAaN9lEsZiLyaRz5ZDwfGlOLjYmeu18p6UAuCFhnnzWsbzv1TWXHSklcaYjQwnkzAx12HcGs1fopX9IMIV7OxCUnxP2oBZaBjpXG9rIMGwNbbP7Mq82IHji1u24Of22w"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b6872f3e9016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 19E8
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=R3igBXxEVVRDWStCYktPN2RjWHhDVUJJSVRKUWhrSVo5TnpxMDg0SWJNMWRIRll3bDhpWjByNkdFTStBaDhhekJjalNPOHloaWUvL0Z6bDRDYmhaK01hQzBreVlEMWU1ekc3Y3JVTlo2NUpLV3h0KzBsWnRNQ1BxZmc0Z0...

345 B
615 B

93ms
31ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=R3igBXxEVVRDWStCYktPN2RjWHhDVUJJSVRKUWhrSVo5TnpxMDg0SWJNMWRIRll3bDhpWjByNkdFTStBaDhhekJjalNPOHloaWUvL0Z6bDRDYmhaK01hQzBreVlEMWU1ekc3Y3JVTlo2NUpLV3h0KzBsWnRNQ1BxZmc0Z0tKaXFVNlNuNEpCNnRJdlEvU2dsenhZYTJtOFdUOWpza0k4TGxiUCtsd0FTaXptUTN2MzBRQ2E2cTk4Q1RocE85M0oxcUtLd2IyNzlha0ZlWWZicnZ0K2FwWmxhQ0VmY0E0c2Z0aFZXZEZhZ1hnWXRzUmFBPXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0311960e7f37890f21099da23a0e8d21c5090495e4a28f1037aebee2a555f7f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3788
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=R3igBXxEVVRDWStCYktPN2RjWHhDVUJJSVRKUWhrSVo5TnpxMDg0SWJNMWRIRll3bDhpWjByNkdFTStBaDhhekJjalNPOHloaWUvL0Z6bDRDYmhaK01hQzBreVlEMWU1ekc3Y3JVTlo2NUpLV3h0KzBsWnRNQ1BxZmc0Z0tKaXFVNlNuNEpCNnRJdlEvU2dsenhZYTJtOFdUOWpza0k4TGxiUCtsd0FTaXptUTN2MzBRQ2E2cTk4Q1RocE85M0oxcUtLd2IyNzlha0ZlWWZicnZ0K2FwWmxhQ0VmY0E0c2Z0aFZXZEZhZ1hnWXRzUmFBPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1570
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 19E8 213 B
618 B 50ms
20ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

0f57944981a8255e4ecf21b8c9458226193ef4b7d2e9760d1854221110fc8a4f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 19E8 80 KB
27 KB 70ms
49ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74b76ef5a7d65085499aed3e6271042335abec900f5dd9ab0822fa584bcf981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27818
x-xss-protection: 0
server: sffe
etag: "1245 / 215 of 1000 / last-modified: 1655217810"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 49C6
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

29ms
22ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 34ms
31ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1128
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame E6F0 140 KB
38 KB 101ms
78ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
x-amz-cf-id: Vjq7_a2QeJmtYnKydVwBqPIWf0Y9SCzbEpeerc1G2DvkU-tVC6C1Zw==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame E6F0 483 B
552 B 38ms
38ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ky0GGQg%2Fue7Pgyc%2BPczp4wJpYmXm4TcKwFg0ldt5K7ePa9SamzUcyWmoMYpQe6nhJr3xOz%2F%2BnZt2plvRGjkO1VgjalKrS2Y%2BppCC4bb0siVn03i2CGO6S%2FbMcJHq9GVxKiXQKjoOBAGPitHw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b6872f5a9016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame E6F0
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=MLCr0XxldGp3OHNLR0l1eXp4SVZYMStVR1Y2VXBTOVRNSFI0Vm53ZTU2MWEvZ3crSUFOa01MKzN5UFZFVXJ4cGs5am5XNDI0UGp1TFJlYnF0WUd5bmJTb3RYWlA1enJwSDZTSDhWUkpmbFlqR3ludFNGZ0Z1MUdCaTFnWE...

356 B
622 B

91ms
29ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=MLCr0XxldGp3OHNLR0l1eXp4SVZYMStVR1Y2VXBTOVRNSFI0Vm53ZTU2MWEvZ3crSUFOa01MKzN5UFZFVXJ4cGs5am5XNDI0UGp1TFJlYnF0WUd5bmJTb3RYWlA1enJwSDZTSDhWUkpmbFlqR3ludFNGZ0Z1MUdCaTFnWEFoZW0rdDZ1dlZvYnNRZmUvRnp6UVBkZFoyZ01VVHBvOVA5QlhQVEFrODJjNS9CU2ViSW81dnJkRE5wWVo3d2NYRkpieWJ4WGNaK29BL0xBSTNkdkxqUzNoOXIxYVM4cW4zOFAvVXA4YUtzaEdhUUg2S084PXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2950d2d246ac11521f2077da927760806c4bf54d5bf3ba7019bfa6509e7bdd3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3276
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=MLCr0XxldGp3OHNLR0l1eXp4SVZYMStVR1Y2VXBTOVRNSFI0Vm53ZTU2MWEvZ3crSUFOa01MKzN5UFZFVXJ4cGs5am5XNDI0UGp1TFJlYnF0WUd5bmJTb3RYWlA1enJwSDZTSDhWUkpmbFlqR3ludFNGZ0Z1MUdCaTFnWEFoZW0rdDZ1dlZvYnNRZmUvRnp6UVBkZFoyZ01VVHBvOVA5QlhQVEFrODJjNS9CU2ViSW81dnJkRE5wWVo3d2NYRkpieWJ4WGNaK29BL0xBSTNkdkxqUzNoOXIxYVM4cW4zOFAvVXA4YUtzaEdhUUg2S084PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1647
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame E6F0 213 B
618 B 49ms
22ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

2744bd6f51028d1b34d6822f8002194981f1222f4542b6e7c712b26b96dc42c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E6F0 81 KB
27 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

568e2dffd430cd9eff7f8e370295ce039fd5867d274d1cf3a8f7538c605bb61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27877
x-xss-protection: 0
server: sffe
etag: "1245 / 274 of 1000 / last-modified: 1655217810"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame BAA4
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

24ms
24ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 31ms
30ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1092
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 3552 140 KB
38 KB 48ms
48ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
content-encoding: gzip
x-amz-cf-id: SbYP5-1nCbqFgr3C1rGjkT0B7lnJ64zxUkOSXkqEGQiLSaAe5oN7iA==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 3552 483 B
557 B 31ms
31ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UkKRzGrF%2Ft7dwsUN9hTiRzKW0tKUO2a9f%2BeB7wMKR6urBuoT7RbSA%2FUxM1%2FwP%2F4YlVJ%2BLYPzq4DW0QC5RnHjkLQKnedJnfZhMYoYisJSDj%2BElqymSfDl5tznlRtAGHqBmHYpqbX5BzR9Fvum"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b6874f939016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3552
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=IGXm4HxPQmlrbGhQa3JWVzZER0NlV2htdnpuTmJHZHFBb0ZZbm5ab0RFNThlZGZnam9LdC96cStrNm1mQlpITnV2OEF4elVGTGhLK2RqeVRUMlZPNGFjbUtEV2hPVUVLYXY0a0d5NUtZUXNTUlNyZEJ0L290STlLWEtwSE...

345 B
613 B

92ms
31ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=IGXm4HxPQmlrbGhQa3JWVzZER0NlV2htdnpuTmJHZHFBb0ZZbm5ab0RFNThlZGZnam9LdC96cStrNm1mQlpITnV2OEF4elVGTGhLK2RqeVRUMlZPNGFjbUtEV2hPVUVLYXY0a0d5NUtZUXNTUlNyZEJ0L290STlLWEtwSEhkNWNBcTNTaUpwZHdGSFBxbHRrejRjdGl1REJocEcrUzkySWdRbXN4UmhCb3RJN2REQjRCVnpwYkhVZ0VjQ3lCRkJhb3RGZ21vZEpXYlZyWjNqUFVHMU1hTnhaZzIzUCsyUEZLY3JGdzBHczRuQUdDc2o4PXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0df02cfc28c5992e795f3e57c43b47e787ecf11ddf9692e42d6912ad24fd7cdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3557
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=IGXm4HxPQmlrbGhQa3JWVzZER0NlV2htdnpuTmJHZHFBb0ZZbm5ab0RFNThlZGZnam9LdC96cStrNm1mQlpITnV2OEF4elVGTGhLK2RqeVRUMlZPNGFjbUtEV2hPVUVLYXY0a0d5NUtZUXNTUlNyZEJ0L290STlLWEtwSEhkNWNBcTNTaUpwZHdGSFBxbHRrejRjdGl1REJocEcrUzkySWdRbXN4UmhCb3RJN2REQjRCVnpwYkhVZ0VjQ3lCRkJhb3RGZ21vZEpXYlZyWjNqUFVHMU1hTnhaZzIzUCsyUEZLY3JGdzBHczRuQUdDc2o4PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1527
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 3552 213 B
618 B 40ms
23ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

265cd7cb57dc442fd945a344bee6305399c5ca297f7b7b438bf18eb7fd9fd93c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3552 80 KB
27 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f74b76ef5a7d65085499aed3e6271042335abec900f5dd9ab0822fa584bcf981

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27818
x-xss-protection: 0
server: sffe
etag: "1245 / 297 of 1000 / last-modified: 1655217810"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 5339
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

28ms
28ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 30ms
30ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1566
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 06DD 140 KB
38 KB 67ms
66ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
x-amz-cf-id: YPQYXyZ-9Zt7vp1jjuXoTr3xovYMayLak_B1yKpCax5aAYRiIZ-9mQ==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 06DD 483 B
550 B 29ms
28ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m4R9b0uls2xZEYPL39rolo6lZ61woNKycARCOXpR4ubnpP7rQJlEKD%2BKTLWIeGeT1aitGlabQXLxmZAdBzKBpy8B9pXQEKP8jqaM9yPs4BKVpmYPtJcGynEkyBrJ0%2BAZAStNBl%2BBPefOx9sy"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b6876fd59016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 06DD
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=iwkyLHx1bGIza1phVUhOeVVWZTduQVNpaDU4bUNQell5aWRiSFVHQ0dSQWJ3MEd6eW1EYXd5S3hOSHRvSzlCWUtXbklzVVE1aDljRnBINy9EY2xQUndsOEpqQ2Vadk9ndTVBLzh6VlJNRGFlU1ZvaVVVbzJySitqalBhdn...

355 B
618 B

91ms
31ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=iwkyLHx1bGIza1phVUhOeVVWZTduQVNpaDU4bUNQell5aWRiSFVHQ0dSQWJ3MEd6eW1EYXd5S3hOSHRvSzlCWUtXbklzVVE1aDljRnBINy9EY2xQUndsOEpqQ2Vadk9ndTVBLzh6VlJNRGFlU1ZvaVVVbzJySitqalBhdnRRYWF1Mng3NnllWUtRR1lKQlhPYlA5QlR3VDZKZkd2VFArQTNkc2FGd2Flb3ZzeTVTSlgyOFZDa1hlUEtYZTN5WHNTbEROWG4vR1hHemNpNGJ6MkhoaGlVQ1drSGsxTExabFBDM2tFVnZPUWtqRzFja3dVPXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

d94a863408580067694ac4321741d054476232de68c0e2f7a67ffeea1a38087b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3207
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=iwkyLHx1bGIza1phVUhOeVVWZTduQVNpaDU4bUNQell5aWRiSFVHQ0dSQWJ3MEd6eW1EYXd5S3hOSHRvSzlCWUtXbklzVVE1aDljRnBINy9EY2xQUndsOEpqQ2Vadk9ndTVBLzh6VlJNRGFlU1ZvaVVVbzJySitqalBhdnRRYWF1Mng3NnllWUtRR1lKQlhPYlA5QlR3VDZKZkd2VFArQTNkc2FGd2Flb3ZzeTVTSlgyOFZDa1hlUEtYZTN5WHNTbEROWG4vR1hHemNpNGJ6MkhoaGlVQ1drSGsxTExabFBDM2tFVnZPUWtqRzFja3dVPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1326
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 06DD 211 B
616 B 21ms
20ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

ca222a4f47fdb4d40f0b19ceb81e62020ea978da3bf76d3d1ed525a739d11ddb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 06DD 81 KB
27 KB 84ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ade0d63de839a8d599ec7c7b550dbd83589a2cf1a02126080953b046e24467c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27876
x-xss-protection: 0
server: sffe
etag: "1245 / 914 of 1000 / last-modified: 1655217774"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame F620
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

21ms
21ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 30ms
30ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1252
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 3D0E 140 KB
38 KB 27ms
27ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
x-amz-cf-id: 6VVV0-ICrlNkDEWnQsQ1EIo70y_CHoV27Sjvzx_EiZ2vd8q67YdsMw==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 3D0E 483 B
552 B 24ms
24ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5gEUmMkzQgWEdk0qtO9Ch8%2FXhdJymcUijjeHv4bPQnkex6YbvLY2hWmXRjVoHNk%2FhHssDseXZLkHKue7V0eLZsBOZPdzWC5q0Q062durWnu9XVz7Ke%2Bqlt3OzNaXcbqyZ7eW4fn%2B8PpCl%2F6a"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b687b8549016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 3D0E
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=k_Cpi3xKMHo4TmRGV1VkYmVkYXU2QWF2ZUo2aGNFKzh1ZFhmb3MyMGl5VkZhbjBzNHBPN21LY2ZjV0ZqNkIvRExEbW5WeU5OdnM5Z2dzR2wwNElRaEsxb3AyZVNjWGtkY05Za296cEJ5VWZyejFacEY2VzJYQXhSRnoxc2...

350 B
620 B

93ms
32ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=k_Cpi3xKMHo4TmRGV1VkYmVkYXU2QWF2ZUo2aGNFKzh1ZFhmb3MyMGl5VkZhbjBzNHBPN21LY2ZjV0ZqNkIvRExEbW5WeU5OdnM5Z2dzR2wwNElRaEsxb3AyZVNjWGtkY05Za296cEJ5VWZyejFacEY2VzJYQXhSRnoxc2JNWmxvUHorVW8vOU9JQXUyM09jMVNuVllvL3RKRmJ6ODlNekpUWk5sS2xuTk9KVmFCUW1rOGVFbVp2L3QrOWU3TE93bStHOTBpL1ppZ3g3L0pKL2p6M2toUG9JQ1NKOFBmTWk1b0RlZGc5V3M5RU9YWUc0PXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

b6cd51771366bda4668ab4bd1c3a0c0e6e589f0cad4ae5060ab1af06d99b1e16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4507
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=k_Cpi3xKMHo4TmRGV1VkYmVkYXU2QWF2ZUo2aGNFKzh1ZFhmb3MyMGl5VkZhbjBzNHBPN21LY2ZjV0ZqNkIvRExEbW5WeU5OdnM5Z2dzR2wwNElRaEsxb3AyZVNjWGtkY05Za296cEJ5VWZyejFacEY2VzJYQXhSRnoxc2JNWmxvUHorVW8vOU9JQXUyM09jMVNuVllvL3RKRmJ6ODlNekpUWk5sS2xuTk9KVmFCUW1rOGVFbVp2L3QrOWU3TE93bStHOTBpL1ppZ3g3L0pKL2p6M2toUG9JQ1NKOFBmTWk1b0RlZGc5V3M5RU9YWUc0PXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1525
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 3D0E 212 B
617 B 21ms
21ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

e253de8ee866ab68f8892eabb08886aab14abbb7c3626bf13129ea736ef5109a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3D0E 81 KB
27 KB 32ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b485985f387b24ee543b32ce7eba11a121922c21a117fd6d1ff2597d64041fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28009
x-xss-protection: 0
server: sffe
etag: "1245 / 309 of 1000 / last-modified: 1655217810"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 7F87
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

21ms
21ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 35ms
35ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1081
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame 5125 140 KB
38 KB 22ms
21ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
x-amz-cf-id: ErD9-J3tsg1Z-ZT4iMK0gDNxlYPtAJAgwnoAs5Bkdi1ocNPDuSTcdA==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame 5125 483 B
552 B 26ms
25ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M17zom6CnS16OEgdkwYTunddYfZ8vRkSP78drAUs%2BEPcixLc6CGOx9tNqGQiyjb%2BLy8IQ7mxrXa%2BPtY0SnVRBUQ%2BtSXxlBf2Wv5Trmvbh37y8e6qgOAbsUp%2FMI5FFacJwMPWgtep0Idfj9HR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b687c89b9016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame 5125
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=jwZyG3xHbGhwSm9Ob0phWk1yUlB2MGs3RXZNWEhTNE9sbHNLdXlPUFY0WWNBTE9pOXpYSmo5Tzl0bW1LcWpCNTVKNExqNTRmb0VOMFNIYVZGdUYvTlc5T3lIckNBbDU5b1NURVpmamQwanZrYWZuSmRYNWVPcm1JN3ZNUm...

361 B
623 B

92ms
32ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=jwZyG3xHbGhwSm9Ob0phWk1yUlB2MGs3RXZNWEhTNE9sbHNLdXlPUFY0WWNBTE9pOXpYSmo5Tzl0bW1LcWpCNTVKNExqNTRmb0VOMFNIYVZGdUYvTlc5T3lIckNBbDU5b1NURVpmamQwanZrYWZuSmRYNWVPcm1JN3ZNUm85NWl1bUlYZWdaamtzNWxrZnVTU2ZxN1U2RjYxcnFnaFkvaEd0ZTFHM0d2UUZKczVOaU1wajZMRUpqZVlpOElTMXYvS0lhVlF6TXdFVmEvaVVCbXo1WFd6bFVzQjFreWtxaEo2cmVCUEVIMk93amxmUURzPXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

22ddd2ccc4a9f8a0b4980fe9568d9096b780e854c4b61c465a92cfed23803cda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3294
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=jwZyG3xHbGhwSm9Ob0phWk1yUlB2MGs3RXZNWEhTNE9sbHNLdXlPUFY0WWNBTE9pOXpYSmo5Tzl0bW1LcWpCNTVKNExqNTRmb0VOMFNIYVZGdUYvTlc5T3lIckNBbDU5b1NURVpmamQwanZrYWZuSmRYNWVPcm1JN3ZNUm85NWl1bUlYZWdaamtzNWxrZnVTU2ZxN1U2RjYxcnFnaFkvaEd0ZTFHM0d2UUZKczVOaU1wajZMRUpqZVlpOElTMXYvS0lhVlF6TXdFVmEvaVVCbXo1WFd6bFVzQjFreWtxaEo2cmVCUEVIMk93amxmUURzPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1674
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame 5125 213 B
618 B 22ms
22ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

14ed99d53032c5f418a1443425505097ea5140a542287efbaa364c7b2a5f8f1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5125 81 KB
27 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b485985f387b24ee543b32ce7eba11a121922c21a117fd6d1ff2597d64041fac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28009
x-xss-protection: 0
server: sffe
etag: "1245 / 319 of 1000 / last-modified: 1655217810"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame FF5C
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

21ms
21ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

GET
H2 200 frame86.php Show response
video.onnetwork.tv/ 277 KB
63 KB 56ms
56ms Fetch
text/html 37.59.253.100
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://video.onnetwork.tv/frame86.php?id=ffEXSc516b2740e3744201806cb0f2c1e2ced1&iid=1655237463538&e=1&widget=686&onnsfonn=1&mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA%3D&wtop=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&apop=0&vpop=0&apopa=0&vpopa=0&cId=pid1655237463538

Requested by

Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.59.253.100 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11.eris-h.of.pl

Software

XO.webservant /

Resource Hash

84c8c73872a6400ed7405cbdf56d937a64d1451bc855b22a69aced165547701f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 14 Jun 2022 20:11:04 GMT
server: XO.webservant
date: Tue, 14 Jun 2022 20:11:04 GMT
vary: Accept-Encoding
p3p: CP="ALL CAO DSP COR IVD IVA PSD PSA TEL TAI CUS ADM CUR CON SAM OUR IND"
access-control-allow-origin: https://fornoob.com
cache-control: no-store, no-cache, must-revalidate, post-check=1, pre-check=1
feature-policy: fullscreen *; autoplay;
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
expires: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ 126 B
330 B 29ms
29ms Image
image/png 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1655237464292&d=9182&wsc=00&typ=embed&mobile=0&c=40
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
last-modified: Tuesday, 14-Jun-2022 20:11:04 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ Frame C7AA 140 KB
38 KB 22ms
21ms Script
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 14 Jun 2022 20:09:05 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 19:19:58 GMT
server: AmazonS3
age: 120
etag: W/"915836bd4f06d8d29dfc0840694722ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9336c14434e205e440418213079c6074.cloudfront.net (CloudFront), 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
cache-control: public, max-age=3600
x-amz-cf-pop: FRA60-P1, FRA50-C1
x-amz-cf-id: EC_kfhtCq2fIze0YONjLIScxQ_36qgcgRGozjAC5iiGVh5GftFFn2A==

GET
H2 200 localstore.js Show response
script.4dex.io/ Frame C7AA 483 B
552 B 30ms
30ms Script
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/localstore.js
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630672
x-amz-request-id: txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2: txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified: Tue, 10 May 2022 09:57:32 GMT
server: cloudflare
etag: W/"922cffdd75f7192f75231d92684885aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=92rNRiShki7n6Da2%2BsN9ewLwnD7%2BItF48Zyc6Ev8rhx54F0jqeq1zbemh2PZwuuIDgr9qy5RF8XH%2Bt7TfMekAJAyE0htiJ8WpdtXWp6vYRW5tRXztohihbBEH%2FWOH3M0DKhoY%2Bd%2FF2kNpTRP"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=1800
x-amz-version-id: 1652176652152482
cf-ray: 71b5b687f9089016-FRA

GET
H2

200

sid Show response
mug.criteo.com/ Frame C7AA
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1
https://mug.criteo.com/sid?cpp=dUb6K3xjY3FOa1ZZWlJheTF1d3o3RkJTZ1pVUHZCV0tkeTA4dm9iTzNzSVAwZlRueHpyb0xvdlZ1TkM5RG56clJ2V05IalNWaEw0V2ZsdUsraEU0ZGFmZFVta09jYnZiT0w4MitnbmpaSzZZTHdlbVJUV1BxTzRnQzE3UW...

350 B
617 B

103ms
54ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dUb6K3xjY3FOa1ZZWlJheTF1d3o3RkJTZ1pVUHZCV0tkeTA4dm9iTzNzSVAwZlRueHpyb0xvdlZ1TkM5RG56clJ2V05IalNWaEw0V2ZsdUsraEU0ZGFmZFVta09jYnZiT0w4MitnbmpaSzZZTHdlbVJUV1BxTzRnQzE3UWtIWWFkbTJtWUd3VW44YUwzR0hJZGxDODVHVnk0SEdLWG44dVNZZ1FMaE1tdHJnNEZkMWRCakF6MHRDbnFuMGRvdFlHc3ZtUk1yN2I0SDVhLzBzSUc5OUJEdThJWjNGT3NHSFU5WjNPRElLTGJpdVFOdHhvPXw&cppv=2

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

c96dda85f1fe2c1b6b3ce8e5f4b3365f4fe5cf575b37707099f4dea61c8ec49b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 3037
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
location: https://mug.criteo.com/sid?cpp=dUb6K3xjY3FOa1ZZWlJheTF1d3o3RkJTZ1pVUHZCV0tkeTA4dm9iTzNzSVAwZlRueHpyb0xvdlZ1TkM5RG56clJ2V05IalNWaEw0V2ZsdUsraEU0ZGFmZFVta09jYnZiT0w4MitnbmpaSzZZTHdlbVJUV1BxTzRnQzE3UWtIWWFkbTJtWUd3VW44YUwzR0hJZGxDODVHVnk0SEdLWG44dVNZZ1FMaE1tdHJnNEZkMWRCakF6MHRDbnFuMGRvdFlHc3ZtUk1yN2I0SDVhLzBzSUc5OUJEdThJWjNGT3NHSFU5WjNPRElLTGJpdVFOdHhvPXw&cppv=2
strict-transport-security: max-age=31536000; preload;
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1688
content-length: 482
expires: 0

POST
H/1.1 200 481.json Show response
id5-sync.com/g/v2/ Frame C7AA 213 B
618 B 22ms
21ms XHR
application/json 141.95.98.66
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/481.json

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

141.95.98.66 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3216537.ip-141-95-98.eu

Software

Resource Hash

9425597740686f23e0f3327713fe8efc78362dd6dc20ba88eb125177d71e77d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding: chunked
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=UTF-8

GET
H3 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame C7AA 81 KB
27 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ade0d63de839a8d599ec7c7b550dbd83589a2cf1a02126080953b046e24467c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27876
x-xss-protection: 0
server: sffe
etag: "1245 / 320 of 1000 / last-modified: 1655217774"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 14 Jun 2022 20:11:04 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 35ms
34ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Ffornoob.com%2F&domain=fornoob.com&cw=1&lsw=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1572
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2

200

usync.html Show response
eus.rubiconproject.com/ Frame 15A7
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=pbs-setupad&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu

281 B
410 B

21ms
21ms

Document
text/html

104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 233
content-type: text/html; charset=UTF-8
date: Tue, 14 Jun 2022 20:11:04 GMT
etag: "402b2-119-5d32342a551c0"
last-modified: Tue, 14 Dec 2021 23:07:59 GMT
server: Apache/2.2.15 (CentOS)
vary: Accept-Encoding

Redirect headers

access-control-allow-credentials: true
access-control-allow-origin: *
content-length: 0
date: Tue, 14 Jun 2022 20:11:04 GMT
location: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
server: AkamaiGHost

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 154ms
42ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 9F91 721 B
587 B 113ms
55ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mWmxPVIOAmeFucBgvAF5NEMercubOEqgA4Bd502ZUdzSXPsrU4uArGufpM4WHjiK%2FqonOil5LMN30NjwNlwbVlISyteyyIlf9%2BXN5h10CT8WDoSIlv0m7%2FH37AT2VwT560XIV4puHKwhDT6CYvPggMRsM5dt"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b688785d5c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 9F91 147 B
431 B 149ms
93ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 36bd834a4b08c83d7144c0e2aa8cc107943883b85163dd2f0d5866d7bd39669c

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AV17dz65BmJGKeUbzMjGW8p3PpYGUTLWoe8Ag4Nm4I2moDzLSRsFiD%2Fn%2BUBkmibzJ4NZdjrbsUGFQR5yH3Q2G%2BKF8vt6CMYz8wsCspF5e%2FeH0YfIWlmx1hgZUFEC6uyAWAa9I5%2B%2F9B%2F1B%2FJxvLkClB8JtoZv"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b68878615c80-FRA
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 9F91 15 B
358 B 78ms
22ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 9F91 0
320 B 99ms
33ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 3
vary: origin, Accept-Encoding

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 9F91 0
110 B 151ms
81ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 9F91 144 B
1 KB 78ms
22ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

a9c20e5086d03a51bf6c2bbff2467d82398aa2b636c7c26dd560ac1594a67f8e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2903001e-ac8d-4da5-989f-c5682b8dca53
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 9F91 114 B
595 B 149ms
49ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c38eb89834279bd1bb42d2478ef7297a7a7cea0b8ca6ec8952f29e5c3cf51bb

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b688cf34697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 9F91 171 B
558 B 223ms
94ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 9F91 0
156 B 97ms
34ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464334&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 9F91 0
406 B 132ms
41ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 9F91 0
213 B 108ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=99153966314

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 131ms
42ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame EB9F 721 B
592 B 163ms
137ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BJ%2BzfJ1VHVs7O5BBiQbEq2xrNuNP2P%2F2K%2BMkK8bBrcB3Y%2Bw6peukA84xlvI4B2D8bANoIWAauc0GXt6etaSdFTSaDdC5dYBq%2BYrCsrW%2FDU7oKvPHxgULpo3oBApU6FSJKV1c6j6S8BdHH%2F5e66tCxNLSjKXE"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b688786c5c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame EB9F 148 B
408 B 220ms
195ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f4b2bb52207f7c0f256d646185d980436e5c9494cbf35df324558c854bd9acae

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QKBpGcse5Ne2RXaU5mSiPKKXFvyUmCvvIrwq78qDI819hc6atZ6%2BXa6Fw6WPcxPpK%2BqZ2x7wRyMcNI9kcoWIEhqUN%2BYVaJYuNRYQYaZK07iQFC4xQOg6KpCHx4WjzaBW7KCESeEmtrU0TFWNsYJhKu7MP1K3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b688786a5c80-FRA
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame EB9F 0
111 B 68ms
27ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame EB9F 0
405 B 170ms
81ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame EB9F 144 B
1 KB 136ms
92ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

6e68531cfa332cf10eaf34dc082f812c041c767c38dd7da38b541f4c7e83e26c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f2e740c5-c339-4375-9348-26f367196f02
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame EB9F 15 B
358 B 46ms
23ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
hb.emxdgt.com/ Frame EB9F 0
155 B 81ms
44ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464360&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame EB9F 171 B
553 B 204ms
103ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 prebid Show response
mp.4dex.io/ Frame EB9F 114 B
191 B 126ms
55ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f853d75b876e0d9df285486500daeb5a35f838b6b04be4c3a7063e3ebb836ce

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b688cf3e697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame EB9F 0
439 B 66ms
32ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 3
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame EB9F 0
212 B 82ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=64609081066

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 110ms
43ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 19E8 721 B
896 B 61ms
53ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pp1%2F1v9U%2FIQH1ctLtCFBZtmK3s2X9I0TIGXwwW3sz3ZsqrFcY7YSFgQ5sLFF4lLcujrn7onKGHpR7AsHpLEnnDSR%2FZZXaQgmc19RqyXt3NODlMUXoD%2BDWew1%2FlqbH2DER6GfKluO31wOnvZfXE2Bv5hOU8VB"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b68878675c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 19E8 149 B
426 B 238ms
230ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0993db6476ecf1f3f29f8b1b4483ac33e814a918145b682736a39c8523e4138

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R7xcqCvG30mBhMrLdPn3nSQhwC6sQcE1cWwkm44%2Bf6Psb57AUCkgN85Dxm6rsyMon2PS46aM3rOAHNFstJCBNm%2FYWKAOGM%2BhoVjNxluqijKA2HtqTSOBmzi2pEE2RgU2wxSYQ50HZcrg4%2FDDJrROIIpSb2Xu"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b68878685c80-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 19E8 171 B
553 B 359ms
272ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 19E8 0
155 B 92ms
70ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464376&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 19E8 15 B
358 B 29ms
23ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 19E8 142 B
1 KB 53ms
22ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e1626bbda4f21f67073e21aa2ccae36e12bce3d825e2bec5f9a1d7a3bd9ddcd6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 828b38fa-8596-4e95-9950-ceb317edd760
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 19E8 0
212 B 67ms
35ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=37550336575

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 19E8 114 B
191 B 112ms
59ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cfa767d0b2b065f8d164513fa6bc9b809ee5421fe459aa0924a45bdfe3f3ce77

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b688cf38697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 19E8 0
405 B 168ms
79ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 19E8 0
301 B 55ms
40ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 11
vary: origin, Accept-Encoding

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 19E8 0
110 B 107ms
90ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

GET
H3 200 container.html Show response
bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FA90 6 KB
3 KB 63ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: Wed, 14 Jun 2023 20:11:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 44ms
43ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame E6F0 721 B
585 B 58ms
58ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NMStFxhNhxS6l6syp2Exv9dwfxmCh%2Fs1ZIYmnoc5nAxzDUPIJRFIAVjBnlVOMBDXgVpqnt4Lo3SyG%2Bn0fSe61o5wWkI2cub5MfnhswL51lXu8mPfpQQXeAQVh55a3BzWXzQMLmVcblA4iorNAQ873jPvyIaD"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b688c9905c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame E6F0 149 B
426 B 170ms
170ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 19881860bf49c85469b509eb927872d0dc05525a572c098d8fbee7860f1f64fa

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ojs9cVS3%2FFLpOgr1YaZV5XE%2B7F2a55gleerAMNB7Uc%2BUgimoSqiAlXedSANbgO8pdb7Jc2NINpSsaSCbEzlwaDlVHHU%2B71vvWC%2FOGe2%2FXVEvvAbW%2Bw39aQTg4NAuj3cDweiwg2gMiL56kentevBwCH%2FOKd3"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b688c9975c80-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame E6F0 0
297 B 32ms
32ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 3
vary: origin, Accept-Encoding

POST
H2 200 prebid Show response
mp.4dex.io/ Frame E6F0 114 B
192 B 51ms
51ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4eb4713da5fa7f680360728ab61bbf31314d36eea27df685b4c8a00a2032a95

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b688ef69697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame E6F0 15 B
358 B 23ms
23ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
hb.emxdgt.com/ Frame E6F0 0
155 B 52ms
52ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464443&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame E6F0 0
110 B 26ms
26ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame E6F0 171 B
553 B 162ms
103ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame E6F0 0
212 B 35ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=52009879472

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame E6F0 0
405 B 168ms
79ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame E6F0 144 B
1 KB 30ms
30ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

b8eaa29a8ad7652fd0c5fa402501d953be3ccf84d0acaa91f50a875725271ec0

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ebded577-1d37-499a-a3f1-281448ea4686
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 41ms
41ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 3552 721 B
592 B 41ms
41ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dx8T1WN%2FLdGcXtKgFhg7qiPpQ%2BY%2B%2BuP42ujt7FAbP6%2BxcbcCg%2Fw8agrDVNsFikqdCCNPx2lDC53OoXy29kiukwYD%2BIrUqr6tf8eJB22q3xt9OUIK55oDMYvcUXigSBhzp4NwhHzELbt1E20W9V3YUU63YNzU"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b688d9b45c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 3552 149 B
416 B 258ms
257ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3af17298b972ad28243be32d403416961521f49e7609b5404b25363b4e81458

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r50X%2FzuZHOwODLrMRd5eAjsHG25MTOd5z49wWJ4DPfpNq8FAtyKgJ1LPJ7zNNQXBf3Ct2Fh6eTsAGSuDO1Xfj0yLEqZF28wj4PY8jAaSatTOw0jhk%2BCS7qachgBIFXB49LTQ%2FhgDKWuewNf5NMEbF%2BNftEAn"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b688d9b85c80-FRA
expires: 0

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3552 171 B
553 B 155ms
97ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:03 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 3552 0
299 B 29ms
29ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3552 0
405 B 167ms
79ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 3552 114 B
190 B 65ms
65ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93130fd9f51a7f30f95b7da69a5dea71938e408fc806a3606bb3ca19d81a7719

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b688ef72697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 3552 0
110 B 25ms
25ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3552 144 B
1 KB 21ms
21ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

901d17d42540b1e280068ab9019bb0b5fa4ea31a2711a9a4ce89756d78a5f55a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5b4156b8-8016-4847-9022-970dbe6a2020
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 3552 15 B
358 B 24ms
24ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3552 0
212 B 35ms
35ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=47173812884

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 3552 0
155 B 49ms
49ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464456&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 06DD 721 B
590 B 39ms
39ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYud8i3vVoUhgv6anAWXuSOodI8enrJcp3L%2FGQcYtozW6tB7bVMYmp7o6yAJE64qiyj5FLtR1bNggc30jML%2Bt1AffdHhmD%2BO0h%2Fe1VZOrx2my5Wh2v3JlCNl3XyfP%2FRUoTqQQlzPQYSDlE%2BaWwXLmnK2t0ZD"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b6890a1a5c80-FRA
expires: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 41ms
40ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 06DD 150 B
656 B 841ms
840ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 55ba12b47b52c21d5d80f68e449c36ac92dc565796679a44cf84c6a274f592b8

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kH6U0AKQRdlynkg0brlYCkeriBrwScIwSxYxWbHBFJsjlJs2uPX4df%2FuyetB76reKdtibwdAaFASkiZrVbKPipQyz3%2BudCeU7WcsW5cr3l6rAnkK45lSlM84blWAE5grXq1QGFK8fCuwv4oWpAU%2F3mrWHzqT"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b6890a205c80-FRA
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 06DD 15 B
358 B 23ms
23ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 06DD 0
155 B 77ms
76ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464480&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 06DD 0
110 B 24ms
23ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 06DD 171 B
558 B 262ms
200ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 06DD 114 B
191 B 47ms
47ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98838b900c5ec363b2e3118cb2a86dd88d0752c409e153ed98f2a4392ec7bdce

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b6891fbb697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 06DD 144 B
1 KB 22ms
22ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

2e25e7126c4a804c5a841032a3c97ea2da2ca3e5bd63ac4b17cb93a3022d418f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: fc11aa9a-4d36-4e3e-ae70-9328201add60
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 06DD 0
212 B 34ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=30924759116

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 06DD 0
299 B 30ms
30ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 2
vary: origin, Accept-Encoding

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 06DD 0
405 B 139ms
81ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 186ms
28ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1591
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 186ms
28ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1128
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 184ms
28ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1082
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 45ms
45ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 3D0E 721 B
593 B 49ms
49ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JjsZmDJrEWftAE7WH%2BiWLZxa5Ky4xZoL9VUtB6UrH1yEMJ2wAA%2Bw8K6C5JkIkerYzJxd%2FfM2SR8LhGzkq8MzHA2y2oLmBrvhZNRmV%2BJblJpE5e3wNsHF79aelTPBHy9P4%2FGVGQBkUY%2Fhh2oPRpMYWWjG4UIG"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b6895af05c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 3D0E 148 B
423 B 127ms
126ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c9f63e924d317f2a02250206b91191ec97c20f8e83c99c9e6c6ed345056baf2d

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSzTNZgzo%2BDkaDBSOkDohRHItbImFyG8FJgWRgLLsBGjrrNTUoLQ25Y3OfJA8BRChUGy0O20ZO8x2zB8ExyNwKbr%2BSJcLfyFZhb1c7LPNsQgIZ8AxQnpiwH8e99YaDYehAwJHglVBwBW3v6AKCjV355OAM%2F1"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b6895af75c80-FRA
expires: 0

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 3D0E 0
297 B 30ms
29ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 3D0E 0
212 B 34ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=64543426989

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 3D0E 0
155 B 58ms
58ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464529&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 3D0E 114 B
191 B 59ms
59ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae45a82c8465439bbce0246ace4b443cb6c09463e902d92249c2e4dbaa1be5dc

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b6895843697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 3D0E 15 B
358 B 26ms
26ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 3D0E 0
110 B 24ms
24ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 3D0E 171 B
553 B 276ms
250ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 3D0E 0
405 B 82ms
80ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 3D0E 144 B
1 KB 47ms
46ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

0f9014cb06b2893241d8f4fbe84c4b90160f01efbee94ce2030b7b4c960ffba4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 17d48cd2-d5e7-4c24-8d9c-0cd948476acb
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame 5125 721 B
879 B 46ms
46ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zEnMie74kJxn%2Fue8BTGoWRmzvwR6eM9RinzDwJrHpFYQOawgO3qXiloBEVg9NcQASg7oNyzEypvrezJGnLw5QUYOOpB%2Bo4%2Ba41KD5LWRWK%2F1AFRL9MeE17SNUMgabplE85wMis06pv58b%2B3s1NFpwfnTecsR"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b6897b4a5c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame 5125 147 B
413 B 126ms
125ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a2329e37b1432b95003bffaf3928a19b7c6ca5fc62806f582ce7f91502dc4d90

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BeV1o7CfbXcWEPCQZYyvOWpBlx0FSmDfz%2FYd4ftF%2Bnt%2BlTsRRjjXHI2sJu7LDH6R2309TMEFjcc7rEvfnIktcBbDjEjfQwkFbiwobpRgQc1quS2SIGONGcHOd5vwajlB4WnUxytbtB3CF%2F9QQn7Xw1cyG3IH"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b6897b4d5c80-FRA
expires: 0

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame 5125 0
110 B 113ms
113ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame 5125 0
212 B 34ms
34ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=92508099148

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:03 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 41ms
41ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame 5125 0
297 B 32ms
31ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:03 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 5125 144 B
1 KB 57ms
57ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e649771a948cafdacf833f38c173e39ba9ff081c1e337d06644982dc66af2e15

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 30cfcc12-0345-4d5a-bafc-6d124e955241
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
mp.4dex.io/ Frame 5125 114 B
191 B 53ms
53ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2b308579bbf82676930e259fb53750a3c63d29035be5627c04f338a0a6675c49

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b6897880697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 5125 0
155 B 57ms
57ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464551&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 5125 171 B
553 B 123ms
108ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame 5125 15 B
358 B 26ms
26ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame 5125 0
405 B 71ms
71ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

POST
H2 200 cookie_sync Show response
prebid-stag.setupad.net/ Frame C7AA 721 B
593 B 76ms
75ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/cookie_sync
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ch9CAiOz84mepW6DXdFQZ1GdVSgpTtjhYkS0uOdeBuz9I%2BZz5uG%2B%2FnImx7ZA0Qe6Ewu8h884jnUt3oqZpx9drJH9CBashfB%2FKUyPJMYgu2uhXFk%2Blc4lVE%2Bn93Z4g648mJwlYVL5J6fEXPYiqXw%2F2d0ITAhG"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b6899baf5c80-FRA
expires: 0

POST
H2 200 auction Show response
prebid-stag.setupad.net/openrtb2/ Frame C7AA 148 B
411 B 128ms
127ms XHR
application/json 2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-stag.setupad.net/openrtb2/auction
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b52c741e6461f67588dbc22ef3a9d6fe6f4f25f73415f95b8a294ad3364823ee

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l%2BepprzVaG42pY58o3uof4SAsRYQcogV1GRBX7ESy6vvsnDQlW8qfDrfvPxm%2FvbW%2BSBAZVNafLN1ubKVUtprUGInt1qLJvAWmIkqP8cqZjbb522haofn7bGWBCdtQSIh8nVDLuzU0CXVbfJi5OF77lP%2FQ74u"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 71b5b689abd55c80-FRA
expires: 0

OPTIONS
H2 200 openrtb
adx.adform.net/adx/ Frame 0
0 47ms
47ms Preflight 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://fornoob.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: POST,OPTIONS
access-control-allow-origin: https://fornoob.com
access-control-max-age: 86400
allow: POST,OPTIONS
cache-control: no-cache, no-store, must-revalidate, no-transform
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: -1
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 204 / Show response
hb.emxdgt.com/ Frame C7AA 0
155 B 57ms
56ms XHR
text/plain 52.58.67.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=3000&ts=1655237464566&src=pbjs
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.67.200 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-67-200.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame C7AA 171 B
553 B 148ms
107ms XHR
application/json 185.86.139.96
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.96 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
vary: Accept-Encoding, Origin
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache,no-store
transfer-encoding: chunked
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8

POST
H2 204 cdb Show response
bidder.criteo.com/ Frame C7AA 0
212 B 43ms
43ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://bidder.criteo.com/cdb?profileId=207&av=34&wv=6.6.0&cb=5728178779

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

bidder.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: Finatra
vary: Origin
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *

POST
H2 204 v1 Show response
btlr.sharethrough.com/universal/ Frame C7AA 0
110 B 100ms
100ms XHR
text/plain 3.122.214.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.214.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-122-214-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 200 prebid Show response
mp.4dex.io/ Frame C7AA 114 B
189 B 57ms
57ms XHR
application/json 2606:4700::6812:372
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mp.4dex.io/prebid
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6036ab12ff0bcad2531aee6dab758082a9d15265c5105f12b55d3065931bfdec

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

cf-ray: 71b5b689a8e2697f-FRA
pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
x-warn: Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
server: cloudflare
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame C7AA 144 B
1 KB 35ms
35ms XHR
application/json 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

915c38fa86c19ca2aa57dfbea45266fe1443272aa597e397ee858fa8a2f8ae8d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:04 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 30e21cd1-ff7a-48ff-9dcf-2c8862b8ec00
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://fornoob.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 c Show response
prebid.a-mo.net/a/ Frame C7AA 0
297 B 35ms
35ms XHR
text/plain 147.75.85.234
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://fornoob.com
date: Tue, 14 Jun 2022 20:11:04 GMT
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
server: envoy
x-envoy-upstream-service-time: 1
vary: origin, Accept-Encoding

POST
H2 200 prebid-request Show response
onetag-sys.com/ Frame C7AA 15 B
358 B 28ms
28ms XHR
application/json 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://fornoob.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent
content-length: 41

POST
H2 204 openrtb Show response
adx.adform.net/adx/ Frame C7AA 0
405 B 46ms
45ms XHR
text/plain 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to

Full URL

https://adx.adform.net/adx/openrtb

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: application/json

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
access-control-max-age: 86400
access-control-allow-methods: POST,OPTIONS
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires: -1

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame D2C3 31 KB
10 KB 25ms
25ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 49C6 31 KB
10 KB 27ms
27ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 0431 31 KB
10 KB 31ms
31ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame BAA4 31 KB
10 KB 42ms
42ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 5339 31 KB
10 KB 44ms
38ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame F620 31 KB
10 KB 39ms
38ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 7F87 31 KB
10 KB 23ms
22ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

GET
H2 200 cookie
cm.adform.net/ Frame EB9F 43 B
106 B 175ms
41ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 93ms
27ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 843
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame FF5C 31 KB
10 KB 21ms
21ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 85ms
29ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1010
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 usync.js Show response
eus.rubiconproject.com/ Frame 15A7 31 KB
10 KB 22ms
22ms Script
text/html 104.92.74.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.74.8 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-74-8.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 09 Jun 2022 17:17:26 GMT
server: Apache/2.2.15 (CentOS)
x-powered-by: PHP/5.3.3
vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
cache-control: max-age=20830
content-type: text/html; charset=UTF-8
content-length: 9454
expires: Wed, 15 Jun 2022 01:58:14 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 82ms
30ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1129
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 9F91 662 B
1016 B 29ms
28ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: Lzr0l_gVgnYiqOEOUDjJ500S8uSaWkH5OluNkf-Hum3fNt3C5-BQMg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 9F91 23 B
489 B 69ms
67ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=Z9OmbsFfx07De&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463926-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_300x250_double_desktop_2%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: CEFDJMC520CVQTEHWG12
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: BIBgotNURc_AM6k8AMK3Mf4EZaqk2W1JI7H4RvxZuzDgjt3fU2mv1g==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 9F91 6 KB
3 KB 72ms
26ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 06:46:35 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 48270
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: IbMowCYCSIYVA5DsiNKjBRhSRwgbYyuF8we532wy5Iy3ZJHLeFQEsA==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 3552 662 B
1016 B 27ms
27ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: MveUvjzQ7AKt2N1jqFKyRD1SjvwD5AdyK__l6nTRK0_ciEUBobVG6w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 3552 23 B
488 B 68ms
67ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=YEGTYpHjrJSLk&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463957-0%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_300x600_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: ND913YJHD74AFVQWNCX0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: arf1qWVtyp_VcqOpgo26GiOZ24n_WKlcVK_n9Yiif5VB0eAXY6gNmQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3552 6 KB
3 KB 78ms
35ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 48270
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
date: Tue, 14 Jun 2022 20:11:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: btgcBMs5zw-1i7mo0ydq1Uxg-qGS5L5oASdlOPibH5ha6oLoqW-Qxw==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 63ms
29ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1010
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 cookie
cm.adform.net/ Frame 3D0E 43 B
105 B 142ms
45ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 19E8 662 B
1017 B 23ms
23ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: yB1Z7rPcFo4XtVJi9CUNjRO3bzyqJ-qhMfs778zLs2CwPX6XtLwTmA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 19E8 23 B
489 B 66ms
66ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=h2UjGXO9Kc3BH&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463927-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_300x250_double_desktop_2%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 61JRJMZDYSJYMAJD7A6Y
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 80eBMgp9GGFJlUQgauqTZs_0KqvfRFSS3bHcc5wE76mLqkzew7ALfA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 19E8 6 KB
3 KB 72ms
36ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 48270
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
date: Tue, 14 Jun 2022 20:11:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: EtWoo8-alrzXYaxgJ4AscPDZP2TFpQUt_PjOLzl6K9Zj-9wlUgEOTg==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame EB9F 662 B
1006 B 21ms
21ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: Z0qKPGSmoh8R58dZphQ2Tq9KCjxa72JGQZtxe2iFvi2vHff1ItoB1w==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame EB9F 23 B
490 B 70ms
69ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=vsR7dxoTZleUp&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463929-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_300x250_double_desktop_1%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: GQHKYHSNJ5C422GAX4DF
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: EEWoxP-bUZd7fBq7pgzn4NYkipKoU5rxDYHwzNEHOMSsXZV9Eyeo0w==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame EB9F 6 KB
3 KB 65ms
35ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 48270
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
date: Tue, 14 Jun 2022 20:11:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 2kC4Lxmd0pHrsh-xTeWXb5W1-AIXej_labnOAz0DDI_yzAcjxGL_WQ==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 51ms
30ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1271
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame E6F0 662 B
1008 B 21ms
21ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: HbiVzxcqkwT1-aHlYnKFTXMU3Q19WQKLEhcvX_tzyefhD6eBxbKXNg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame E6F0 23 B
489 B 75ms
66ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=Rde3e4ykpWveA&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463930-0%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_300x250_double_desktop_1%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: YPHS1956ZF5XGAH6M9H2
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: pv5F-vd42wS_bQ-V-Xp5ezgx8TbnPsyFFlc1LDL2CVFvntyOXiBkSQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame E6F0 6 KB
3 KB 49ms
35ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 48270
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
date: Tue, 14 Jun 2022 20:11:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Yr1oHwtnmLE3hXHnfwqJkBsGWuy1gKib2r2SmzVyHXt_qHYivV2OrQ==

GET
H2 200 cookie
cm.adform.net/ Frame 9F91 43 B
105 B 114ms
42ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 cookie
cm.adform.net/ Frame 19E8 43 B
105 B 108ms
42ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 cookie
cm.adform.net/ Frame 5125 43 B
105 B 119ms
56ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 06DD 662 B
1007 B 24ms
24ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: y6Ur-wGN0gT-F3IKkoaG2MxTumWtk2kInpsErfLFBlrdInDlMAy_Nw==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 06DD 58 B
524 B 69ms
69ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=SIA9ApRDNBN6U&cb=0&ws=970x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463942-0%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%2C%22970x200%22%2C%22970x188%22%2C%22970x120%22%2C%22950x90%22%2C%22728x93%22%2C%22728x100%22%2C%22728x250%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_970x250_desktop_billboard%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: YNAG1TCNAQKN32PHH4W3
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 58
x-amz-cf-id: CKvf0mXoSpFWYg-6ZzHuBUcVM1y545ZPuxsrE1JN0PtLaFAgkaUzOg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 06DD 6 KB
3 KB 33ms
32ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 06:46:35 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 48270
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: nb4GUZc2eJMMoFK76BT3G5RcqeS27XUYjT83SQtgiHiGA8Gsqfz06g==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 3D0E 662 B
1007 B 24ms
24ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: NIE7E2-m88gKhZ99rD5p_Yl2LpgP8ttzOktHWUH58e6uIrBEzHTulg==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 3D0E 23 B
490 B 65ms
65ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=12HdfRb5BcinB&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463944-0%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_300x600_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: GCMQ4WT7WGKG54K2VMS1
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: nNOwqJXiOWXAx9wkcotAtAJyQUOyQDAtNAq7OB0WDNDyGsKgSHkATA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 3D0E 6 KB
3 KB 34ms
34ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 48270
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
date: Tue, 14 Jun 2022 20:11:04 GMT
vary: Accept-Encoding,Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: Zs0KKUywGj_YtYc3akkq4Sqo-bI5Fi1ugPLo0-AfkDFnPia2gg2gsA==

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 32ms
32ms Preflight
application/json 178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: null
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json; charset=utf-8
date: Tue, 14 Jun 2022 20:11:04 GMT
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1135
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame 5125 662 B
1007 B 21ms
21ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: wZ3_iyOnYGQR-m-mEbAvj-GSebcQPbPpb3qSiFUcvMqc-oRXsbC2VA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame 5125 23 B
489 B 79ms
75ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=JMDNoYUTmNGCX&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463945-0%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%2C%22300x250%22%2C%22300x300%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_300x600_desktop%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 12T5SK0Y31WH1C9TMHMG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: LguvQlWtPBdF7ccStuvRU53174B6Hq5SAQkz4C6jfJ8xzVX5TYvsDw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 5125 6 KB
3 KB 42ms
24ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 06:46:35 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 48270
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: IUqjPmKolHNiao-xFel5ctlhgDXjqBCzlH22gbNJlQ8FR0L9v2PEgA==

GET
H2 200 cookie
cm.adform.net/ Frame E6F0 43 B
105 B 125ms
80ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ Frame C7AA 662 B
1007 B 34ms
20ms XHR
application/json 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Ffornoob.com&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: Server /
Resource Hash: a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 18:18:21 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
age: 6762
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA50-C1
content-length: 662
x-amz-cf-id: FpnzGvzqi5eC4xqoLG_pFamX6sSG7Myr4nlSiM5LtrWikM4AfNrIeA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ Frame C7AA 23 B
490 B 100ms
95ms XHR
text/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&pid=XOqYPkNPQeejQ&cb=0&ws=300x150&v=8.0.1&t=1000&slots=%5B%7B%22sd%22%3A%22div-custom-ad-1655237463940-0%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%2C%22970x50%22%2C%22960x90%22%2C%22950x90%22%2C%22980x90%22%2C%221000x90%22%2C%22650x90%22%2C%22300x100%22%2C%22320x100%22%2C%22520x100%22%2C%22600x100%22%2C%22640x100%22%2C%22750x100%22%2C%22980x100%22%2C%221000x100%22%2C%22468x60%22%2C%221000x95%22%5D%2C%22sn%22%3A%22%2F147246189%2C22590330937%2Ffornoob.com_970x90_desktop_anchor%22%7D%5D&schain=1.0%2C1!setupad.com%2C1227%2C1%2C%2C%2C&pubid=d14c8d3d-c09a-40c7-8c08-b5d7cd1d7fac&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.93.3 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-93-3.fra50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: CKNJD9DJRYNQWDT82BAY
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://fornoob.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: B7k_k3ZEeAFTKZWhTq2dr-g6fCjoP9VNXCm25FxkHwXxIEidV5OlwQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame C7AA 6 KB
3 KB 25ms
22ms XHR
application/javascript 143.204.93.3
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.93.3 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-93-3.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 06:46:35 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 48270
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 02 Jun 2022 00:57:09 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: rJc1WQUAqhvSMPW5pAnZljyS35FriyaP
via: 1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: _AJ2rAn5UzAqn-b0Db_-uvGQs4ky3Sr2fvUOmPiNcJNKI_WTZtUotA==

GET
H2 200 roboto.css
cdn.onnetwork.tv/css/ Frame 96AA 6 KB
966 B 33ms
29ms Stylesheet
text/css 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/roboto.css
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: 939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Thu, 01 Jul 2021 08:44:40 GMT
server: XO.webservantpro
etag: W/"60dd8078-194c"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Sat, 31 Dec 2022 20:11:04 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 96AA 4 KB
2 KB 84ms
31ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2 200 player86.css
cdn.onnetwork.tv/css/ Frame 96AA 39 KB
9 KB 33ms
30ms Stylesheet
text/css 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/css/player86.css?s=1654597779
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: b951113b0c58981d9bf48f91e3d16d38541a2dd4a210c4ac563e3b1323893bd4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 07 Jun 2022 10:29:39 GMT
server: XO.webservantpro
etag: W/"629f2893-9d65"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Sat, 31 Dec 2022 20:11:04 GMT

GET
H2 200 adblock_notify.js Show response
cdn.onnetwork.tv/js/ Frame 96AA 25 B
338 B 34ms
30ms Script
application/javascript 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/adblock_notify.js?s=1655237464
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: 8e36050b3d955a749259f62d6472e17d21f1f92e8248aa28089549f22baaa4a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 18 Aug 2020 15:40:09 GMT
server: XO.webservantpro
etag: W/"5f3bf659-19"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Sat, 31 Dec 2022 20:11:04 GMT

GET
H2 200 gpt_proxy.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 96AA 83 KB
31 KB 93ms
19ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/gpt_proxy.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89f3af167e42aec60b13d62c29cb3824dec64077af943cfb69fc53b2daeb1a85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:58:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 753
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30758
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 17:22:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=900
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:13:31 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 96AA 372 KB
124 KB 113ms
39ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a113034bdbdeaa7add41b1d85d4ebb360ceab32740506bef533dd883ed1888c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126826
x-xss-protection: 0
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H2 200 hls.min.js Show response
cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/ Frame 96AA 315 KB
93 KB 120ms
73ms Script
application/javascript 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/hls.js@1.1.3/dist/hls.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 7382965
x-jsd-version: 1.1.3
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19124-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"4eaf2-/CwIB8b0ZgFLVgmQTHnomAXuiz4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4g%2B3KUZ%2Fn9Rm4Ie2JVuu9lYA6s0p7f1NPDzBro8rVzigDutTWCbv8k35lGR1EFM%2Bbotym5CxUobo2T296GWUYB6vawdJX6h0txLuTHJ7YmEtz6h80cIV2dQQvZyDKIn4n%2BpFaTCAqxFzjHX5cYs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 71b5b68aefa69b1b-FRA

GET
H2 200 player86.js Show response
cdn.onnetwork.tv/js/ Frame 96AA 107 KB
28 KB 34ms
32ms Script
application/javascript 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/js/player86.js?s=1654973710
Requested by: Host: video.onnetwork.tv
URL: https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: d0254fe2d6efa511f613052db2f49b9571cd84e6a47c066c4d906856ce265ec9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: public
date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Sat, 11 Jun 2022 18:55:10 GMT
server: XO.webservantpro
etag: W/"62a4e50e-1aa79"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=17280000, public
expires: Sat, 31 Dec 2022 20:11:04 GMT

GET
H2 200 cookie
cm.adform.net/ Frame 3552 43 B
105 B 43ms
42ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 cookie
cm.adform.net/ Frame 06DD 43 B
105 B 57ms
56ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 cookie
cm.adform.net/ Frame C7AA 43 B
105 B 83ms
82ms Image
image/gif 37.157.3.29
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 9F91 53 KB
17 KB 112ms
19ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 9F91 41 KB
12 KB 92ms
23ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 3552 53 KB
17 KB 125ms
38ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 3552 41 KB
12 KB 86ms
23ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 19E8 53 KB
17 KB 99ms
50ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 19E8 41 KB
12 KB 49ms
23ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 9F91 72 KB
23 KB 75ms
29ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P8IxXb9rzfG4HL4OPTNL6obxMNQ5x%2FOQZ4QOu6iLJqUIpJxrnwapjVUxu2eosKb85DZazFpM03LCT6YDtLd5BmFHG6d1pqjf5o%2FPxnvQ%2FyP4B1ae1XeKQ7nH%2BGT2BtSyEgBCmyrVXQKVQTy2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68b0f0890fe-FRA
access-control-allow-headers: Authorization

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame EB9F 53 KB
17 KB 112ms
62ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame EB9F 41 KB
12 KB 47ms
23ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame EB9F 72 KB
22 KB 79ms
35ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nOop2nID9hEsbKvwAmOdfH%2BcmllbJ2APfXezxyI8CMyLNgYvXVdykUpURpmE5v1tVyqAxe%2FUYEFsihufKistksNtQ8DKhhUbVG5UU5bP6ZBErHFyHNfyhiNypPCMKk5vU%2FGp89IiMhD0f44I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68b0f0a90fe-FRA
access-control-allow-headers: Authorization

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 19E8 72 KB
22 KB 74ms
30ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=10cOfJ6yFnNFwzpv9UHWBBsRHRAnmMzCwoSw89OwJ6HpVi4iz1AJq93oPIDJz80ILATPmrOKfWGv9fGMSauq46K%2B%2BD6A1zMBCE7f87nmqtuBC%2BoHhLdnGWN%2B3Um%2BkmiDQ0mh%2B0HM5a4WDJKO"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68b0f0b90fe-FRA
access-control-allow-headers: Authorization

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 9F91 368 KB
125 KB 27ms
26ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 19:56:52 GMT

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame EB9F 368 KB
125 KB 25ms
24ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 19:56:52 GMT

GET
H3 200 pubads_impl_2022061301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 19E8 370 KB
125 KB 39ms
39ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

aedd1b112e247314f7e990485858511f15d21e57885ee131e9e1a3fec0173d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128384
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 08:35:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 11:01:17 GMT

GET
H2 200 fa287546e1d5bd0678894d5c227e456c.js Show response
www.gstatic.com/mysidia/ Frame FA90 10 KB
5 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fa287546e1d5bd0678894d5c227e456c.js?tag=client_fast_engine_2019

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 00:38:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 502333
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4351
x-xss-protection: 0
last-modified: Tue, 31 May 2022 21:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 00:38:51 GMT

GET
H2 200 fe59f0ee2447b8e9119e8b7d95caf451.js Show response
www.gstatic.com/mysidia/ Frame FA90 13 KB
5 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fe59f0ee2447b8e9119e8b7d95caf451.js?tag=core/multiplex_design_v1

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

656cc0630c712d8529b289a899d657ed64427e73b4d8d35cb535d32e0188c077

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488254
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5295
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 02:57:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 04:33:30 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame FA90 4 KB
621 B 81ms
32ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 19:17:08 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 20:11:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 20:11:04 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame FA90 2 KB
902 B 63ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:44 GMT

GET
H2 200 35d715f5ee271ccac2689988d1f29c08.js Show response
www.gstatic.com/mysidia/ Frame FA90 21 KB
9 KB 28ms
19ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/35d715f5ee271ccac2689988d1f29c08.js?tag=exit_2019

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b71c2b64cecdc2df7ace9917d247a704b1c95bc7816c7da079b533a0ba211c50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 04:33:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488256
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9097
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 02:57:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 04:33:28 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/ Frame FA90 21 KB
9 KB 100ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/abg_lite_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 310
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:05:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame FA90 3 KB
1 KB 62ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame FA90 17 KB
7 KB 103ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:08:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:08:14 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame FA90 0
0 78ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ2_DDx243Z0XQTxGNLUa8S2NUyltHN0PTGXxOfpCHUdtsWpGBd17aUW6Tn2wEKLaVR8YDk-BB-uTIS6mn1ZR5sPX2QdQ
Requested by: Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame D2C3 284 B
536 B 99ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame E6F0 53 KB
17 KB 70ms
46ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame E6F0 41 KB
12 KB 68ms
67ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 49C6 284 B
536 B 93ms
21ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 0431 284 B
536 B 93ms
23ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame E6F0 72 KB
22 KB 31ms
30ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uSCqWSBp6gY0TSb4U%2FplfOh2mzeGCWBRaBxF6XGlFOCYh%2FjWeh3ziJ4OSpSlOWd1s2H8zzpIleh%2F25xc5H%2FAgOqQ01LpnPN6cfdzIRjZq%2FF6RLgjzqqKkvHDkzM%2BJ8dI46uqNpuXU9uahjGh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68b3f4190fe-FRA
access-control-allow-headers: Authorization

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E6F0 368 KB
125 KB 34ms
30ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:23:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 19:23:09 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 06DD 53 KB
17 KB 68ms
64ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 06DD 41 KB
12 KB 45ms
43ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 3D0E 53 KB
17 KB 65ms
64ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 3D0E 41 KB
12 KB 62ms
61ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame 5125 53 KB
17 KB 65ms
64ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame 5125 41 KB
12 KB 62ms
62ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame BAA4 284 B
536 B 87ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 3552 72 KB
22 KB 31ms
31ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xGDAC69UnYqAF2hfROzG3Vm16uh2%2B4CI8rHG6yGGsVFhezF%2FYT93We4TSbwlhQcKLD7%2B%2FE7Fq3yf4g8ajPacFEymfs50bN3NQwjOmBu7dF9v30%2Fka5D2nAsoSATFrv4Cv57%2Ft%2F6XG5wB0EnL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68b5f5990fe-FRA
access-control-allow-headers: Authorization

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 5339 284 B
536 B 83ms
21ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame F620 284 B
536 B 86ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 4cdacfaa68e4ab216fffbcc107c5b898
Content-Type: image/jpg

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 06DD 72 KB
22 KB 33ms
33ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r0bKTkhcalnc4N0zLRKfpD7Q%2FuXHcEBy83MBK%2Fru3ROI3mIgUp2OjWDZVCa%2BUjMw7rKKqvphY2HBnkLaklW1UiiNh6SJYcyDTwmD5pnI3vm3JEp%2FtMnAt5fxTaqv6WL7xiCg2KdhBJ0TTLms"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68b6f6990fe-FRA
access-control-allow-headers: Authorization

GET
H3 200 pubads_impl_2022061301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3552 370 KB
125 KB 30ms
24ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

aedd1b112e247314f7e990485858511f15d21e57885ee131e9e1a3fec0173d61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128384
x-xss-protection: 0
last-modified: Mon, 13 Jun 2022 08:35:33 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 11:01:17 GMT

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 06DD 368 KB
125 KB 25ms
23ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 19:56:52 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 7F87 284 B
536 B 60ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame FF5C 284 B
536 B 59ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 3D0E 72 KB
22 KB 47ms
43ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aLxcOE0LeQqhrv1s7F6sJR%2F2tFUSKr3GU%2FbfGCOEbx0jrf59Sf1fG3j%2Fnb3O2mS6lR%2FQRDE7em%2Fi4%2FGblH4pBk7AgUn0WvcmonCZqvmyeLBM4i0Elo%2B5%2FW2hQ0C%2Bba4JMrG5F8juZjFy%2BUcz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68bafbf90fe-FRA
access-control-allow-headers: Authorization

GET
H3 200 pubads_impl_2022061401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3D0E 370 KB
125 KB 25ms
23ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

e2f1d6c82d89c9a6c1faf7a2e83e00645a2fa1291756de19c937f275bb285090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 14:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128388
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 14:53:18 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 15A7 284 B
536 B 39ms
22ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/jpg

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame 5125 72 KB
22 KB 36ms
35ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=O1abHzPOEiraDtA%2FuWSx8YWJ%2B3ArwvRXp8G95rj9mL6lWJDkVj0FtNLAV6n6MzNlK2fagFPYjxAxMktzqcwTtDRvCXfV4XkO7WvrsQhIueP%2Bj%2BOhGDdtpVpmvJR2%2BorSUgkO6rzhUYc5Ymei"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68bbfc490fe-FRA
access-control-allow-headers: Authorization

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ Frame C7AA 53 KB
17 KB 29ms
25ms Script
application/javascript 23.206.210.112
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-206-210-112.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 14 Jun 2022 20:26:04 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ Frame C7AA 41 KB
12 KB 24ms
23ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:45:36 GMT
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
strict-transport-security: max-age=63072000; includeSubDomains; preload
accept-ranges: bytes
content-length: 11494
x-request-id: 662241607

GET
H3 200 pubads_impl_2022061401.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5125 370 KB
125 KB 22ms
22ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

e2f1d6c82d89c9a6c1faf7a2e83e00645a2fa1291756de19c937f275bb285090

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 14:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19066
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 128388
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 14:53:18 GMT

GET
H2 200 adagio.js Show response
script.4dex.io/ Frame C7AA 72 KB
23 KB 31ms
30ms Fetch
application/javascript 2606:4700:20::ac43:4bf1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://script.4dex.io/adagio.js
Requested by: Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:04 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 154230
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-request-id: txe5c727c49677489183f3b-0062a68a10
x-amz-id-2: txe5c727c49677489183f3b-0062a68a10
last-modified: Tue, 10 May 2022 09:57:31 GMT
server: cloudflare
etag: W/"2430496689c00115831347992a974246"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8xOf5vSW%2FbqDo5RlICH5AEfVwUhHyAf%2FiJKnBboYLdawuH5WULSyO%2Bo9sQ%2Bsm02kq%2Bs8mrxWJAsP%2FLoR78L5a2IuO2Tl%2BEgDKIZ7Sx5%2BJkAmnuq7Hb%2Bs2lZyEs1SyghdZqMMBwtbRBHHeLhx"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=1800
access-control-allow-credentials: true
x-amz-version-id: 1652176651393042
cf-ray: 71b5b68c080990fe-FRA
access-control-allow-headers: Authorization

GET
H3 200 pubads_impl_2022060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame C7AA 368 KB
125 KB 22ms
22ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:56:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 852
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127664
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 08:36:59 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 14 Jun 2023 19:56:52 GMT

GET
H3 200 container.html Show response
bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F6C7 6 KB
3 KB 20ms
19ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:03 GMT
expires: Wed, 14 Jun 2023 20:11:03 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame EB9F
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

44ms
44ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GaLHp3DYnjjcW6fTiNg4t9rCF%2B9FPw5Ynst3XdtAuYhw7FbgKmbchH4ovE%2F9QHZa1atMOPDK7w3%2B3LXi%2BO7Qkr%2FQ%2BBQHqtbIaxqaUIeyUbLbAGXFa54pVID4h2yVXgf9IRpOD0Fs8A1VXRCSFQfnzhOjXqT6"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b68e2e6b5c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 632c93c4-7c13-49ec-90b2-22c263d846e5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 9F91
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

39ms
39ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LLehqGcGUaSeIbLfEBz%2BFTUsXn3pc5f7GpdRf8Cv4SpvzBouRFc%2FsV7ZCdj%2F25O%2FIo3Lm5WD9mMDm6%2B7hPhAwO3eAyMf%2BHAW%2FqjWn%2BhgaMkHv4kdyxeRL4OaG60lsgJ%2BdvlIyZTNxzJLakGt4Ss4j5eK6%2Bl6"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b68e2e685c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1e742dcf-af43-47ed-b979-44ee2833ba9a
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 19E8
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

39ms
39ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZfOnI7IJhWP8HCfDbHtQCVHAliikmR8ReNR8Ym1%2F1iCOO5FSUW6rS3j3khOkffDDi3u86a7q84z289t6V%2FEjr8a5sbmiZRPyQPoPUS7uW7M1TYZY306o1xUvRjpHGmiz1DLFxpKSjdGvC%2FlEInAAovJIZ2LF"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b68caab95c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 83f8ea85-0a24-4c38-a784-b6dee6c76a98
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 3552
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

46ms
45ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i2ytJo21X2kfDefMN%2BrkxnlBUWCUmFBsoyz%2FuBYwdb1y8NzDQUGtqpV4fGbPSrdJBGX%2FR5DkUcfXSA9pZxyfiDCXndQv1BnmmxoMoUyt9G2%2BCXKN953MhQ5jGdpeP0RPj6NmTyl3VVSRid3dKx7OlxqJRMkA"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b68e2e635c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ba9daa4c-628e-4ebb-8a12-bfeb9e773798
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 3D0E
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

45ms
44ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o2rpBYyDGsJmAJTh9Bld%2BmxX8J2N5bPZwNtGXLuKFGSXs%2FU91hBtS9N4yHdi137p5STwpmAFxBAyb0SAL2LvvSJBCcOfFU4bzHhfDQaxk0w6mwzJpYTFWbu674Ad9bj%2FE4XiL8eCiUV5RINiUUAOsiuRL3Q%2B"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b68e2e6a5c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 8888dc81-7546-4492-970a-d0a7d4d2be3e
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 5125
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

59ms
59ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQCRXN5YI98urOSBdVabGlEkT3%2FwV3b7wPsl42cyEK090xwxSLHNLq%2F2s5uA%2BXAOqG2HFeffPFMc8zfdnz88S6y%2B7N8u7fhI5H7bu%2FDC%2Br9v5naqxoUzePRLfRDR3D5PwZGSEhDiZPVtVfvS%2Fsz7BUVN%2B6Lf"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b68e2e6d5c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 7c54082f-7aee-4682-922b-ab3f44ac2cd0
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame 06DD
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

36ms
36ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ut06vx%2BZpTYalbxwyPU2Na6o2PNeII21b0%2BjbPqrwT%2FD%2FtkSZGeqN8bkj92yuP6vNRQk4Dg%2BPV5Ha%2BN3qPcPtAC%2B5gpBj2zIkqm7hXA8BphXX0j3ZfnyBua3OMCbDH%2BEU4HwhgLkobikOGLmGFdta%2FS2HAFf"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b68e3e825c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c3e4d668-6b34-4851-a1c5-1c293cd6f20f
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 cast_framework.js Show response
www.gstatic.com/cast/sdk/libs/sender/1.0/ Frame 96AA 36 KB
12 KB 79ms
37ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12390
x-xss-protection: 0
last-modified: Mon, 06 Jul 2020 23:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type: text/javascript
cache-control: private, max-age=0
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="chrome-dongle"
expires: Tue, 14 Jun 2022 20:11:05 GMT

GET
H3 200 cast_sender.js Show response
www.gstatic.com/eureka/clank/102/ Frame 96AA 52 KB
15 KB 243ms
201ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/eureka/clank/102/cast_sender.js

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15092
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 15:13:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview-release"
vary: Accept-Encoding
report-to: {"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type: text/javascript
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Wed, 15 Jun 2022 20:11:05 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame E6F0
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

86ms
85ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2F1jm5sCC%2FN%2Fefpd8uoqmuMT1Fe%2F59IlACOJuaUWr5DWq9UCgW%2Fu%2FNSHB%2Bw%2B02u26egYsSAop83z4K%2BNHaseunuOskz3qeZ3DLDZXSBdgYcbMvKSPhmBqTTopkBKoE7hidHpbWKV1PhatlZCBR8DveKluTUU"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b6900b215c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1f906b7d-2f39-4edf-a031-ca8ab41353c4
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

400

setuid
prebid-stag.setupad.net/ Frame C7AA
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D1%26gdpr_consent%3D%26uid%3D%24UID
https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304

36 B
36 B

41ms
41ms

Image
text/plain

2606:4700:20::681a:9b2
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2606:4700:20::681a:9b2 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lgBMpmlhM5Ww5iJywBw%2BP9IIEI1PfP2Y88tJAP0EPgrVdS8BDX3v%2BLdYXSjNzWxuIS2DAX9tMT3322zUJtNMJGPTdL%2BkvzgRAFOEVb2YDf7tTvRxq3Jn%2BkelkBxLlEVw05ke5myndUzqK8SI1wbVL1KzBSiW"}],"group":"cf-nel","max_age":604800}
content-type: text/plain; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
cf-ray: 71b5b6902b625c80-FRA
content-length: 36
expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:05 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ab2b9156-4c3f-4f81-9f70-a35edbec2e55
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 49C6 0
239 B 134ms
23ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-eu.rubiconproject.com/exchange/sync.php?p=pbs-setupad
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=pbs-setupad&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

GET
H2 206 black.mp4
cdn.onnetwork.tv/img/ Frame 96AA 3 KB
3 KB 51ms
50ms Media
video/mp4 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.onnetwork.tv/img/black.mp4
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: 33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c

Request headers

Referer: https://fornoob.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range: bytes=0-

Response headers

pragma: public
date: Tue, 14 Jun 2022 20:11:05 GMT
last-modified: Mon, 19 Mar 2018 19:13:39 GMT
server: XO.webservantpro
access-control-allow-origin: *
etag: "5ab00be3-ab3"
access-control-allow-methods: GET, POST, OPTIONS
content-type: video/mp4
Content-Range: bytes 0-2738/2739
cache-control: max-age=17280000, public
Content-Length: 2739
expires: Sat, 31 Dec 2022 20:11:05 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 96AA 56 KB
56 KB 62ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: cdn.onnetwork.tv
URL: https://cdn.onnetwork.tv/css/roboto.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cdn.onnetwork.tv/
Origin: https://fornoob.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:57 GMT
x-content-type-options: nosniff
age: 548
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57116
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 23:13:54 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 14 Jun 2023 20:01:57 GMT

GET
H2 200 13838690891841340653
s0.2mdn.net/simgad/ Frame FA90 159 KB
160 KB 88ms
22ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/13838690891841340653?w=400&h=209

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9d51c6bbb549efe56f1c77914c7dd0b49f4ad7e23a5d68d6d0f43be67c788e9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 16:49:45 GMT
x-content-type-options: nosniff
age: 530480
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 162912
x-xss-protection: 0
last-modified: Wed, 22 Dec 2021 11:56:01 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 16:49:45 GMT

GET
DATA 200
OK truncated
/ Frame FA90 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 96AA 49 KB
20 KB 73ms
19ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 6717
date: Tue, 14 Jun 2022 18:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 14 Jun 2022 20:19:08 GMT

GET
H3 200 bridge3.519.0_lv.html Show response
imasdk.googleapis.com/js/core/ Frame E4D1 633 KB
205 KB 317ms
275ms Document
text/html 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.519.0_lv.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e211b911fd15183c0d417fc4ca7dd7251295f8c5781c883a49af2e907fd7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 209428
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 14 Jun 2022 17:19:57 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 96AA 44 KB
16 KB 87ms
83ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 200 501063_6.jpg
cdnt.onnetwork.tv/poster/5/0/ Frame 96AA 70 KB
70 KB 30ms
30ms Image
image/jpeg 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdnt.onnetwork.tv/poster/5/0/501063_6.jpg

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

217.182.102.207 , France, ASN16276 (OVH, FR),

Reverse DNS

vh11b.eris-w20.of.pl

Software

XO.webservantpro /

Resource Hash

6b26c9e246c52dc75024069661bc73482df6cca583141eb3633a6b57aecf7fa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
last-modified: Tue, 09 Nov 2021 14:12:43 GMT
server: XO.webservantpro
etag: "618a81db-116bc"
strict-transport-security: max-age=31536000
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=17280000
accept-ranges: bytes
content-length: 71356
expires: Sat, 31 Dec 2022 20:11:05 GMT

GET
H2 200 a_cnti.png
cdn.onnetwork.tv/cnt/ Frame 96AA 126 B
330 B 55ms
55ms Image
image/png 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cnti.png?ts=1655237465&event=plimpression&d=9182&vs=0&aps=0&playerVisible=0&mobile=0&acount=0
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
last-modified: Tuesday, 14-Jun-2022 20:11:05 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntg.png
cdn.onnetwork.tv/cnt/ Frame 96AA 126 B
330 B 53ms
52ms Image
image/png 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntg.png?ts=1655237465&d=9182&wsc=ag&typ=embed&mobile=0&c=23
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
last-modified: Tuesday, 14-Jun-2022 20:11:05 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H2 200 a_cntd.png
cdn.onnetwork.tv/cnt/ Frame 96AA 126 B
330 B 53ms
53ms Image
image/png 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntd.png?ts=1655237465&mobile=0&plc=5&time=14&website=9182
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
last-modified: Tuesday, 14-Jun-2022 20:11:05 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3552 107 B
122 B 75ms
30ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3552 107 B
122 B 75ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3552 17 KB
9 KB 722ms
722ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1029710552979205&correlator=3028668732294563&eid=31068019%2C42531608&output=ldjh&gdfp_req=1&vrg=2022061301&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_300x600_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C300x250%7C300x300&ifi=1&adks=3509075942&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465205&lmt=1655237465&dlt=1655237463910&idt=1274&biw=1600&bih=1200&isw=300&ish=150&adxs=1220&adys=2540&ucis=23z5374z35mn&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=1857759529.1655237465&ga_sid=1655237465&ga_hid=34717240&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b8396e32f176e55cf7e3da0db94471c3f6830865b9c19ed479fba7c96feb697d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9604
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4092 6 KB
3 KB 65ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame FA90 0
0 60ms
59ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cy6kkV-uoYvWrNpbF-gbqxJiIDbfCgc1phZzH14MP8C4QASCN5L0pYJWyn4KwB6AB6-eVpwLIAQapAruI7lF1ebE-qAMBqgTmAU_QqXdHfB88LVmKr5ENpOIPr6en0HVuly3AqF3NBCmh1_Plv07vpMUM6NQbSxlkIAT1lCZ9SXTnysb4XmgfhD45YPmZEHkGq9v7FU5ERSaiWySRS1hhfsnMgeRBQkyh-X5Dq90CTZqEO6kqZRvl8UohZeNYcHZsR3dmVtMHrjmTTAzn9mvWFtaSCAjhAkt1zw0emt_r44-fuJSPBvN7I6K9jvK88Z5qf3Ubu28MQoLgkeaMte4zEAAiVD8RHzVExFlY5QJNsATai5PfSotGJAbTl-cU4eG9JNOdjxydguEKPRLCSHq7wASWrPno4APgBAOIBfmVi7U5kgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAf9l-rYAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcKEITeARj6mLW-AdIICQiI4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTAwNDc1NTk2MTg3NDI3NoAKA8gLAbATr9rSDsgT0ryYCdgTCtgUAdAVAYAXAbIXHgocCAASFHB1Yi03MzgzMTcxODMwNjE0MjE2GJXiHw&sigh=1Opu6b5YpPE&uach_m=[UACH]&cid=CAQSPwCNIrLM-nWhslzx0pMvV9UWR3s6eIDfT6eyq6zGhLfyH2JRyXxFprULNpAuWSDcaeJFvmhcf_SUCmoipi5pUA&template_id=509&vt=10
Requested by: Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame FA90 42 B
760 B 93ms
42ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-ArTOqu8ZMiOritjYgXrTcz-diZRVsfySzY9dCV73c_Bmyyrjap_ONwIDlK91usA_qXn3zwKvWpVamDRyB7_tPHEXhTHFZ2LImO8nkAphteakq_qgplIS85qcpTidSyDX0g1G4AOVuiucXpk2OI0jvOLJNvPQ&dbm_d=AKAmf-AVE4QNNIi5edMYhDUT3z32hPgYAXKZqPJY1dIe8cWMd1VuxjjAVpRNJFmYSsSuzTu4inUvBeR2ALAqlY_eQ98wfPvnfovRmIwsNHicW_oVP6sFGWPKsGB5-uFHSStcYfM69dg5cf0uT71nU2CKaj6BcwMyIyYRwGKYWuTAaBOjUP_GwEkYmfqSQTuFdXeUXUFdt6U5EMLh3S52Ud-iAtL8nHHLM9_j0liCyo_KgMDUwnhAiuvuFLudevLOlY-j14WB_hb5MxAhzhe0eXANpWj7qEEs3bexdFklJck4HIFVuF2hxRJ2TzTPIpz6xsAjNXWhLArwBkdf-fe0UyE3KgEQpqqvnb_S-U9Xmp46pFZ7PyvlfCrAxtdppsK3U9txklvtQwp5w00de-x2wMFmEM6mAU-DslIOEAL9a8zVtGYmESxnwQjHjbkoHkAf9Wl1WDY3q1etOkELBfoobcovia4C2R7Sl1Y-KA6bQdJlqLcWcElMF4S2X551H-ON1uLBZrNexT4Z_o2wRqEdtzDSiKP2A9pCFMnDUTGozlt9CuKgLNyLqNTtj5PFKShFvFQe2Bk17FhETaSyCPnMAwgOU_2vO-7cJ6C8MROVocW3BuC1oU3Sc6A9ihFNSoarW2dFc_DWdKPKIxAeAwzpMK2ej_3jfUenCrQVzVCl2c1Q4Ztu5ka0f9TtCBA6nHU1xlxPXGsXFKUUErSneloS6R0k4G8DfWRWg7wyDou0Ml9LKKVT4u9h80138zyrDFkMdeMo-BE5IsGX1ZMD0zOpLllFMA2zGHrTG4TGAixwDuRppowP_myWe6Qlip5gsY6vzqyb-qOp4iH1eCeHOznMKW16TDECUR2_oxmAlGkYE39AFlMtwV82UkTzFPf6DxwbRtGzA7BUfWEOKi-voyicCiY3UVQHJEQ_hUHE4r_GH0dCBdE44Ktb3cBgSG1b4ux6QHwMKnjQxrZ3LKLziXul-Q0dnRcevmSKqRPWgYMqPi9k_kdyi1_KVcYTXsneHRJ6ya9Pzx1n-WcOqH9zEdK9pqhbHtHTvyoLqt4ddKSOdpv7NYk41d8UoDDcsbTWIXycXL7Kd-FKauSsF6u4DXwLB3Qn7HmFWMEOS0DQHLs44aBSA-Ni5JHj9BNjmCZrYPVcA41eCCgVmsGMEPdc8INvWjTqRFCLk6lEVabCTqT1aWbi9gb407xFH5nIKEGftoi7TaxgZBAPd-8NnZzYtGMDWxMkccoO6a5Vjh9aCf296e-H5feJB7_9izHBK4d8zNWeBU1Rn86e_IPLiog5Wx9SQRuQOS78XtODNjRcu7sgccZxDUDpA2jfQJfFO5r9lkXeOZdi-B_sAihSO0oS0MrjekzBaC9b3erZeCJ3drqazOYKzXKbGw8oI3dGqMy-9iSXJG7rpe7JeIBiBP8wrKNAKv_yEQ4n2G2Dgego6TV5S4ipPv84_atMAv0B96f9ORrHpiuZGk52ErVqtOmgkvNZ2nFvVyYo7reOoMo_mh_IXAIhk4WxAI8XIbACof_5SL3Q2iHCN4SJraaBpm-wKwkiTvccto4Utk6lHZaPLTMwIK-UpL9CSnXLopsQrjD9EPWzjyrMMQhZ3OLuOrMbxA7bQdr5tx_EDeK1XqlsLng8KUpObAiu3EkznX2nSZkYvDTE7PBk8AePgTU-QYXwNI_xGiaILXAnZtp6OZp0TVNy6vq3TTdF2tsFPB6ahtutGLQjCCo7mmPkJTsP16vtWujXzOzWr4INxefsOxXGv998yj7BCX88SI7y6Yzkt2Si_7KyiId7aQHNjBbqu6ek7v9oFNVdmHaGxgM5hpJe_jl6z1wG8Ng4FgTlo1MsmpI5OWayndPVPO7pZ79vJMwX7AVu9ndfP78eqVyA8KfL4CA1krbg_fJ7SWQXSw2TZwiQCNou_5YGYhE1r6t2jLwx2jrHOQnGt7vDtHLg7U-gFCRcvoOF3rQrd-pCje925_58YnJbXZocBANi3arWqL_zyNGoS1SgEJy-NFiL0Q1iONpJ2YFYfb4KprJoxBnyqBu-fRMu4NWsTq73OxvetF5wytM0A02za8mRW2dKILy4aaDHIIDct78ubqNVPh68WyC-KLD3oe7mVkvXAXGCgmQkNrCc7bpPcV3D_D6J5nyHNPMpnBwFdK11S4qtOaB3m5bcgf5nuA7vXOvNRfQQbzBMYP7we7Ss9OP-PQFNVWvjqkvBCzuBBbIFXvHfI71yZJcaeSFU1AAVysOCPqQ7k9YuOjxOWOkg05YuaCp6EGq_7Dlw2ok5-O5R3tdLj5yOgOSGc-4ZqOMZOYTqJs24Fy87GmDOgX2uUiQeF45aI69v9aWVtp-z3NqMp046NWavAvFl05NUODYdKqOMPxW7kEFOvydofLTXW2qZkG-z_-J0LcMVe4FpMiHCG5rt0dfLQYzsoJbRY6g9c9QEl3M4tMr0ryYMUvsCGkvT7z_jgaWmYPaPyX9GCqGcaJV7HutC0cTSassftDfjghwOY9J0jG_uLAC6znpyWsBGarS_eidf-Aldhk8rHqUyVrfmPItT0va-ARYWVubGRRZ1oNnYCkCyY7rG6OKqqyJzMHMPQw38m4aM25l6qdLQSm_e16OO0aLRmGwku5m18Y04aUQ8jJgIsgO5k0Y8HzD9KXZ4_Ep8v8nnfiHIOnfi6vUV3YZUWfo7sexgSL9a4CHTHH-Igc_xhHU7gqrUKulP_VLuFVVf8M37ApsOfp05RwEl__fMp0uDJVRgDnTyqgUEf58qpmWlPRzTnImc-LzxzSy6vBQQWdiEtQYkA0aJ0NCTthCPzawxfe2JK5hbJTvabWn4t2ridGyBz3sXqohBi7m9Yet-35QVzIgQWxg67FkI5nU0I3zSASOhvGGKVT7uUOV4-sVkZeS81R4RachvgBL_rBBhKVn5TnksCkpMp_NMyjmI4EYnOqM9FE9bJmy07PItaKZMzf_DHByB4o0XCZYQEZ6c0XWwXRefvtVlKdbSKzbZkMt9Gx-F_aR4JB_EVA4UMLBVn9pBoMWDVvK8KbkpdSmOfBEbdt8Q7ydEfZiSCRL1Z7mFiU_EERn2ZZnleiEEJXkAPItmBcSM0GokZpHz61nC16v3wGqncpZ-2wXsH9aujmjgVpyrkaWuLlUAi7w2XB6Z3S9limVwQk4npoI1oPqaQw0n6eayD61em4-H3Chtxj_iSqY9aufVbHY70BYS9tgssL8OGPdXg0sysCEOXD0Yq5TsJbGIXEjnJQxZBWXynJj9le-uzZtJ41EzXXxPuehjPQ6cGuMwxrOJEa14L3Mbppe69Vg-x99a-e_CNys&cid=CAASKORoPVFDdWSJEtAdiHd3KLvUxiofHMBXyFiYg608dXuOXTqpPd5V-jw&dc_exteid=432988518279878957&dc_pubid=4

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FA90 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2f1b0798a09e42873a9e18c87e1ee2c571b900f44bfa99f53501f9307989b2b6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3D0E 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3D0E 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3D0E 17 KB
9 KB 602ms
602ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=17015131854404&correlator=1886625035811827&eid=31068051%2C31064019&output=ldjh&gdfp_req=1&vrg=2022061401&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_300x600_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C300x250%7C300x300&ifi=1&adks=3509142760&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465285&lmt=1655237465&dlt=1655237463896&idt=1367&biw=1600&bih=1200&isw=300&ish=150&adxs=1220&adys=495&ucis=5x30grya8zqw&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=41089543.1655237465&ga_sid=1655237465&ga_hid=526861840&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

95c86c0247d7f48406af716b340b9822c6dfaa8eeb320f2ad2297a1f8cee0604

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9489
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B010 6 KB
3 KB 43ms
28ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame F6C7 4 KB
636 B 28ms
28ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 19:29:38 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 20:11:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 20:11:05 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EA56 6 KB
672 B 29ms
28ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 19:21:32 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 20:11:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 20:11:05 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame EA56 2 KB
902 B 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 561
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:44 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/ Frame EA56 21 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/abg_lite_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:05:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame EA56 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EA56 137 KB
42 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame EA56 17 KB
7 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EA56 0
0 75ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgSa-20YJ9Hs3CX8cuy9bj0h2yLsh1vobhdGGrgjpbvd3JNtQQslfgU57S9TV4nl0aeiJrRHnDX8K-onYs5Z4fHqzOAA
Requested by: Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 6609dd9ea225b203b979e97d717528a7.js Show response
www.gstatic.com/mysidia/ Frame EA56 32 KB
13 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 03:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493160
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 02:57:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 03:11:45 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/elements/html/ Frame F6C7 19 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

180f72b1a462888e9c99697f73b7b547588d82d1d06ed4e06ad1d517a3d6ed90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:02:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 537
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8237
x-xss-protection: 0
server: cafe
etag: 879581559784644231
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:02:08 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F6C7 205 B
229 B 22ms
21ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 16:55:10 GMT
x-content-type-options: nosniff
age: 11755
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Jun 2023 16:55:10 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame F6C7 604 B
628 B 23ms
22ms Image
image/png 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
URL: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:01:00 GMT
x-content-type-options: nosniff
age: 4205
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 14 Jun 2023 19:01:00 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 9F91 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 9F91 107 B
122 B 30ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 9F91 17 KB
9 KB 429ms
429ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2501487154844104&correlator=940188987033853&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_300x250_double_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1875046216&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465387&lmt=1655237465&dlt=1655237463854&idt=1512&biw=1600&bih=1200&isw=300&ish=150&adxs=978&adys=976&ucis=bdliy0ah0lw0&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=319818214.1655237465&ga_sid=1655237465&ga_hid=960954333&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

3fc38a8032fc0feb00443801e4bee1199abeceed567ab9e81812e0a9d7194714

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9457
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 974B 6 KB
3 KB 67ms
28ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame C7AA 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame C7AA 107 B
122 B 31ms
31ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame C7AA 24 KB
12 KB 592ms
592ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2177734489905010&correlator=493589299742531&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_970x90_desktop_anchor&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90%7C728x90%7C970x50%7C960x90%7C950x90%7C980x90%7C1000x90%7C650x90%7C300x100%7C320x100%7C520x100%7C600x100%7C640x100%7C750x100%7C980x100%7C1000x100%7C468x60%7C1000x95&ifi=1&adks=364930455&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465410&lmt=1655237465&dlt=1655237463935&idt=1466&biw=1600&bih=1200&isw=300&ish=150&adxs=5&adys=4484&ucis=w69654543wgx&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=1&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=328367420.1655237465&ga_sid=1655237465&ga_hid=1257923412&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

5122f811afe48aab11e5863f1fe95e5bd14d918c69fcb94c0e824d47e155e271

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12131
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 34AF 6 KB
3 KB 64ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 19E8 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 19E8 107 B
122 B 31ms
30ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 19E8 72 KB
23 KB 506ms
506ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1006889467867368&correlator=4387028724267829&eid=31068019%2C42531607&output=ldjh&gdfp_req=1&vrg=2022061301&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_300x250_double_desktop_2&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=1875043073&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465425&lmt=1655237465&dlt=1655237463860&idt=1557&biw=1600&bih=1200&isw=300&ish=150&adxs=978&adys=1659&ucis=g0b6a5h4e830&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=57055959.1655237465&ga_sid=1655237465&ga_hid=2026464078&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f318b4ae69011889c6b7c8e0457f1f8c377e738766b0816f8389e691041c7cb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23583
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E066 6 KB
3 KB 65ms
28ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame EB9F 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame EB9F 107 B
122 B 33ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame EB9F 17 KB
9 KB 406ms
406ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=869890229658479&correlator=2829226947644895&eid=31060545&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_300x250_double_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2919325261&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465455&lmt=1655237465&dlt=1655237463870&idt=1575&biw=1600&bih=1200&isw=300&ish=150&adxs=292&adys=976&ucis=8mihmyya9cg8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=590096726.1655237465&ga_sid=1655237465&ga_hid=445775174&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

adbfb81b30ab97000b12811fcc2d4821b2e11bcc6a8a0b6b1aaf97c8dbe7d1ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 49D0 6 KB
3 KB 54ms
30ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 a_cntm.png
cdn.onnetwork.tv/cnt/ Frame 96AA 126 B
330 B 190ms
189ms Image
image/png 217.182.102.207
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.onnetwork.tv/cnt/a_cntm.png?ts=1655237465&i=501063&d=9182&wsc=ag&plist=2124&widget=686&initap=0&currap=0&ab=0&cbs=1&co=0&vc=0&pod=0&ppos=0&muted=1&mobile=0&lls=0&typ=embed&ap=0&vs=0
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 217.182.102.207 , France, ASN16276 (OVH, FR),
Reverse DNS: vh11b.eris-w20.of.pl
Software: XO.webservantpro /
Resource Hash: a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
last-modified: Tuesday, 14-Jun-2022 20:11:05 GMT
server: XO.webservantpro
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
accept-ranges: bytes
content-length: 126

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame E6F0 107 B
122 B 35ms
35ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame E6F0 107 B
122 B 30ms
29ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E6F0 72 KB
23 KB 413ms
412ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=142207005426590&correlator=1534099103546818&eid=31067746%2C31068018%2C42531607%2C31065825&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_300x250_double_desktop_1&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=1&adks=2920209808&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465506&lmt=1655237465&dlt=1655237463876&idt=1596&biw=1600&bih=1200&isw=300&ish=150&adxs=292&adys=1659&ucis=j0d369jgour3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=897734583.1655237466&ga_sid=1655237466&ga_hid=1698435055&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

ae2a1bbda04f9b257ef589529c22e5b524c054b4ec9b69c7cc0c33d5292e2fb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23332
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6A7D 6 KB
3 KB 52ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 06DD 107 B
122 B 32ms
32ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 06DD 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 06DD 17 KB
9 KB 452ms
452ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3076159435321455&correlator=3291167811417423&eid=44765484%2C42531607&output=ldjh&gdfp_req=1&vrg=2022060901&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_970x250_desktop_billboard&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x250%7C970x90%7C728x90%7C970x200%7C970x188%7C970x120%7C950x90%7C728x93%7C728x100%7C728x250&ifi=1&adks=1064823675&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465528&lmt=1655237465&dlt=1655237463889&idt=1630&biw=1600&bih=1200&isw=970&ish=150&adxs=800&adys=213&ucis=o9lzixof4qwp&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=970x150&msz=970x0&fws=256&ohw=0&ea=0&ga_vid=1317680474.1655237466&ga_sid=1655237466&ga_hid=1727687457&ga_fc=false&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

143b6b255e7c307b868a92159b16ac97fa813c35b3f2d376b88248a9e0543936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9589
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 54E7 6 KB
3 KB 74ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5125 107 B
122 B 29ms
29ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5125 107 B
122 B 33ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=fornoob.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5125 111 KB
33 KB 481ms
480ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2937035963368993&correlator=1640145529793763&eid=31068051&output=ldjh&gdfp_req=1&vrg=2022061401&ptt=17&impl=fifs&iu_parts=147246189%3A22590330937%2Cfornoob.com_300x600_desktop&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600%7C160x600%7C300x250%7C300x300&ifi=1&adks=3509177807&sfv=1-0-38&ecs=20220614&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2&eri=1&cust_params=hb_rf%3D0%26hb_rf_ct%3D0&sc=1&cookie=ID%3D0a62d78c1e5f7735-225646ddb3cd000d%3AT%3D1655237463%3AS%3DALNI_MYEsdm4gqXPBDxcYCAUwl2c7d74CQ&cdm=fornoob.com&abxe=1&dt=1655237465564&lmt=1655237465&dlt=1655237463903&idt=1652&biw=1600&bih=1200&isw=300&ish=150&adxs=1220&adys=1513&ucis=j75dlpzsc7j&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&nhd=2&url=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&top=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&frm=23&vis=1&scr_x=0&scr_y=0&psz=300x150&msz=300x0&fws=256&ohw=0&ea=0&ga_vid=307021936.1655237466&ga_sid=1655237466&ga_hid=588270503&ga_fc=false&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

667dcdbe6deb01cfe2efc6f8560f53adf1b4b7e5180f04650358f7807fa7c12b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34141
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1805 6 KB
3 KB 53ms
27ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 um
cs.emxdgt.com/ Frame CC72 0
0 187ms
48ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 9259 0
0 116ms
50ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 51DF 0
0 114ms
50ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 04BD 0
0 112ms
49ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame EE56 0
0 113ms
51ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 074F 0
0 110ms
49ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame A627 0
0 109ms
50ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 96AA 2 B
22 B 68ms
27ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=323370380&t=pageview&_s=1&dl=https%3A%2F%2Ffornoob.com%2Fwhat-does-win32-cabinet-self-extractor-mean%2F&dp=%2Fag%2Ffornoob_com&ul=en-us&de=UTF-8&dt=Player&sd=24-bit&sr=1600x1200&vp=740x415&je=0&_u=IGhAAEABAAAAAC~&jid=2003615422&gjid=1196438806&cid=1485027515.1655237466&tid=UA-135196721-1&_gid=838278976.1655237466&_r=1&_slc=1&z=1189405001

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://fornoob.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame FA90 16 KB
16 KB 19ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 16:12:47 GMT
x-content-type-options: nosniff
age: 100698
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 16:12:47 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame E597 0
0 62ms
62ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 204 um
cs.emxdgt.com/ Frame 41C3 0
0 37ms
37ms Document
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cs.emxdgt.com/um?ssp=pbs&gdpr=1&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fprebid-stag.setupad.net%2Fsetuid%3Fbidder%3Demx_digital%26uid%3D%24UID
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 0
content-type: text/html
date: Tue, 14 Jun 2022 20:11:05 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3552 14 KB
10 KB 106ms
39ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d329044fcbe20459b0dccc6cdd27fe31046f89b5ce8897e555878ea3889285b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10645
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9F91 14 KB
11 KB 79ms
33ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81e143d4d375eefeef1a8c13de6623c02ce1f58c58b802a762392a38c4cdddc0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10763
x-xss-protection: 0

GET
H3 200 container.html Show response
5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A2B1 6 KB
3 KB 21ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3D0E 14 KB
11 KB 101ms
68ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc772a3f6f0d098ce060ac8643282f165f8236ab4ba43d8c8fa68157f3c167c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10742
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 19E8 13 KB
10 KB 93ms
60ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061301&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b353afb6f7bd6272b20ceb3dbd81f7c953b5f76a61411b4a7e004a2bd17dd7c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10490
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame EB9F 14 KB
10 KB 100ms
75ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fabb2b4f7fd020fdccecc7bd492879b085952b9cb5d8b5a495ecb89ce9412320

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10672
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame C7AA 14 KB
10 KB 67ms
42ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41be2b2a8fe96c86a281c453663efc57470202599968638f48100c2cefdc9d62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10642
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 06DD 14 KB
10 KB 89ms
64ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5028004983a5d8f23c23f882ec634e2406c328d94b7931d272e63154f47037a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10591
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5125 14 KB
11 KB 80ms
55ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022061401&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

65d1bd38d3d8b053b64f6f8df39ea5edd5c1e673d19700bf5e7843d6537b1a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10699
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E6F0 14 KB
10 KB 94ms
71ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1ce3dfed839234137715d666f51303258f2b14d76bacd12e1b550247b6463fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10590
x-xss-protection: 0

GET
H3 200 container.html Show response
f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C7AD 6 KB
3 KB 22ms
21ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4D95 624 B
297 B 83ms
34ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVyGJm3pIqbZZd7WBWyo5WcpYFAk65S8XI-uEln4iRvhr8DZmAnjcO83d17y-tK32CJDkZB6RqG5Poc3uvmzI53GDEj2l6wbOoHZ9mbkBRcwqaXgcxHOj1GAuyXGMo-xRnXWN0oL7T2htMGl3JmXsHyWZ8mBQ-eWTtIjjQu_9XWv6sFoE9E8hqF18RUDKEcTwIBmc34Cr50rPGQtZKZHGMj2dmAgQ

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A2B1 77 KB
33 KB 113ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbocaEPBF7ot4EUqmVpWrHaKy0fr6misTy4RIg1wu2ecAR6nubVw33jsAsxS9rKS0wMzxsfEAwP7S6Z8Nd2Qttkyv1xHgQ3hI9P-iz0iQZkVKbZbHVvynqki8UhbNkzTGuVpKdp1eOcxi5V363fJdVw3li2g&dbm_d=AKAmf-AQcomHTLELXhSvWGF0EkdlTTraanR1y2ZnVEJli-_G73so7L3ykvO5_IXad6sjkNxRWPCxbphCcMolqEMXnGJJfedPeNHsONc75TCV5KgNmb-ylzqT_k4NdXnAkE5vbSpiiHkoFKqXGIeEjCI8YRMVw7_q8kgUCAsASAHkTxOMdeZXhU5ZIPn6yrRCEA9TW1aSHfn9K7uAPfMLNahJW8j30m7sV2GsxpkRBRHfYPgyRfpf2TXBSLsGitw0P3MlbFI8HtvVo0bnjwihTpWlyZHw6qodzAT7gIZSmtANnrZdyk1qWwMt3IqmgjCs9RmiBs00M2MuM4SWwwDm0LlU8WHjMlt5l9xjYqlIQ3xmUCLwvNigTCR-THRvIko_bzOzyXabv_tNiNY16hV9XE0n4MFOLQqIPEVb_VH6ocNudEPoRa-hV5BAZecPLGPc0t2jI7jkTlS9WLYMRBzfUlehD426OrHjbuacR9Qw5fl3bZWC2zYW6KoWIrkJqKvcR8mRffpVa_gsTCa438essQeVjt99-7oBBiEHLKrGMAp0syyvFa6zCtGVpq2bCFZUZRDg4EYk5EjWbKjoSIZKuP2VK3ENq9LEnsgnrKzhgQzp9DqIFfoVhKo_ufABnFuou2nC7d6B2SrDK41IvDpz7JtfedqC702C6dW6jlSqf_b3qNdxyAQZJAZLkNPhHAR6W7IxgQXrOM2sxbon33ZVaTnIojZsc6T5C3x1ikUKFl1GL9odqgSI5NilHMYD0ysJMpZ68y6ov51GjqgR_Rgp6Py-16Bcngj98tD0uySFLCEEBfaMc6g8tWWnM7l4opWMbzviVO91G4SjmZNHCZVMETvKhnF2nZIaGaC9Z1pvNjcYwQexXN9GiwybImXUxL2nsXQIQjXdDPq-WkDqMgRoHFHIEXnoHegwWI_38xeqRvfGnTCPsMdaiMuYvzdFMSBtkcQkhwe51AZpIbcxOIB3KxNA40ti6WmPFEO8Pk4SoQfvc49LfUoZEVF_SwXW9qXh0qVXbJFB5pnUpCReE4pFF85hYmk8q75Htrsefin71xp2z_FIbI-Pfa2f-jl-goM58BkpXl4bABWXzr0Pai1rO_YXCssMBj1kYJpHSoCrjyfXWLUUbGEp1H_j_QKHT1k87T74YGHe_CRn-1hCD4y07ErvE_tFDAPGusJqKmtJU0Oi7DELvgXauqJ2CGOSlGePTrSVqvEYUWnMNuLZXP9WMQ0dfu885DU6c__ii2WKWJfwt1CzRaop9bwkl7lQ8HUZ3251JRMBxdPnoFSDipfjN8Z3Ts9ct1grIHIsoarZZtIDsovDZ77SckMZ_7qamT6A91G5gei03MDVUqAIsmoHdNXtIOf950f4Ocf_XQvNuSsOpM5WFoNcWr3sM9xUtTaFqHp7xcrT2LZhEHxodIPAUqiInCOUrKJZLZ1b4lPFU0_bTrykEHMmQArpvQXeXRpLQRngW40BvS_tkFBsw2YaESG9TF6hnrw8CqtRloHW9QDnSbR8jZgIc7tp3ovWTSvImNdoDJa_2GVtXGg6wM6F9OXmnhoD4GnWpOKeyZevw2342gOjMNVsyx6OBHWr27-bOOHOuiotGQ3egLx4kjBHP8TV6O23F9jfeLEqUdo1bT1mlZ6C8xMy3NlCeEiiYEZT2y5nAva-IhCrXuQtAzXFPBYiFu8pB_LJF3hOBljFyXEDFs1sDuH1PQhICVcTNPVai0SlxmNY7Eudkq8n_WALxSAVx-rL7rJCmESBLhNL4jY-dGVYntsmf0uXWqOWaHFQCZ-jnEnJDr2x5X5ZfHXZOQisrtyrQQo7RVF6YsXppEviBHVSCNUgZ7YaKeLtlx0Y4UrzASeOhCDU8pxT7Hrb2zmIHsbYGG2UVdp1KrgbPwShy8nPgcOZYCwb_fwnrIXjg6UcVt18kYJNYNCMcjBM2ot0FwXwg9Pejt3EcoxdBIKvOtO3AaNibEYzOa7boaDji3mcMuvOn6NLvB0Semw1y5UdlQTGzYPUzTg14SecJlJPnFQr1UsKZYLn3Hi-YwvwXvbJ0nb-JwOMq-nzt-t_W7QMNsaMNOLOdVYCNzhOzB_fF6dXgZlmByJIEQb4rEDobqiW5P16UyMN7aO_x-j6d1oMGwSxkOAeS4-AaTnPPqkZsBSCeglatlIcn3oxulrTcphOS_Y7jS-fOmVminf8-WxXxAe2z3IoSw_K1o9CuyJDW4tQjXEDMuxSW81YHNuQP8MXvQ0t77hLd8c4ujN6jkAUSadX4tc23nK2HL1IQJteMOk4PGFARK566Y6eGIT1fcoOQB1ygFmPXXHvdLu-BfORlnoCEfPfrD4e7xBO5gk1fgDx3zvU5oFcpvkpOznxo5rAiUDA7rJrx76O-MDpuG9ypEYKxjMV74hZTC55Y2qa9mp4ENq5j6hXyk1_Sngo6M2FOYDrt_rSnTNZMGlCVsbvqtG4kRgbAFZ3zjgZmwb0PIDVB89r6wpGNTihIvMm1oFIxB9UKUVfoNsTHtx_WVSYDiXhYeq4oDBUTPgjyyjMK2QCLJg-2YKqsp3z9goJRPgKrSQtDklct2OOaRJxOpSjcU885FTmDObM76fARqAM7YfxjvxH_mlkUsR_B1PLAgt6zt-HjmQUSi32IBz5lo8FG6dKxWP8dZG0rYqKp37iWAtCyv2ILa6WhEjD7IDFdChTU2dG6ra9lqHrEkJ5waqmMkjN5Y_aNQZZwOMTiYYveCfHYhr3bcjccaSlLYyKd2ZIxn1QbY4MeQDqsxozHI5qBUfNdqinf1zwFs8yQqlJcHJIQhAjk3988fkUUqJLsXRiGvQ7KnutLoRt-NxUVmPoSz6An8Lefp5Qhq4c6ldjZP_NtxBi6ABL8Es6YICemH2IDaanCCRwwpMgu1gN8IfFsPPLu_jg37U670LkhJJm17FDFuH6HB95IY4srLreMzehZmXy0eH6itFV2SbxWw0bi1S__qK2SmrchVRz5I8-3ix2RXtW-JZr7VuHYBlnj80-7Cg3iv70r67MNedTaw5sTUChvdyXqthyzQJyqXGrV1JQ-3ZgUKmCsngO-oZdsbZk5jL1icX7jOJ3aBhedPKZSsMJx7UU1nB7r9b-ja0cJUblv-WBKmbjyMShVjDeu5csDMlPXLIHwY-iBOpR85J6kBtyNalAl_QlraiZu3VhrHUXeTNejpSvqnixKkxkPfOs1LLcyItmTSMkl7dGXfwSqKiDIDPHNXHSoUkgZfkmGFpJ3ltoJ8Xe6Cj6f7xV9SxEmNnoVi-QcXb9ACUYp9oVLDpCmBh4k2D7nockeHHFaP-wB7y5aXcxPKohfD4sz4v_LIlsq--MfzbpAgqA-ZUd6RU5sObslw&cid=CAASJORoTF02ByEea8FZP93bPTCLovps52HlWr5qw-DQP4aL8dZOEA&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a11168cac878a91196690a53577328d4c0fc4696af82ec994c5073f443433602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A2B1 42 B
494 B 114ms
56ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AN0uhE9fux8spBvkgxIQEq5RkIpkmo53zwuNH-TUPT4iLO2g1FtXKATxMMV0u6sG0ufFYv1-prk1n05ibH5GiAyn-igw6D-k_36nLb2oIHkXl2jok

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame A2B1 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 557
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A2B1 137 KB
42 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:05 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame A2B1 17 KB
7 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A2B1 0
0 39ms
39ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRVSqYmjlLLz9OPPyRmBsTZ8ImvVClq47r34R86powk2E_d5Ei49OBVabCRrxONpu5ocAosyXMvCpa8eJ1qUekABVG_bg
Requested by: Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 container.html Show response
0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63D4 6 KB
3 KB 27ms
25ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9928 6 KB
3 KB 24ms
23ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9F91 17 KB
6 KB 263ms
263ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3552 17 KB
6 KB 287ms
286ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 container.html Show response
f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A70C 6 KB
3 KB 32ms
31ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame AB93 6 KB
3 KB 29ms
29ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame C7AA 17 KB
6 KB 247ms
247ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5125 17 KB
6 KB 234ms
234ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 19E8 17 KB
6 KB 242ms
242ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061301.js?cb=31068019

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 4AC4 624 B
297 B 40ms
40ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNXLko_SADZGoRBtSkKak9xtv_ocV8dz758-Ld3TaQvv2V7adRZ4va59gJyskBct-V1-zZGuXqj9LzBgUPqxYMOk1aMDdPCpCF8-L_57oKYGd7cW9iUjpQceTivreS6Aqk9jCgiog5CymaacM0MP4yKs93lcKoTv-ncTujsTX0xihDspnmLHAwY_7g4cz_QJLllm5fonJ94w1OXo8XGuAtWlThj8xw

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame C7AD 77 KB
32 KB 117ms
116ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOdl5mTsdZ8hP9QV4cJXzXAQx5lxc2pSXZMSwE4QB1CD621BR_I5xadR86yXjWBgeH6o6yJ25lHJ7OzZXToKYmGrnZpSmZ68rIK8FKMdW2W_7SKEfwfB3YjshEcI6PyykCfUeDsSHW8qlGfC2yjQ6nGIAVnA&dbm_d=AKAmf-Avqh5RAy8osceifk6HUJ6-nYqA4ZVUl1RFkyvt95s2d7l_euo2qTBM2PIGO3Z2wf3xwIwWAmyeVriQuMfjrWs-SXH0N7bh-b-l-YvzUXyBhAA53hjfZ4Pr13AFTHIk0gNkYcf-mtK4-_u3v1rwZeG619oGvJZ2anHJQz6kD2WYcmq8_GxN6vLrJjphrVvmpWKBEl_l0iOrKVW8rFM41tc8_Q2bdLqHP-1twR3Qi_SwfFK0oJg3smq4uvw0Hv6Xm4YL2o76fUnMEjc92FPvhWjgxxXmMr9jVSTmTUtkbjKNBFwpJTcRC3302eKASGYi4_FDB-LFXIv49wq6XtNxVYfCAu3Tt6_Z2F0C5mmJyYM9qEu_ZsS3qV7x0noFEy7-8AJtkRMQ46SajRihAdl9zpXqN7J1cQvr_YDaQb8ll4eLs1l6vUyrWRPYHoLNfIwP5yiwTmIVeHwgHYqja-xo6jKgGDFNJ3uytb1vwQu_aMkFE8hK9djY6xLwKCR9qt-P6mul_1pxBTvWa_0MU7NgTwhpkWH0HX5vmqAMkav_bvIhlIS_cMiNJ5mzE8mAqiTfaN8aXB_I3OrBSWaOKTl57EcZgX-ZdI9U3X4gl0Zsx1JevouW64QECU_bzntCWhKL9yckRbFpC6gYZc_5cj8sTRPUT6RV4axWFHcvLbaqwjot3lBiValuOvNEncSKLSn4h3Y0k0e37fmDSve_VGvpuuEQ6MK7sJcsISJhA0jBk6xzmejZ7oEhvZkUVAmDONPm6cq6FfI1D7x7t4oQdRCXbGOHxnUD3MigynkBMYUUXH-c6BxQ_n8_HFZXGv1Vpl0YZ9zXwnsY0XWJ8k6PChjryK8z3tM2HQagBwP3r6e_TS1YLCi3mVVtfaeRAKLHuV5J7hQgX2j4T-n0H-yBYb_QSO2HsMrbvIa4K5sp0QMBBs2FtMDldSY3zSycHYHBUHu2-zuUTgSHE89JS-7NkD-8td8rzVkht0CAj1nUG4Ft1O08E8my4954_1xNpk2GNgBPXWy1A5DbIjaMXpjxp8rrMQ9da-fFKhxVVx4QnGiMneUayXkeeIfN3IRf-laoRZ3YITvpyDa_mmuClK2FBTWdHOio8aFPmu3O2FadF3KHWCjWllf4pOC610EnCn34pqCc1WX6SxmVOo_Ta1gPwveIEs63QXIT3D9mPbc-OqBG6v80Z1dn1f1OGIBvmt5AHLa4_kx63yjFOUrAuYh7NL8-31A0m1fyX50WrTOqS5sqJVf5BN6n6DS-AX30bfWH3ZtJ7j1ynabtq-RhRhHIsJqSWXQHf3K4lgBo1GQ_IE7lqU-aGjip3BrKl-OH5XwDONi2m5o6cRfZvVYoPGi-UvIEKJxaThMVLhDP5syWAZvHeaqW9r11mFFSiTrO8xinHGJ0TVoyBTtbf4Tx7Mmpw2t0GCenFI-UuYvGn4lXZN2Z7fhoNfO1kNcARxvT4oOpPvaJfx3GyAcNQkwe_lwFGDZ9ubBmJFH8UmhUHQoEw1zfE4eGSgxbs6uHCg-MfTpUbs0eNyDvdEkiRunL7ESWzp6kOGi6FPcIfekxnfiVb_MXOUaTt7uSjsbgRyrGYFI2HJBDe6vRsV0z3TeKmKkuD93sbbEUaXYnAWTfDA-KVIJDB0TwT21RYlYjwtjlWD4FG_OBAR_y4RwZPHRz2mE-FlBpFpQJpZsODY4WHwdPhC0_I7AJsz8GK9SgZV5DzjnLHF31qsPoHCvPZTc69OGdIcgGi5bBgyI5ZXjaoRawPIB0GGieXLqo7laQLvdjGUshMN9w6OFa9p_K3WbvPe_oaqNHU_Yn3sDc4Hq75jX6_MYiZCMP-bisuwXdXzGSsWtZRb5WmZlFIKMkfdsaBrLJNoBz85LqXPMw88As5e7JGWoISL7kpsY9KpsBHupScvJRjvsmG4K19F-ybvv8D1xt8g31Ow5QhTB7l3VHvuTSoA82EUJfQBFkCQr2feITJFif89tuzitNEx1RdD8ZJWKzK9KRIBFm5iNH5a31QF_NpZ5ekob8XYmX5rXU38y7xUs7OHcGMCVQfLzGHfNoUJGmM-strsaWWhbdmaHZMNghw9dDJnJToOluguPm2Dhp3jC2RXOydjwkaRMzprOhOP0pqo3fqfPRfQ9PshHE20S1uXQ8C-wDC_MgBYsD_WAdbwdGtwdlMi_1UDyTvDLZIcyhSN7Us9VymFIjO72DHpTBZqEqxWRjlhZLiERX6QjiAVoyzegz-AQIeWmIesDNIh_sSQjY9v0_MotROfdfHHnI8eBmgl9uL74QTTnP6nr_TW-RovFnqn_rjd_VzHJlHAjUtq5xoZ2gowAXb5vQnKxDbpCD0scJ_zHx4Oxj1VhMa6bY7BB2tL1eX05SIol2YCr8eek9sgQZGjrx8uOo4apyokQVmvo0n5_lR2CmFs24K1mLBeMD_yvs-YGsMQIgvvNvosVuPxhNlsORRSqhR6dzZGVEJDvBA2dy0cEAGmj4HtcCO0oq_Is5Iz6SMNajuzINye6uY04LZpvYZU9ccTQOLusg0-chouuXhnIhLHtkMbdg1VGa1ks9bYck_Jf1FKcOsT7HiY9pqm2dI7BlqYuLKMwJsySs4wwrmMHhsheHUmdDcvCQgxwmptvxSn_M1GnN7k_PduasfMnskazf_DO0F7EO0IiQFTCPSwwhAiKn4pSSFlBtT55cp4rDMoQH0j2AY7seGLxYVZ85cWLnA2h9JgpcFKrYprAgX597xS5anQqhR2LOoKdkq6CHrwB-YzXJMAaXVHpxMg6UyFpyUxoKRhuaxon816K8laj_avZaDW53A3RRtH0v0QVlxkGZocjplBuwTiyLvO6gRhrpTKP9WhKL4guKIXfK_ujA1dgXBedgdVtouNyLl40JpD_NWAX-XozrpD6G5kWEC2JcN0RLv0pYZJnQo0QDCIMOFj_EuBkDI6UWsyKfYfR2vlAHK3a37mGFxfT8WXYxdlGCgBXI56UChMo9HcaDOWx6_wKfeKkXGSfZ5AbQb-0upnR3u2xhmp39Giwk5F9xmuzE6v5PjntuULIcqKiUJ7B0h7IZl5uaeMWy9ahRjw2-yv4JexH8GZiI8Uos9E7_GLpnSdmj7P24v_PRtFBiP3HaZ8hUaxxUI2pt-gHGMZE1PkkR8V6IR-c4yDKZE17TJkTxumpxC-8-0THWkxQH73Eeii_BW9sQHWCbu37-DCxmYCWO-QkqjmYjaz9axl5WHUVwd6Cyl63nsV17O8N_3LsEofzvFMYWqKJTyH21nhyU50TPEyucDMjOujASkX0DSqcDl_fzJKmVHweIq2KIbsstsp6wt3JDc1ghibJ8s0B7kKsN8yTuMXCJKHjEv_Mv9Q&cid=CAASJORohF1dtUeWOHlLc6e6G9m3ZrOvQDCj0G8ygz9LTqxRxjupNQ&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ab80f6b30cfebd7f4f7e46c7c716e87fefc0b9778364f0b25975fbc032af5b3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33176
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame C7AD 42 B
107 B 356ms
53ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bp7K8P3afPz0cLYaEEc4cSzrtQoP6ZxDKkklKi06txyEtU3dsEKD6WHLFIhvnmIjo8qKiwIgY5WBL6aiiWJZElnr2rwOpmAbZfvNmw4Ep6Z8NXYKM

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame C7AD 3 KB
1 KB 49ms
47ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame C7AD 137 KB
42 KB 85ms
82ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame C7AD 17 KB
7 KB 46ms
41ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 06DD 17 KB
6 KB 227ms
224ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3D0E 17 KB
6 KB 215ms
214ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E6F0 17 KB
6 KB 227ms
226ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js?cb=31068018

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame EB9F 17 KB
6 KB 223ms
221ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 container.html Show response
a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B9AF 6 KB
3 KB 23ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 09CC 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060901.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4D95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1

43 B
783 B

68ms
25ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVyGJm3pIqbZZd7WBWyo5WcpYFAk65S8XI-uEln4iRvhr8DZmAnjcO83d17y-tK32CJDkZB6RqG5Poc3uvmzI53GDEj2l6wbOoHZ9mbkBRcwqaXgcxHOj1GAuyXGMo-xRnXWN0oL7T2htMGl3JmXsHyWZ8mBQ-eWTtIjjQu_9XWv6sFoE9E8hqF18RUDKEcTwIBmc34Cr50rPGQtZKZHGMj2dmAgQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 14 Jun 2022 20:11:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4D95
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqjrWuBsPP2TJxA5v.X9oQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2

43 B
783 B

26ms
25ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVyGJm3pIqbZZd7WBWyo5WcpYFAk65S8XI-uEln4iRvhr8DZmAnjcO83d17y-tK32CJDkZB6RqG5Poc3uvmzI53GDEj2l6wbOoHZ9mbkBRcwqaXgcxHOj1GAuyXGMo-xRnXWN0oL7T2htMGl3JmXsHyWZ8mBQ-eWTtIjjQu_9XWv6sFoE9E8hqF18RUDKEcTwIBmc34Cr50rPGQtZKZHGMj2dmAgQ
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 14 Jun 2022 20:11:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4D95
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1

43 B
1018 B

43ms
43ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVyGJm3pIqbZZd7WBWyo5WcpYFAk65S8XI-uEln4iRvhr8DZmAnjcO83d17y-tK32CJDkZB6RqG5Poc3uvmzI53GDEj2l6wbOoHZ9mbkBRcwqaXgcxHOj1GAuyXGMo-xRnXWN0oL7T2htMGl3JmXsHyWZ8mBQ-eWTtIjjQu_9XWv6sFoE9E8hqF18RUDKEcTwIBmc34Cr50rPGQtZKZHGMj2dmAgQ

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0f1ff765-6963-45f8-ae8f-8ea81c50e707
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4D95
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D

170 B
188 B

63ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a7d218ea-8e58-4aa3-ae09-c7f5b3e54714
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 container.html Show response
ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame EEBF 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:05 GMT
expires: Wed, 14 Jun 2023 20:11:05 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 08D7 640 B
316 B 32ms
31ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY99LAywEwAQ&v=APEucNURXgxerERHYf67La9ZD2n14678z1RzRX6EbzeysgmVZzZsoXa2k2ptoreyv-dKGxsE0ejzyWjpTMu7UdhofyRc3CZUshE2l0ZCpxxPA_OosSl4UXD3FckHiYvdzrvMTNDuNgVl2jmI5PRMuHOQ0WjkdkRC3G9e_1Hcxkp-2m5uNW4SCWc77pZQzJ1LjFdl1DH7yCru75CvpC0fhaJIF2Z2zIa72Q

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 295
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 63D4 78 KB
33 KB 72ms
72ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqFIGzogZy935b3LSFQkL76co-fPh8gxYP3TFEcgCydKQncaLqnenaHX-6q933dYfVwMGHqplbcdrYCq_-BHDqtffzRg7NDXR34xyUVNvP3i31uGhZukCJHkg9zQ2FBiSiVzMuUWWcnaZqT9OKWP7dtEjG_w&dbm_d=AKAmf-CeGYA03zsYlbu8uKLxEnHu_pSdBynE66s9xEVSueDV_-88L4petICM9S7OdOYsAtqBFtNAMja9L9AJObgojVgaoJycuS9OHemedS8Adjh7zXuS1gDv-ljbaETrGeGLaqO3BsClpxBl8tIuqen-7qRILOHdFVFa__IfG4PCQtG2gDfDlO1KzFOOVSPxaUlnkewlCoVwmRftxFo6J3xrWDJYt8Ay0uvfE4RKz9ZKzn8bJmL_jZn2jLM3V8FECyIEjdIH_3evAjpFzD-gj4pk036urrHcbCgzom9aufgdI4TrZnxOUmrc4eEPXdik2SG0EAFnCsr6tZy-qBBcRPxUSI0PhQ7ONFIvSo-yAZ2_wGStToPqN70WIRPi45lCc9_I9KjIeu0eVCj_J8ZSJGQrAEiLRhCvcAXpu7RpWzmUpeAMtSaJ9mESbEef-YPxG80ZbD0e7UIJpPHP_QXt4_jlLCPbTHZESEZ3NV9y4pq_TSM9Hq3IV5-mK4AQdcNvgqDPkuNMkOUDCCVigxkGc_2zzU6gjr4U7sNOjjRd4equIwcTd_G2CL9GdmDRwFiaQ-oZABKTLs6slSQ-O8_Ca2DBvju7eXgeGPK6atKwTgs3byyXYnNn0NrsSlt0S1KegsZOZVYAvutmwmhokqPXf0qALJMOTjYZQv9o1RDMlOeJq-X7kW4eLJUfp3j5MH-OKOdQLXOQxuONyse62b3esNCn-zUcl-qwiXXFTcP2jC-NtfERbjrR0qAHcB57Yk1z0WgLazFg4x3KJJleQhwagjNpzqmYpIRP93yCrUl0r6TrStZRtEIpnFsOx1hZeWNyERIEohJZ7eFNwhicMdZASVDYZBKsmAN9hEy_qnDWaKWs5FHvZwFWTwqhHigQb61lCqnAeG9N11HJnFyV9fOLiAOmA7SSalMVE1T1uH5wcosPfSWGiLY12y1autFjmUkre2L1x4_EJJ2Yg1WP3Zi9VxKoIfy7SnNZj3nydJc0DE_UOozuT5a1ImBnRDUa9QFQ7GUp__ZmoZJv1_WIXVoat2Wqb3KdXcQRQx0AWbwADRRhc12-cGO98DuJVHYtrznnzAK4lA7PSFlWa-cYHNMrYkgiwNh60eLMK0DDboILeCCUVU0ghfSRpFa5gXq_798CfvG3hl7e35KqJlsFPHL-ns4y7GUyF2ZsuwthiNvFHG33gEkole2d5-DrIXNhrmR5oriiVRxAiHcADOCGthx1BnrIYgIUf6jFHw_ZstOw_-zm9ktqKk2ufsyRXrnSn0qP86YNjPCDHhMJxdwiTo7v9zkRc53McaL_WnmH53HIyZPrAR7iONcuq2GjsywojpOOnx3PPPexKDoU0NDUJX3MsN9pKp14uKOTtGi2w8FVkb0kPpseFclG4wsODKZKsn6-4m87iKZeNjK9AFMnXGrmsO4WIbY1rHYBu5aT4M52y2t9d4kPtg8Q1M15afFt-VT0w9YJ71iLZxfLUTSGH4F_RMWv3kx2BEvkOKV3Ug2LCD86iSeH9VOxAH_SDZU8nx1RdegLU6Vo_pRJ27XbHiTaDjtmEpplRmGd1__fvOGDDxMgaRddC9YcJjOIgF3b462Qe9mMAJBPjhhCyl92YNPXyMe5iqVdeLQDYdyEqSEMM3n-sx0x5SJm7diD4jaSyVbsFO_yUblqTB17VOwLgVNJaKyIzFAraTbGVw2ws1dTi83lgOhyuS9S5jez1goF95brR1_tNvwTOZVqaqOwjAz5WotZfuFdjRIbKI_80u5R_SVaV01E-ch99-Siq0MusZDLoAKyeqRIshxjdXWA9f3Ks4chdwfdfzr0MWXaW08A07NicCrq0ieROXIaFUbiiWwM5sIWjEI14NfcH6bBS3Bc875sn8hD_ko4TfrMnzcgHMDKpVA0AGx3PO9NrGd6pQ5EEyHsBkmHARXkYnwMXvOiFzaCzYIBFjbLz5D7Abqtxv8o3oJ9QrH5w8qNHJ37gpGOn5ci5pWUkNtwyE_KMgUHnShLehFtXp7qIkPhBR7wC_8anElNdRhwOwPkXMxUNweFj08ing_venF2lObvrFJrfDajKuM8ig71zx9NL4xg78sAUOQdO7BoFDl4DN6HQXAqm1OgblZsX1Wd2OlpSOkTYqfnlkt1BczwYQYVQyua3vHb67YZhSf6TDiTZQWIsCW_tAhBC-8c05J9H37DjwI4VVmCgnfnbWdUjQyTMz20e2n18xYzGrDqKp9E7GB9Y774NOIhJZSMcez7yZ5ZNO0JQF5rrytFOKCEZMyhomFLy43oSzv717EKGn59qhPD8kZYlBRXfk1rwLf1fKxcfF-L_WoWUnfCnxyURtKfTnsxh7w0LJ_RFHIrS7z0FQuQBL0y0O7WR6zZbS2AU9uNWwWJkAf-QEHlAUiGiNQBL3ooqpvv-E7Melbc70MMvXjbg0IhXed65PDxh3YeRKWOFgPbiUiuoMDHuJ2lUmbp_JYx1IacU8u7faBS4Utlq9NxwgdBtyZ-6sI2_hVhProksKzn2sDJ75tQeE1r3nsdAQOUHuY2I0t5wuT7vbDT6jkNubf5XpGZmK76uDBH_RZb4sciXUhV3fd3deVjHKOUXtKH8kHH3xxLR0cD3y8Z-p_AUC1cSI5EjE7lQtpv9XKzAf_HLv12F4cX7FypSzXlROns8cwfdKpShXeOj3IxS3x63SMmBRKLoUdYW3kihnrgIuLHtTN83SpHvaibrzpzbCaA93W4KnuMJ0Z4hldC2DQC0gOId1D74tQ9nA_fGR75Jjvm0_ydx_cx1uQxoraFRiSAfS8RCyOwfDRnXkD_iw4c4dYGebXM61J0nDduUu-jYIuVm6lpFfw23jiZiJisWfYuE2SctRO_t5Y_JKmueQVde8UcW1UjOFm5USllibEx04fdru6oPMjRk1OrxV8o-PNGqatCY3hi1uZaA95e2C78IUg5CA3yCoUHz1J1wzyESeCIEYO-0PPL2mfgzinHSvk2T7qY-smYpQcrvvSAo6nPhS9egnH6Rzvq3EPaGTyS29nADfC53Dlsf_5X6RW8NrSedkJ3PfEe78dHEpPt2L3yRzxboYyS96hOr332xHSwsz3hbgkbYZlWHSoWXGVuscfSTBs9GHbaqkePKBw11QNiKQ4ZZp82RJegOHCnHRvsjq4w_-Gfyi_g5Gtrb9LCcaPWdmf9Lhj6wsOMqPNHE1E3_k9qp-cVh6j2cmg8PKp_8IRsDBA68ZApRf_DBskF4iHT-yLZ_DXHwLLEErqnE6_xaraGDZhAt2LY4KggpPxy60RrghDtygoaDmoKoCcdW0yiCeccUX50CkQ27as&cid=CAASJORoEinwB4-tD3Bn8QBHONCb4ljqpmTQiywZBEFlhxgTcUEfMQ&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f89f865ab7fc1203808e8f1e82fcbfa59ac9897f11aa404c2801582ed677c14b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33328
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 63D4 42 B
63 B 319ms
54ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AlEtajoXZa1D-512W8V97xAbdMAVJx-zQupFyr2OI3-bbO_GRoA0DMt7-fIxQNdhyUOHYUjfXKkZKyQEiUKrKnov1Fbw0I2MoqybA1nFphS1VdCts

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame 63D4 3 KB
1 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63D4 137 KB
42 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame 63D4 17 KB
7 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 63D4 0
0 30ms
30ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKztuZ5bSHC8rYUggH1KXTaCeLwUVNV7RD0lbrpkVo8mjeaMieve0elXpIMz67j9d9APr0OVqubRtlOWnbukQFcliTJQ
Requested by: Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A2B1 106 KB
37 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
Origin: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 17:58:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/ Frame A2B1 8 KB
3 KB 290ms
41ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CbocaEPBF7ot4EUqmVpWrHaKy0fr6misTy4RIg1wu2ecAR6nubVw33jsAsxS9rKS0wMzxsfEAwP7S6Z8Nd2Qttkyv1xHgQ3hI9P-iz0iQZkVKbZbHVvynqki8UhbNkzTGuVpKdp1eOcxi5V363fJdVw3li2g&dbm_d=AKAmf-AQcomHTLELXhSvWGF0EkdlTTraanR1y2ZnVEJli-_G73so7L3ykvO5_IXad6sjkNxRWPCxbphCcMolqEMXnGJJfedPeNHsONc75TCV5KgNmb-ylzqT_k4NdXnAkE5vbSpiiHkoFKqXGIeEjCI8YRMVw7_q8kgUCAsASAHkTxOMdeZXhU5ZIPn6yrRCEA9TW1aSHfn9K7uAPfMLNahJW8j30m7sV2GsxpkRBRHfYPgyRfpf2TXBSLsGitw0P3MlbFI8HtvVo0bnjwihTpWlyZHw6qodzAT7gIZSmtANnrZdyk1qWwMt3IqmgjCs9RmiBs00M2MuM4SWwwDm0LlU8WHjMlt5l9xjYqlIQ3xmUCLwvNigTCR-THRvIko_bzOzyXabv_tNiNY16hV9XE0n4MFOLQqIPEVb_VH6ocNudEPoRa-hV5BAZecPLGPc0t2jI7jkTlS9WLYMRBzfUlehD426OrHjbuacR9Qw5fl3bZWC2zYW6KoWIrkJqKvcR8mRffpVa_gsTCa438essQeVjt99-7oBBiEHLKrGMAp0syyvFa6zCtGVpq2bCFZUZRDg4EYk5EjWbKjoSIZKuP2VK3ENq9LEnsgnrKzhgQzp9DqIFfoVhKo_ufABnFuou2nC7d6B2SrDK41IvDpz7JtfedqC702C6dW6jlSqf_b3qNdxyAQZJAZLkNPhHAR6W7IxgQXrOM2sxbon33ZVaTnIojZsc6T5C3x1ikUKFl1GL9odqgSI5NilHMYD0ysJMpZ68y6ov51GjqgR_Rgp6Py-16Bcngj98tD0uySFLCEEBfaMc6g8tWWnM7l4opWMbzviVO91G4SjmZNHCZVMETvKhnF2nZIaGaC9Z1pvNjcYwQexXN9GiwybImXUxL2nsXQIQjXdDPq-WkDqMgRoHFHIEXnoHegwWI_38xeqRvfGnTCPsMdaiMuYvzdFMSBtkcQkhwe51AZpIbcxOIB3KxNA40ti6WmPFEO8Pk4SoQfvc49LfUoZEVF_SwXW9qXh0qVXbJFB5pnUpCReE4pFF85hYmk8q75Htrsefin71xp2z_FIbI-Pfa2f-jl-goM58BkpXl4bABWXzr0Pai1rO_YXCssMBj1kYJpHSoCrjyfXWLUUbGEp1H_j_QKHT1k87T74YGHe_CRn-1hCD4y07ErvE_tFDAPGusJqKmtJU0Oi7DELvgXauqJ2CGOSlGePTrSVqvEYUWnMNuLZXP9WMQ0dfu885DU6c__ii2WKWJfwt1CzRaop9bwkl7lQ8HUZ3251JRMBxdPnoFSDipfjN8Z3Ts9ct1grIHIsoarZZtIDsovDZ77SckMZ_7qamT6A91G5gei03MDVUqAIsmoHdNXtIOf950f4Ocf_XQvNuSsOpM5WFoNcWr3sM9xUtTaFqHp7xcrT2LZhEHxodIPAUqiInCOUrKJZLZ1b4lPFU0_bTrykEHMmQArpvQXeXRpLQRngW40BvS_tkFBsw2YaESG9TF6hnrw8CqtRloHW9QDnSbR8jZgIc7tp3ovWTSvImNdoDJa_2GVtXGg6wM6F9OXmnhoD4GnWpOKeyZevw2342gOjMNVsyx6OBHWr27-bOOHOuiotGQ3egLx4kjBHP8TV6O23F9jfeLEqUdo1bT1mlZ6C8xMy3NlCeEiiYEZT2y5nAva-IhCrXuQtAzXFPBYiFu8pB_LJF3hOBljFyXEDFs1sDuH1PQhICVcTNPVai0SlxmNY7Eudkq8n_WALxSAVx-rL7rJCmESBLhNL4jY-dGVYntsmf0uXWqOWaHFQCZ-jnEnJDr2x5X5ZfHXZOQisrtyrQQo7RVF6YsXppEviBHVSCNUgZ7YaKeLtlx0Y4UrzASeOhCDU8pxT7Hrb2zmIHsbYGG2UVdp1KrgbPwShy8nPgcOZYCwb_fwnrIXjg6UcVt18kYJNYNCMcjBM2ot0FwXwg9Pejt3EcoxdBIKvOtO3AaNibEYzOa7boaDji3mcMuvOn6NLvB0Semw1y5UdlQTGzYPUzTg14SecJlJPnFQr1UsKZYLn3Hi-YwvwXvbJ0nb-JwOMq-nzt-t_W7QMNsaMNOLOdVYCNzhOzB_fF6dXgZlmByJIEQb4rEDobqiW5P16UyMN7aO_x-j6d1oMGwSxkOAeS4-AaTnPPqkZsBSCeglatlIcn3oxulrTcphOS_Y7jS-fOmVminf8-WxXxAe2z3IoSw_K1o9CuyJDW4tQjXEDMuxSW81YHNuQP8MXvQ0t77hLd8c4ujN6jkAUSadX4tc23nK2HL1IQJteMOk4PGFARK566Y6eGIT1fcoOQB1ygFmPXXHvdLu-BfORlnoCEfPfrD4e7xBO5gk1fgDx3zvU5oFcpvkpOznxo5rAiUDA7rJrx76O-MDpuG9ypEYKxjMV74hZTC55Y2qa9mp4ENq5j6hXyk1_Sngo6M2FOYDrt_rSnTNZMGlCVsbvqtG4kRgbAFZ3zjgZmwb0PIDVB89r6wpGNTihIvMm1oFIxB9UKUVfoNsTHtx_WVSYDiXhYeq4oDBUTPgjyyjMK2QCLJg-2YKqsp3z9goJRPgKrSQtDklct2OOaRJxOpSjcU885FTmDObM76fARqAM7YfxjvxH_mlkUsR_B1PLAgt6zt-HjmQUSi32IBz5lo8FG6dKxWP8dZG0rYqKp37iWAtCyv2ILa6WhEjD7IDFdChTU2dG6ra9lqHrEkJ5waqmMkjN5Y_aNQZZwOMTiYYveCfHYhr3bcjccaSlLYyKd2ZIxn1QbY4MeQDqsxozHI5qBUfNdqinf1zwFs8yQqlJcHJIQhAjk3988fkUUqJLsXRiGvQ7KnutLoRt-NxUVmPoSz6An8Lefp5Qhq4c6ldjZP_NtxBi6ABL8Es6YICemH2IDaanCCRwwpMgu1gN8IfFsPPLu_jg37U670LkhJJm17FDFuH6HB95IY4srLreMzehZmXy0eH6itFV2SbxWw0bi1S__qK2SmrchVRz5I8-3ix2RXtW-JZr7VuHYBlnj80-7Cg3iv70r67MNedTaw5sTUChvdyXqthyzQJyqXGrV1JQ-3ZgUKmCsngO-oZdsbZk5jL1icX7jOJ3aBhedPKZSsMJx7UU1nB7r9b-ja0cJUblv-WBKmbjyMShVjDeu5csDMlPXLIHwY-iBOpR85J6kBtyNalAl_QlraiZu3VhrHUXeTNejpSvqnixKkxkPfOs1LLcyItmTSMkl7dGXfwSqKiDIDPHNXHSoUkgZfkmGFpJ3ltoJ8Xe6Cj6f7xV9SxEmNnoVi-QcXb9ACUYp9oVLDpCmBh4k2D7nockeHHFaP-wB7y5aXcxPKohfD4sz4v_LIlsq--MfzbpAgqA-ZUd6RU5sObslw&cid=CAASJORoTF02ByEea8FZP93bPTCLovps52HlWr5qw-DQP4aL8dZOEA&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:10:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/ Frame A2B1 27 KB
10 KB 268ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
server: cafe
etag: 12800787445863738695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:07:58 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/ Frame 9928 21 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/abg_lite_fy2021.js

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:05:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 9928 8 KB
716 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 18:50:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 20:11:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 9928 14 KB
3 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 13:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 13:39:48 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame 9928 351 KB
121 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 13:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123888
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 13:39:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame 9928 17 KB
7 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 9928 0
0 30ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTlVDJDgB9Mk7aQueW40TJqs1NMbo-RnmPVOmSnr_Qela2ruoi20VRP2L97Kg98HqeDjV1B0tMkojYJ7tllvxFLueW-WQ
Requested by: Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4AC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1

43 B
783 B

71ms
27ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNXLko_SADZGoRBtSkKak9xtv_ocV8dz758-Ld3TaQvv2V7adRZ4va59gJyskBct-V1-zZGuXqj9LzBgUPqxYMOk1aMDdPCpCF8-L_57oKYGd7cW9iUjpQceTivreS6Aqk9jCgiog5CymaacM0MP4yKs93lcKoTv-ncTujsTX0xihDspnmLHAwY_7g4cz_QJLllm5fonJ94w1OXo8XGuAtWlThj8xw
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 14 Jun 2022 20:11:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 4AC4
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YqjrWuBsPP2TJxA5v.X9oQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2

43 B
783 B

37ms
37ms

Image
image/gif

23.35.236.247
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNXLko_SADZGoRBtSkKak9xtv_ocV8dz758-Ld3TaQvv2V7adRZ4va59gJyskBct-V1-zZGuXqj9LzBgUPqxYMOk1aMDdPCpCF8-L_57oKYGd7cW9iUjpQceTivreS6Aqk9jCgiog5CymaacM0MP4yKs93lcKoTv-ncTujsTX0xihDspnmLHAwY_7g4cz_QJLllm5fonJ94w1OXo8XGuAtWlThj8xw
Protocol: HTTP/1.1
Server: 23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-247.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 14 Jun 2022 20:11:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENyk3J8Q1bTKsbyCHQaM73A&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 4AC4
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1

43 B
1018 B

46ms
46ms

Image
image/gif

37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNXLko_SADZGoRBtSkKak9xtv_ocV8dz758-Ld3TaQvv2V7adRZ4va59gJyskBct-V1-zZGuXqj9LzBgUPqxYMOk1aMDdPCpCF8-L_57oKYGd7cW9iUjpQceTivreS6Aqk9jCgiog5CymaacM0MP4yKs93lcKoTv-ncTujsTX0xihDspnmLHAwY_7g4cz_QJLllm5fonJ94w1OXo8XGuAtWlThj8xw

Protocol

HTTP/1.1

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 4ed8ad61-1617-4e40-b930-0dbea6f109e6
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEGeLtQklpvDmRjzWZtHJ-60&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 4AC4
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9ad01865-1482-4e42-b586-d91af4d58234
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA3NjgyOTU4Njc2MDc5MzMwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 1608 586 B
315 B 35ms
31ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6NqpuwEwAQ&v=APEucNXmGDQugHTl0aObGWmAdF9lIbbsc485tR3T9KIOgTSggf__mHIfAMcDsf8qBifretxwBmEedk6yuEQqOHmwRyF44kcm-dPn0_qaja7V-IP5HtR4d1jgddRkn8E2oBza_ElbtMy2xveoEqpJo-gTeufp5Ji_SFyKRWmsFw3Y-WjMkkbTQCMOZG8jcy4hNoqkQ5VUlijLGg1jreU2Gm2Dx7ZzWWLRgg

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 294
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A70C 97 KB
36 KB 70ms
67ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcXnG4m15jUCeDZ-jmvjm48yig3qBTFYk9JSxH15qHLUc1bZ884nw1_utmG_vejiB0gcgp243z78jV-JPqT04D2eDyQS9cmjbMRBGSlZZTuo0bfFJV2j3Kieh4GCKdkAeV94oCvKqfJv-2BUxfngQ0pyNpJw&dbm_d=AKAmf-Dgb8aDm79CBcBwslNi-8K8U5wq7VPYcHUy8jo8eiWZnFfa6bjqUFTLhCn2JQrL8yXEJXBfbA9zaf6RM2SAYnEMyPkmoU5gPZLaHyCEbzaSO0VMqZiihA_rXL1E5BrW2tVpRBcokferJgjhU46qxcWLm2TQqCMxblr1ATKcETSOMm0gjvpwb-SV2dO-i4mF4ZhKZEyMopMEsJnk8wnkF4z6ORefq6YmzZ_GrIISb40Sv8TfKXEYgqFMxzmZJyA7KrWA73jB3G67NjPZhyAFGKGBmiVGjSvB1KgHywuSQzxopr3XsduI6OvtLCXUmppivuQcwQmOecUna7jbDdhXc6RHDFK8FTHEJ9e47o6ljwIMx7v4Q-YXm--eMe_FoK0ZwE93Y7JWlj1PQ_CVEGFwUYqM2gHFnFnw5UH-rDxO9vIrEoMHczPPOT8BjKzM9aJj2V2OOwPtBMex6W-U-Axl6rAjR65gZSCK-C0oNW-zOt-Jxun66c6MSo-Bgkhno5SbPTfyQaDdrNO926igfb1bl4IkpvfQdqB2ZgjCH5lSlAN-bNBfoK8ZbQZLfASrvimFNePhu9kjDjtFeKVlv9yz8Xn6sejgS3f4p4sReafFEgW2YZTtKE54I8mp7qTanFZOlp9gu7XScIxs4fa7JbDPniPQbRo5lW30jZGyZspMaT4GbqxZpVgToanlH_sZbnnKl1krNQ-M-qBMGY98nYUIJzDg_opHYmV35bN-B1tw-zPjnTT9KAN-gm9y8d2vtqZ8-cYWCXQvejMXOSpu-RAy8n2NuPdh578XRac8kg0Q8n2ASXbomFd3HiYjSsENgIAHwJADqZA4Vrvu4N4gQwI8vygBuxP262Eo2PH4_UOSFonLKlL0kHxVIdCeg2cvU6GSP3p3v7jIGyFQ9jhzlV7Ms6CPK9O94IyWVj-FV0-WorIsZq8FUMBu85xpS97IYQkMeR3bCBlFTJ2lLzaBUizwYqT29rx5K3SlPuDrZkxMCjMeO60JYoIzQrhcNUGU4k8536H47SeKtSjG3vWHqtwP_B1U468DpMrO75-6EKienPR42cx2ibZkslrueJLBESAkr_0IKKgRPqS5i1Ym31nkKYXqOi8pOctGywgGk431Zsgvx85UNiKlrDeptmK0W4jSlwDBR0wPzjd13w3ra3dH2xnLVDIgytzg0MgGk4Tv6iwglq7LY5jEOY4xtgN_Epo0M8OLNyTK6hUmxNYjDRkv6Ow2gxgJmC01nBui25Cc-7853T7VB5cJcWW_H7xaI9N0BryvVbGDLqlyODZDQpmAFCd48NmYlHQW0T09XR2YR1IU4cc1csFrLMAJyzz1_YARKKqu_guLPyYRFHJqyV456vWQzJ8imRI9J2lS_l4oYIwWWseGHeYUSzFx5iTDKF7IWcuL6sNOqSESy9LavdyAMyiOqnXhdI5IRDQdMX1P_lBSudsZuT6YgdKa7e6a2mjOFAyBLzBHwiqnnrf2q5fdORCQEn7bTcLrFrKeQfE9ROzCgHVCETvhjDPKAQkkuImC7frYOBMmzdjbSwRIkyPMmETO4Ahq1_Q9Gzjna_R3-rHyDo-8_eQ_teFfWLXXwE5IuTsj6NqrpxEaOex-ksj3vm3Pv7DRUik2oL0UbaOFF_R9qZ6gbxDoB2iVLmNBpVn4wjwC5_ifRmuyWmDoqc8SSiUdU0_xOG758QvXdI6kppsI1Vb8A-W0Wt_lqgN8bQ0N4Q1Dzn0aEvVc2FMpOem6jWE3F8j7bD_ks2VTWQELxvfPiJ82xyrIWqYMmIUxrzXLI8DBmJPSCwSYeARQ6GIIKw_8gsldTnWazix_aN6tg23l2E1uPvJPBdNdw_87nxCIHnuI8wnRSKjucQOb1NLU0dXzYNW0BC6uvuhQ_Jq5iIar9UlGxnaU5GI-fxYxoc8njV0CUeiO1roErEElSA93Afdry4ZJ9vGhHI5AFV_z_RYcIPIHhTPsdqzFI9laU0rWKaZ-e9NYJ8qIypwC10iZ360KSowVC2yKOOUJLCE-4Koz6KZcaYJuKu1L2WBA4bbyfCJtN31Urv_d49I8wRpfvkDH6TgMrP9KJYJXtP12Sajf-q38YSIstG5w7w7Ua1B74XG5mbJR18l9r4O649dhEukodrD3XWtlqEMAXiFXIbJMmHDz3D1Eni0YGGAmfBTe4MnYzUn66j5-BrySxafNAD0Tb_b4S49Le7aWyqcuu28jmtFIEptG3J7k1XXGXbJSjg82ozHB0HAw6dmzq3sC2NTCXn5MBM3su7LO871fNQoTZGfv1ptxUmQmO4t6qBDlEMlzy2-j5oCHT-0DBMEPg4m6TnKPyLQI54-nO2_PdSC7Q8vp1FNG1zfBATdr9wTmlZ_s2yid-AelKWMmuwKUUOLuYrS-MEQLun5PArozyXQi9xw61FBvXZeur2HAouZJdgG94cIaXO_2AFwxh286_99ZeMkn_AAPXxPWDwZZrY5f1gmjX8r6WLIQjasd_mCTsP4RsQ3X4kdW0F-Rj2rF3nySSx-v5jkXzB_KvtlPF191EQWBEsCIW5IoazbndEsP4O5EEYFlIA-NVvi2fe_2CtERVYFYis1ZqtX55DS1E-7LpQmbD2xf6jitVVKpfXKrNCNGqiWPwK2lYcGpREKfAkbmb_MQDitA1WaDyo1uLpvqlfjvBYLgHTDkZi9O8JVHSkDZJwZNvnGinCw-_V5y_LV_vN9If7suaXJ_Eap4SIQzvrCVhaOcpzcaMNYriJzVvRy_5J0DqB6r0jWJ4sVmf5pCWxcTb3Q8nIsmaGzSzrgQfLdvvfEO0Wf68oPBvZIuJ4r9V1gF5yFwVZMeq-WJEzBt2ELWA_ujI_PLnRP1O07aM2KxSjmwqAHZFGpecTbT-IcWNPm4SpI6XiKXi4QyUjIBxrtGde-AoYXHacoul7pzD54CIiHsZjBombjgUZgiJM6Pn5ZXF9Rh4nc1h4CDndO5Dp0B7YWx2YVto6kbupgzyOuva7Kl2QUFjiFZjpk6rZiq1LkdyxlPepqt1lsjPXPz9TWlAflxDK017CvY0rFzvB5_yMryS-ViQe2DKsj99aXQCcyrpJaKhD9-ob4BaMLSjBzanQDGcX7r_v7oWN44ISccIGhbnTHVWXnngEb5sovcsI-iMBBHUmtqyFgokLpJX1cwYIzUbHhWPSUOwrIa9Wfx2ByvbTKfErzn5paSVWPsNqcOYHRTQ_f98tE3MYvbQaFm5Ee8z9HdS-SPOrc018yitMklJnY83-hB8TWO2jdVQ73WGN7GZc5IV8KVTPph7fkXA3BvYbRR7jUcKzI9nvdS0Sx8hHxj0bV8hfmrr3JcwKanIdM8-MlVVmHIHKfL-le8Pc2AqNzSGZH5aSbQ7qpOj_PQaZbPA-sE1F6Jmbr_zK1xShskGy1fUkfianKWL6i-nA&cid=CAASJORolRqCK1gVmzFaex29euOKP-01VTmEiB-1ZF-09P6H7l31MA&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cd6c2ca83751acda61421dae14795103331a90ca080d2510d79fc48135e74e0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36979
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A70C 42 B
63 B 264ms
57ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DnQT1mgLw7_jSY9x9v0Ve_MzoEk-_-o6Pi7ErTjfX6GNcKZpKooNqVqo9OGwBKDQqyiTWzERYhaRNusUtUeyPXeMQodDkUD5xasdY94sDzYnl-SQQ

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame A70C 3 KB
1 KB 21ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A70C 137 KB
42 KB 40ms
38ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame A70C 17 KB
7 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A70C 0
0 33ms
31ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQMEj7vD-w0AAqkpxJ4TzR39iHGJGnh5r_Mu-z015ll22TOGbrnXgD2jIkA4yWaebV9VCXOJjfCorgNfceZQIAkjOMfYA
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/ Frame AB93 21 KB
8 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/abg_lite_fy2021.js

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:05:54 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame AB93 8 KB
716 B 30ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 19:26:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 20:11:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame AB93 14 KB
3 KB 20ms
20ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.css

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 13:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2798
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 13:39:48 GMT

GET
H3 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/ Frame AB93 351 KB
121 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 13:39:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196278
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 123888
x-xss-protection: 0
last-modified: Wed, 25 May 2022 10:47:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 12 Jun 2023 13:39:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame AB93 17 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame AB93 0
0 31ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNhk5XRjKdTjCv7KN_38Ocz4alhF2eJhB8uhlJQPhragowmHwCR9cnZG4dwhOwjHsVIKJcwpSg4KuHshX9CTxyvA1REQ
Requested by: Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame CA0C 342 B
236 B 42ms
39ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVMYhNz2589ktgGSXPdDG1y2aW93s-KeFKyVjo1kls1Z2Gjm9JkkCmCndIABU8c0HLu3L-C1WiBOUPcY6yXh4b8ZMVi111ULkFBpsawn9czTxIHfUKBHU45xPF1qTQFNMe-zU5DNIQOftwKnDBTpYSy75MLEkvGdBNtGIKSwoiYESwupxeIhoOdir2jd5DwUakhzltMswsWeurkFJPxMZrO0uR_5w

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame B9AF 78 KB
33 KB 2201ms
2200ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9pOtb5jvnBQeNmeRbDQPqn7AzomxmkXgya6vHnTwm4P2ptOJunOkrGd9hyuJowdOTp8Y789XiUl4bkdoKbpLEVJuIeMl2ArohAAaHT77XFbY_3Wz_gg34YREf2221U4HuGFYHM3tb9FlVU41LgBbZzfsbZg&dbm_d=AKAmf-ANH28VxnSv-CjbTICUIF0ipJAs7JaHEGXcnPafZi_MKYtlyB3W15sem4LUohD7pUwKNnzcVjunbePzYoWdPABgjZXTIbaQxh_HnZ_a7BXd8B4u96Qo7PnybdnTOZvGPxUYHB5GIwsloFSPEhZu49HY5racOeW7FTTRTVc_w77rQvO9VJRSakh41yKhphs3lnaLPTMm4uv5Vcs3IdtnFYtFlGil-TppFMxoXC017H1veLhBa7dsqCFDXkGWfy7VTGeWOBlAzHOXVWDhUInKutycR7-Y0rKzsBCxm3X77rLr1d4sPTMGSEp0s9TcPh5nCz0MEEBminpMeHM-TDl8GmfgM2XcPA208dqYaWxL8OQVPbTtRr-bsoXmkOgSF0KaMtR8tjDkLa9edWZG_IluTg-N-qnQvZyBAfKAURWTK4nouq3G4mh0Tv2CGFGx-HF9MykUDxdr27HcZr3bBjK_k5o1Hvvw9ZZsKGJ2PVmPKxx1lOl5X9MEnIfHwyUghdEzhr1B1UPtN8wX6dR0HLFP2C5oF7R71rLVLWDN6_-9okaEPMAfOI4z4rnpjH8OkpYnKB3rfiXcWI9kirEn0a8zLPzT6yj9399wbpoQ9pR0rwkG4ngl7Igi7vDPpdSaGAo2JdeK9m20xCbPTANYjIpm7i8CQ5Q0uj2n3HB8peVFP_tL0aUhuT5ORd__7u68WvmmHbBzOSiLBelu9Jbh5qbgzoxXAgbql8OAW0hfUVxktazJsv5frbqHzjSomUJcW9alBbg-D7_XOgbBINEjdwMtWe1yh7yTv3FpIZi0hUbwl453tR759L0qDX9dtfLqJ1YfWeikA47G7e7SHY4qmm9e33MWCxAxr-X9Z9raxwQx-z36tVyjUNIjvvXAdR-y3QD7kUTTNmlpO00aUJ_dAsw8nBgsGZTa-n85M1ZEEDHlTZpS_jQq8ozIpH-M5MPBaI0WtqpodEOnKHJNfoKrKnZyJeFYzOtdY3ej1HQMXUy3UpWZ6WYQcKzimYlyaUwLOV2kWF25FsIjzozeBeIOgAk1iG40BrTSMTgAE5cneUm1qH-53zvhUj1zJGIeNwdks_w8W6_kia4xuiiqV28lEsOMrH3hP1evyPsCkv_EgEOJet_jdNAwL589x6iqo_kHbh-oL8er8YwDksfnS1NYupzTmAIONU4Tj-jbqWAwM3vKi4D1UXfh4QbZv32I3Z1P2wCoJ6-P7g1Z_7X9ZqydN0FhTQatT--2144R1Rjq59l3KyDip6T58jqvcK9DP3i8J0LxJGwf8kpvaOzApi9o30_lRFUrTQ8baL-Mp-0CMDfsUQK4CCfAPOZTd8Z88l9Axpupps7Nt2hgugh6RsWsyn5wGQCtxseRzQGNgOAi0AOncOz6HKBz8YRPG55O7iesRucFvwl088ZUaHwKjdKYr2VW34ZXDAc7b2ATHpvaAqe5Mee1dDpSsOQmphXphABHR7ItsO-uqWCAFMwgM5QtnKHfKDDE0wJG2cq_rx79HGyd1c7LMAM4TFXuExmwPi4aIA3KHRZ9x-9Pq2zMt-pdcbjZDrHB0rDdwixhlSwAHpMuV7upuAMinVT7F-MXK-MyInbU9p823Ay7OR-9jSqCBVbApFlt1lousTV2bmeFUrxaZWAq-3uwBPCuZy-HsN2Y_rOkH9mJJNjIc02rabQyxS_3-QhYGnXSUAuWBmEjWMbLzKgtzTGJJjBjE3YwAQjMnJ4mK4V5kageMhVPMAWqNbJDTIn6rLhyIA9JJVAHQY-TAY1OT6K7D5Cl0kw4EIDEtPkEYVk4jkhS6Fz2Vk6vnMY3IieHr-Jpz6GXe6Q6zRNhPrd8T_eR5xXF5NayU4X5KdEFE4LkRYzxbBD-uEtrVf8pTLLnbeSB5pl4AecOIl-5Cq93GlXvsOXNMzECJt3MXQ9P55M_VjCIBrcav1rjAtyQCU-zMj-1nGquRP1JMYbpdUab9tBuHFi5naNJ07Go-S7E-X5unBI-CFoKCjXJ0C1XJ_HmkPNgOZlOGA3bfwZst-i9E-HWQ8HB00MnyKDDB8d8zSId07L2U9cV0vxBzgfNsrDjA0i4AGvLq28swp1WOGlXKb6YYGOZvBsHB-JtbsY01x-wbXr_f2pd97UcYOQcl3Z_FNDtvmNi_kSWVmGgH44ZXOkt5Lm2ZdzhrrYKl234VeDQhHY-fdSeLUiZvAzJ7WCvXRSAbqkD6OD-4T8qXvsSptg5iuxFONeKzKFz52wrpc50soEeWXToKZPmnFhXtKJDpnlelAOG3vHw5zW8k1utyYkCxlWIX1JKRzBWiKE1rejn_itid49OnCZ2Y4YNid8TkF-uvTb3a8A-0sNEqJ7fcDSA-Iz35h9IuVAEaYkswQ34Mhqbpr6PB636IwkSJET4OZRQUic-qRz0aQW6Qd5X3Zy2s93YMbLYyc3XHFJOJpdIqweiyQ_kHCTZiRYK19p7-BJ6YE0NfUhb3yAVE_4tfHjLaLCKsSPoNiLltFO2m1MxOHsJ66N6tvmdQXwNAkVw6yrt5pBxA_fqlFjGGphsULkyqp9T3U4db5s1Hifs4wG4jgHtyMbpv7dl8EiwktFCZFXA__wML0F5ddQjQLseoJrIHMe3fK2mXAl09LL-i_lyVwwahe41jDX3I3nUo_6qHCOQige3pyI8gjcpAC8HfRCtcm22k8SYu-pWjVTp4UouRLz2M0Xfq9NRhXPSfyOS4kVwviNA_X3Y4TZNP9XeaLuKhICcolYZaoS6ZaxDFlfp1bEamdfXMGQPUv51R_TKxEhcuMj7X5VBUxwlk0PjUdCuTD3ma905DjtSmG30VazqCz1UeCbhkhOwi9aELo_9ifiHXCnk4LeMlf1K5dfcSBcM1jpTNPopce0pgYAAhzypNI9CZYDIu4769RWRK9eASOKl_LdWvSJdytonDZrr2lT95vLrFPsHo39JZX8JlZJkra87uDIWwAHRD49clkISUFJUAQOlka3QIc_qv32JyZQpYfjM-PZPE0uyeLi5qLJ58h2vlOzNYM8sk7VnwGn7lBVZkTciwF4erBehUeBCbIQ_49GWNHfIszbA7G72EmQQL0FCgueWt-WVBvAjfSpZ3AB1wlUcJJFvMh7M56VqXydOIf0PVW7-u9d2zkl_-qq3bXCS-T9NksShb7ZV0M0MKFn8t2YZH8XWbq57GUqSRa6Triez_putzLmHUS0DRGjcT7V_cUHhfyI9Q4UtnhBHTqLYLyBntpt0rI33uyiYc1EgGFDEfxFz6IDwGVkdTXcP0IfpKoG4zX1jpb9I48grFZgp_aXxJkNN1xIr_7qE9x0SgZRPAYJh_LnvfbH0PMuQ6h9qgoCyuWXEWCF1WGer2237M3neiwA1FiW85E3Pr53AcDM&cid=CAASJORokT6t-Op56SFy5O1DOOgAQ49FhXtarhYqhWkEMAL5ljRO7g&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

989a8a378f3931a3e6460cddb10546a0620653e68ae8c17ac3ac12d40606f801

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33372
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B9AF 42 B
63 B 212ms
54ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A_SZhLKuBcl0ZvtxzH4aSruh2l0oyK7tkH0M3S8xJBZd9IIoKiZQuxpV6LBFLFgLWvDHvHB-lP3yHOSQ34y4ywV6bk4KW6ph4oYjxMZVT-4t_76QA

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame B9AF 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9AF 137 KB
42 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame B9AF 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B9AF 0
0 29ms
28ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSAP-y9Lsnp6l-ncyhZygIh7lMuPuO8Lisj7TXxIL5FbiSJClFGFfqImC0xDEV3vXasoUVz1pgzK03bwb55pQE2wdPf9w
Requested by: Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 08D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyU-iYETGRhS-vgU4Zl4bE&google_cver=1

43 B
114 B

36ms
36ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyU-iYETGRhS-vgU4Zl4bE&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY99LAywEwAQ&v=APEucNURXgxerERHYf67La9ZD2n14678z1RzRX6EbzeysgmVZzZsoXa2k2ptoreyv-dKGxsE0ejzyWjpTMu7UdhofyRc3CZUshE2l0ZCpxxPA_OosSl4UXD3FckHiYvdzrvMTNDuNgVl2jmI5PRMuHOQ0WjkdkRC3G9e_1Hcxkp-2m5uNW4SCWc77pZQzJ1LjFdl1DH7yCru75CvpC0fhaJIF2Z2zIa72Q
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
via: 1.1 google
server: OXGW/7f1e280
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHyU-iYETGRhS-vgU4Zl4bE&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cm
us-u.openx.net/w/1.0/ Frame 08D7 43 B
306 B 87ms
37ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY99LAywEwAQ&v=APEucNURXgxerERHYf67La9ZD2n14678z1RzRX6EbzeysgmVZzZsoXa2k2ptoreyv-dKGxsE0ejzyWjpTMu7UdhofyRc3CZUshE2l0ZCpxxPA_OosSl4UXD3FckHiYvdzrvMTNDuNgVl2jmI5PRMuHOQ0WjkdkRC3G9e_1Hcxkp-2m5uNW4SCWc77pZQzJ1LjFdl1DH7yCru75CvpC0fhaJIF2Z2zIa72Q
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/7f1e280 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
server: OXGW/7f1e280
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
via: 1.1 google
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

200

um
sync.teads.tv/ Frame 08D7
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEFSGYydeIehabLuYr0VVrxo&google_cver=1

23 B
172 B

55ms
52ms

Image
image/gif

104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEFSGYydeIehabLuYr0VVrxo&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY99LAywEwAQ&v=APEucNURXgxerERHYf67La9ZD2n14678z1RzRX6EbzeysgmVZzZsoXa2k2ptoreyv-dKGxsE0ejzyWjpTMu7UdhofyRc3CZUshE2l0ZCpxxPA_OosSl4UXD3FckHiYvdzrvMTNDuNgVl2jmI5PRMuHOQ0WjkdkRC3G9e_1Hcxkp-2m5uNW4SCWc77pZQzJ1LjFdl1DH7yCru75CvpC0fhaJIF2Z2zIa72Q
Protocol: H2
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 14 Jun 2022 20:11:06 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEFSGYydeIehabLuYr0VVrxo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 08D7 23 B
172 B 134ms
49ms Image
image/gif 104.92.106.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDh3gIQ-tLb4gIY99LAywEwAQ&v=APEucNURXgxerERHYf67La9ZD2n14678z1RzRX6EbzeysgmVZzZsoXa2k2ptoreyv-dKGxsE0ejzyWjpTMu7UdhofyRc3CZUshE2l0ZCpxxPA_OosSl4UXD3FckHiYvdzrvMTNDuNgVl2jmI5PRMuHOQ0WjkdkRC3G9e_1Hcxkp-2m5uNW4SCWc77pZQzJ1LjFdl1DH7yCru75CvpC0fhaJIF2Z2zIa72Q
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.92.106.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-92-106-130.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.7 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 14 Jun 2022 20:11:06 GMT
server: akka-http/10.2.7
content-length: 23
content-type: image/gif

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 9CE6 342 B
236 B 32ms
32ms Document
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGKmVr8wBMAE&v=APEucNUaWL7Q5j6Q0mlIBua8ou7fUcU0LvwiGjLQpX3jYXOtR7j2uzTTPiBGybEwrkalSjSAAgjW3mIZpKy0QAzxgiIgtRFO3bKn31hcjXrV1Cc95UCkS6kT2K_nJ4cMxcbrowkQwJQ5qAeQsRJvgvNHXN-HwssVIAJOrjknrbnBrmHDCaQV1fCjxHudO75-8FIpg-Ch-unjtkTtGeXzQ2y_qegJhnanJQ

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 215
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 09CC 14 KB
11 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHO1Oacj0e6dQE-BHmIAPmiDE5q3TjGFFyM9giWbLd-8WVG8KaV8sjOgcdcvfRAPJ8I4GfJJb1pbDrqH-l-xuuSGOt-gdHOaZ-PKthBziJ5O0TVUxpQa8Lfc2-6aK6w1GJaDBQy0VxCWgtFEWKKB6LvRt2-g&cry=1&dbm_d=AKAmf-AHky8tOGyw8l2g42e8jydlbfa4la_LioF6Ly2smbFv1hPtRbWuqcoIulrmlgUe5ZVMqxj_40AUEmux186vHv1SDYGOD2lfN_DoT7HpRCfa8gO4W0Mdc1dNCTxB8IvDaqOUphdGXL9J86zmRapOT8d0ESMSA99lqtpd3UUjUkslwyW0TQRsmDsmWMl3_BAJmYmEYNnQZWDvYTiMaYiPDWijtWw4CmKlM9Ql0JhPU7Si8mGIaDgDhi8vSOBRCZm1Xb2eK5yPva-z9KAzdBOei_bTCjZRu0KB7awwP4fYlYms6SMNQnOMWzEjgmejvFcNiyfWWIAi9MXwTGu7ymuRRtJQqXM6aCFnfjMY4DzAD1Xqyc5CACzvkQBgMjkDq6qWGh5KIrqRTpCdT42_CZt_wQvr4GiS4uFN8QdJGnxBk1dEm5KtV_71Jazx005O0jDk7sEvqrT7VX9be9l7aTpsYXZw-yDI5On06xEjF3o5wOpJL4qk-j4ouzK_QAfwqqWnOE1URyHQd3_EZawJIX-INi7j-zigYnQ7NROL6X7bmhcM2hpYPqcTlRUHOf1qbq1YmSDp6vroTQFtRWYL8uZXwgM2yczBcxf4USTlLrz8B7qRtBOzhzParAfswKqW2TJ7Eo4qYg-0VcmEa5GlZr6c5efBepv5RXS5zICgNYdt2FevPOXB0sWGa93OTDRtGPS_FRa2dkDwNKJbE_4wYKnYz1hhBWVUXggHfHBje4fMH_RbNM0YCYscZzG7BXPSl4PZFXbh9Uk2_cIDa-qtyYFTITCvt7PM4I8T-jLPkXl7vAqRsJHd7vBJYAcF-5C4YLv6BMuHRoSc3vOySEUaQI28VTOWCnV3fyYnFDsR0PdMRXoGnGbe06otVZEgsbmtvrInWdtRQe2YjTLoeonT3B7N823wZ-c6kB0hgZFxavcQ1mGaOakgXDeQMOeg2yGgTej2C1grvcEN8kJin8ZvuTF4WJ1kDKzCYevRedxdGKRBgoumMUiDjkIjpeqGS5ybqZWaeynxzJm1wEIpzJqZzgRf1TKNHT1gZHJnflCWRxK2kuLoGgz-LdnLAJb0C6jMrx9Gumi2ZXR9D1dsRfyOTqGiJfA0RluuSuwPNI3kDN2PEJVUTpkqZxCt2_bgrqf88Gy-tz7GXoxXmgsSjxfjm3ypbi4m3UYkPJP6-kvieVuUFrpGKz5NF5_D_XkyEOGc33ifKLPEDxAgA89-CThJEsQyoZx-rZDuuu1erJaaNJj6CILxY13NM8B14c4Iax7v1P4ishY83T2NZLNKm7qV8Z6I5NWhAvh3mn1bIGmak_CN45DRKlfKArSyQix21VXAOGLric9vvPDIQCSeKz7k3pGGOmLySwhjo0No_gbq1HSi53WSHNcYekfQSdv74O-Zm0L7DiGupjdv7iNg5_u0KFlgCzdU--YmE2AU1LB1oUmvPRCHqsEBzdsFQTi1NuFbEaGAPE8sfp2ma47tYBJnoPWWEkJwKfcg2LOBf8zCS7j8YW2J7IO69nY53xGNdxHiRi8SyClNKIBEYCuJwZDyG-9W35CWG0aE6laziVBkQrYSACwXcR0EIWlRMlLL_wTKC7DvE8Pn0fImUqqDqW-dsA_s88kv-3Y63FJt3DA0D1S3Hg7kzosikvzr7SEtAdIyUJPibXRyEhEY5ePsBLipXYRGK7K7upU1hLdnYxytOhQSGdpsQr8bQK3ItAAxHjwgtkpkor0u6BTuhNUzz0QBmHfSe7AWGqm5q_zk64X9elh00VXOWZRAoE-bSpj9uVOChQCHBik8fOJ7Q60r0kS6bvpo6Zq7w1xnj9SDOQWXHzMQgiTg3lW1C0u8OM7H41xiEMNhQEBQG3WZlyfTgOUmP-KzE4fGpk1_HyYqOIk4ptfIxEAebYVPqVpKDka3vBx9YYAZOyysLbCyOQirHwRWMLgxqwdbAY02r6P8FE6_a1ewGqwgpoKzu1OesnWAB33QZg_Aa6gfVk4PercBbGti-ZFCCR-MHCwUE5LS1WZ_RMW2M-AS8M-2RCzZZ-zrV1Na6r3XtmQZXkc7R33ewID5-G2bJ607ohbaZplnShWXJHNY_YS1-xjEFfE3UnDH5TG9yTj-hGgGjfDrcRM9qfvsy5-AwLWzfwI1tY9LiqkCYVqu9VWF-A9Mbt-p2AOgqveiOb3VLySxuB5Fy8FjUEzAAqgu89glDbckHMy82rkZgoDwmcwLdVbE4buKEHuN9aP1_o9RgAaq0ielpXGLI4YhbxG2WzmbxVOXE8Jj0_K2B0llY-voRAJ76InU7z1azAf4wFhGj6dTZxxUFdEv66yJj8iDZbq6EL4oJBYucgaF_WR9T4y0ZS7Tut0PURQmaipLtYPVfOhckM_QdD-aigXvd5hRH_Do-ooRVswcYRbRi9uWCV1W3fZuYo17uzxjveQy-rtTKVB1AqnsHTVJ78CNq0Gzq2ekL9RH8ipu6KHQiqFzV997yUoqE5Zys5-TX_BvYVzb8DFHab8gn6A3LFVxbReKY4kcCgVnTl27ve0B8WQ3bkinQ8XbAfP4OfTxoUYW3oUz78m8seBxFRm01QwqrL4_7JdTT2u47fxM0RqJY-Jxj8lzDYsFVCPWlZCWsYNZOiBcEapnkGgOjUIAFgVlEAjIYz9zI0F-nRxXUpULyYgR3578akS3Y3xSycBQrcPK3YZNdeJOfQVDx-9TI8VnmNV39Oyb7nYoSubXPIlJvYtACRu2N5vnAhMOlqB2Q3KX9B13De2CHIquyzxhQEEIlKHWWuXiCRkFLg6wzQN1hQIzBHNvX0QxP67I6ATnrbVOTV1MkZtAlGHMl06dkrvxQWc490TTenqsvgyERXVRq5fU5zxvvOmsWR7u11YCyRo4bSRLNPtqRZtv1RF8_FLlPbxN2qC0cVLOuelRqPUHGIuBDZ2QB1sOlRyUSLtEPrz8GE2-doZrAA_gAcN2ZFNojIbmvmM44KrrcvHGx4IxrB6CW08qaFIescAyy8VWtZL_K25sOQ48atqVZ5ZSYfSArLqTf_kedxho2gR9nAGdUlzuih7lu1oBIAapNRp5DvZWzdJwVrlfh-HJmok4XGdSQixIHuMg7RR6EOtQOWUtbfw8bRVtiAbWToCAXc70p0lABQAC65NnUbsrmLQ5KPSya8dQxHZD2VJU-VIuOJcCCHLzEGAsQsm5StyA78s0u9vgoUG0e-9bJxnuqSKjQJXJoIMw7b9IQd0fCA&cid=CAASJORo6SYfSwy-_WxXWuUxLAyjRmRqj0GNDdHGlInB_tIk-qEMGA&rfl=2%2Chttps%253A%252F%252Ffornoob.com%242%2Chttps%253A%252F%252Ffornoob.com%252F%240

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e73d4231ace858748cc9124595ab0bf1467a32293fdb0a25a375021a02fc5549

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10731
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09CC 42 B
63 B 207ms
57ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AJkvW1y56I0fDy9RdGSUXDKb5M3T4shS-Mqy5aLW7lf19Ad4AnrBZyIFJCwlSUmH7g3MpYOC4nLtaW8-qSirfHlggV83GU_BRIkGmS67Z7rZBrd_E

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 09CC 2 KB
1 KB 112ms
30ms Script
application/javascript 2a02:26f0:b600:1af::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184176&plc=6558440&sid=18330&dvregion=0&unit=728x90
Requested by: Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:11:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:37 GMT
Server: Microsoft-IIS/10.0
ETag: "fcf82911d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1170

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame 09CC 3 KB
1 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09CC 137 KB
42 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame 09CC 17 KB
7 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame C7AD 106 KB
37 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
Origin: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7932
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 17:58:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/ Frame C7AD 8 KB
3 KB 188ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AOdl5mTsdZ8hP9QV4cJXzXAQx5lxc2pSXZMSwE4QB1CD621BR_I5xadR86yXjWBgeH6o6yJ25lHJ7OzZXToKYmGrnZpSmZ68rIK8FKMdW2W_7SKEfwfB3YjshEcI6PyykCfUeDsSHW8qlGfC2yjQ6nGIAVnA&dbm_d=AKAmf-Avqh5RAy8osceifk6HUJ6-nYqA4ZVUl1RFkyvt95s2d7l_euo2qTBM2PIGO3Z2wf3xwIwWAmyeVriQuMfjrWs-SXH0N7bh-b-l-YvzUXyBhAA53hjfZ4Pr13AFTHIk0gNkYcf-mtK4-_u3v1rwZeG619oGvJZ2anHJQz6kD2WYcmq8_GxN6vLrJjphrVvmpWKBEl_l0iOrKVW8rFM41tc8_Q2bdLqHP-1twR3Qi_SwfFK0oJg3smq4uvw0Hv6Xm4YL2o76fUnMEjc92FPvhWjgxxXmMr9jVSTmTUtkbjKNBFwpJTcRC3302eKASGYi4_FDB-LFXIv49wq6XtNxVYfCAu3Tt6_Z2F0C5mmJyYM9qEu_ZsS3qV7x0noFEy7-8AJtkRMQ46SajRihAdl9zpXqN7J1cQvr_YDaQb8ll4eLs1l6vUyrWRPYHoLNfIwP5yiwTmIVeHwgHYqja-xo6jKgGDFNJ3uytb1vwQu_aMkFE8hK9djY6xLwKCR9qt-P6mul_1pxBTvWa_0MU7NgTwhpkWH0HX5vmqAMkav_bvIhlIS_cMiNJ5mzE8mAqiTfaN8aXB_I3OrBSWaOKTl57EcZgX-ZdI9U3X4gl0Zsx1JevouW64QECU_bzntCWhKL9yckRbFpC6gYZc_5cj8sTRPUT6RV4axWFHcvLbaqwjot3lBiValuOvNEncSKLSn4h3Y0k0e37fmDSve_VGvpuuEQ6MK7sJcsISJhA0jBk6xzmejZ7oEhvZkUVAmDONPm6cq6FfI1D7x7t4oQdRCXbGOHxnUD3MigynkBMYUUXH-c6BxQ_n8_HFZXGv1Vpl0YZ9zXwnsY0XWJ8k6PChjryK8z3tM2HQagBwP3r6e_TS1YLCi3mVVtfaeRAKLHuV5J7hQgX2j4T-n0H-yBYb_QSO2HsMrbvIa4K5sp0QMBBs2FtMDldSY3zSycHYHBUHu2-zuUTgSHE89JS-7NkD-8td8rzVkht0CAj1nUG4Ft1O08E8my4954_1xNpk2GNgBPXWy1A5DbIjaMXpjxp8rrMQ9da-fFKhxVVx4QnGiMneUayXkeeIfN3IRf-laoRZ3YITvpyDa_mmuClK2FBTWdHOio8aFPmu3O2FadF3KHWCjWllf4pOC610EnCn34pqCc1WX6SxmVOo_Ta1gPwveIEs63QXIT3D9mPbc-OqBG6v80Z1dn1f1OGIBvmt5AHLa4_kx63yjFOUrAuYh7NL8-31A0m1fyX50WrTOqS5sqJVf5BN6n6DS-AX30bfWH3ZtJ7j1ynabtq-RhRhHIsJqSWXQHf3K4lgBo1GQ_IE7lqU-aGjip3BrKl-OH5XwDONi2m5o6cRfZvVYoPGi-UvIEKJxaThMVLhDP5syWAZvHeaqW9r11mFFSiTrO8xinHGJ0TVoyBTtbf4Tx7Mmpw2t0GCenFI-UuYvGn4lXZN2Z7fhoNfO1kNcARxvT4oOpPvaJfx3GyAcNQkwe_lwFGDZ9ubBmJFH8UmhUHQoEw1zfE4eGSgxbs6uHCg-MfTpUbs0eNyDvdEkiRunL7ESWzp6kOGi6FPcIfekxnfiVb_MXOUaTt7uSjsbgRyrGYFI2HJBDe6vRsV0z3TeKmKkuD93sbbEUaXYnAWTfDA-KVIJDB0TwT21RYlYjwtjlWD4FG_OBAR_y4RwZPHRz2mE-FlBpFpQJpZsODY4WHwdPhC0_I7AJsz8GK9SgZV5DzjnLHF31qsPoHCvPZTc69OGdIcgGi5bBgyI5ZXjaoRawPIB0GGieXLqo7laQLvdjGUshMN9w6OFa9p_K3WbvPe_oaqNHU_Yn3sDc4Hq75jX6_MYiZCMP-bisuwXdXzGSsWtZRb5WmZlFIKMkfdsaBrLJNoBz85LqXPMw88As5e7JGWoISL7kpsY9KpsBHupScvJRjvsmG4K19F-ybvv8D1xt8g31Ow5QhTB7l3VHvuTSoA82EUJfQBFkCQr2feITJFif89tuzitNEx1RdD8ZJWKzK9KRIBFm5iNH5a31QF_NpZ5ekob8XYmX5rXU38y7xUs7OHcGMCVQfLzGHfNoUJGmM-strsaWWhbdmaHZMNghw9dDJnJToOluguPm2Dhp3jC2RXOydjwkaRMzprOhOP0pqo3fqfPRfQ9PshHE20S1uXQ8C-wDC_MgBYsD_WAdbwdGtwdlMi_1UDyTvDLZIcyhSN7Us9VymFIjO72DHpTBZqEqxWRjlhZLiERX6QjiAVoyzegz-AQIeWmIesDNIh_sSQjY9v0_MotROfdfHHnI8eBmgl9uL74QTTnP6nr_TW-RovFnqn_rjd_VzHJlHAjUtq5xoZ2gowAXb5vQnKxDbpCD0scJ_zHx4Oxj1VhMa6bY7BB2tL1eX05SIol2YCr8eek9sgQZGjrx8uOo4apyokQVmvo0n5_lR2CmFs24K1mLBeMD_yvs-YGsMQIgvvNvosVuPxhNlsORRSqhR6dzZGVEJDvBA2dy0cEAGmj4HtcCO0oq_Is5Iz6SMNajuzINye6uY04LZpvYZU9ccTQOLusg0-chouuXhnIhLHtkMbdg1VGa1ks9bYck_Jf1FKcOsT7HiY9pqm2dI7BlqYuLKMwJsySs4wwrmMHhsheHUmdDcvCQgxwmptvxSn_M1GnN7k_PduasfMnskazf_DO0F7EO0IiQFTCPSwwhAiKn4pSSFlBtT55cp4rDMoQH0j2AY7seGLxYVZ85cWLnA2h9JgpcFKrYprAgX597xS5anQqhR2LOoKdkq6CHrwB-YzXJMAaXVHpxMg6UyFpyUxoKRhuaxon816K8laj_avZaDW53A3RRtH0v0QVlxkGZocjplBuwTiyLvO6gRhrpTKP9WhKL4guKIXfK_ujA1dgXBedgdVtouNyLl40JpD_NWAX-XozrpD6G5kWEC2JcN0RLv0pYZJnQo0QDCIMOFj_EuBkDI6UWsyKfYfR2vlAHK3a37mGFxfT8WXYxdlGCgBXI56UChMo9HcaDOWx6_wKfeKkXGSfZ5AbQb-0upnR3u2xhmp39Giwk5F9xmuzE6v5PjntuULIcqKiUJ7B0h7IZl5uaeMWy9ahRjw2-yv4JexH8GZiI8Uos9E7_GLpnSdmj7P24v_PRtFBiP3HaZ8hUaxxUI2pt-gHGMZE1PkkR8V6IR-c4yDKZE17TJkTxumpxC-8-0THWkxQH73Eeii_BW9sQHWCbu37-DCxmYCWO-QkqjmYjaz9axl5WHUVwd6Cyl63nsV17O8N_3LsEofzvFMYWqKJTyH21nhyU50TPEyucDMjOujASkX0DSqcDl_fzJKmVHweIq2KIbsstsp6wt3JDc1ghibJ8s0B7kKsN8yTuMXCJKHjEv_Mv9Q&cid=CAASJORohF1dtUeWOHlLc6e6G9m3ZrOvQDCj0G8ygz9LTqxRxjupNQ&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:10:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/ Frame C7AD 27 KB
10 KB 172ms
30ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
server: cafe
etag: 12800787445863738695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:07:58 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame EEBF 2 KB
535 B 29ms
29ms Stylesheet
text/css 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 14 Jun 2022 18:34:15 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 14 Jun 2022 20:11:06 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame EEBF 2 KB
902 B 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 562
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:44 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame EEBF 0
0 65ms
64ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CPThKWeuoYsrnJoGPjuwP9sOFqAW9yfzBaszJlNaJD8_Dvt3LGBABII3kvSlglbKfgrAHoAHjwKvHA8gBCakCu4juUXV5sT7gAgCoAwHIA8sEqgSZAk_QVCM-JcbhC2qae9mSKTO1wWHoSQ_CxxL3YdZRHPjpPEHzTEOSxbkZP8dILY4OFRmvkNB4vy8KpFjgU_VPNEwFD3CwDT5GUpKgXw1t85c-vkIl5keEUn6ti-rD3HM2ARhGCdB3ZaBXjJCb1pjfxHN3Rgki1G2H5NwM6ofbpToSxyC0Ss-PpreSAyBGJndhMg8SDrEN6_W8wfKGw8siW69jqdv_O6eIYfSlL4ImZcfes5ZcoqU9P9-LB2bt45rNS1Pxjq0IbK-mhI9zWL8fmkCJhHOyTPLkwA3Ij1ohfxCBZSieNMgKEoX_oEGcrlok8DMBDBa6-EuymucYMZotJcAbTkNCY4p8y-u37YcdQjuqvWWpEu-1CefwwASylae9uwLgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH0f-MJqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCR8wTSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUwMDQ3NTU5NjE4NzQyNzaACgPICwHYEwuIFAHQFQGAFwGyFx4KHAgAEhRwdWItNzM4MzE3MTgzMDYxNDIxNhiV4h8&sigh=x0wLehgEBWg&uach_m=[UACH]&template_id=494
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/ Frame EEBF 21 KB
8 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/abg_lite_fy2021.js

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:05:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8671
x-xss-protection: 0
server: cafe
etag: 3673595682727343497
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:05:54 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame EEBF 3 KB
1 KB 22ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/window_focus_fy2021.js

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 558
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:01:48 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame EEBF 137 KB
42 KB 35ms
30ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/ Frame EEBF 17 KB
7 KB 24ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220613/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:03:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 430
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7312
x-xss-protection: 0
server: cafe
etag: 10280116914265038571
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:03:56 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame EEBF 0
0 327ms
322ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRCfMY0LxsPFyeSeEsEzCMhz8snr_ZmnuvcP4O9IXvbqhhqT1BRolv-bjL2nCAcCT6UeAlkfNc8AqazAv0gbmscJMH3lQ
Requested by: Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 6609dd9ea225b203b979e97d717528a7.js Show response
www.gstatic.com/mysidia/ Frame EEBF 32 KB
13 KB 25ms
19ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6609dd9ea225b203b979e97d717528a7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 03:11:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 493161
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13085
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 02:57:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 07 Sep 2022 03:11:45 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 63D4 170 KB
59 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
Origin: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 10:58:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/ Frame 63D4 8 KB
3 KB 161ms
45ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BqFIGzogZy935b3LSFQkL76co-fPh8gxYP3TFEcgCydKQncaLqnenaHX-6q933dYfVwMGHqplbcdrYCq_-BHDqtffzRg7NDXR34xyUVNvP3i31uGhZukCJHkg9zQ2FBiSiVzMuUWWcnaZqT9OKWP7dtEjG_w&dbm_d=AKAmf-CeGYA03zsYlbu8uKLxEnHu_pSdBynE66s9xEVSueDV_-88L4petICM9S7OdOYsAtqBFtNAMja9L9AJObgojVgaoJycuS9OHemedS8Adjh7zXuS1gDv-ljbaETrGeGLaqO3BsClpxBl8tIuqen-7qRILOHdFVFa__IfG4PCQtG2gDfDlO1KzFOOVSPxaUlnkewlCoVwmRftxFo6J3xrWDJYt8Ay0uvfE4RKz9ZKzn8bJmL_jZn2jLM3V8FECyIEjdIH_3evAjpFzD-gj4pk036urrHcbCgzom9aufgdI4TrZnxOUmrc4eEPXdik2SG0EAFnCsr6tZy-qBBcRPxUSI0PhQ7ONFIvSo-yAZ2_wGStToPqN70WIRPi45lCc9_I9KjIeu0eVCj_J8ZSJGQrAEiLRhCvcAXpu7RpWzmUpeAMtSaJ9mESbEef-YPxG80ZbD0e7UIJpPHP_QXt4_jlLCPbTHZESEZ3NV9y4pq_TSM9Hq3IV5-mK4AQdcNvgqDPkuNMkOUDCCVigxkGc_2zzU6gjr4U7sNOjjRd4equIwcTd_G2CL9GdmDRwFiaQ-oZABKTLs6slSQ-O8_Ca2DBvju7eXgeGPK6atKwTgs3byyXYnNn0NrsSlt0S1KegsZOZVYAvutmwmhokqPXf0qALJMOTjYZQv9o1RDMlOeJq-X7kW4eLJUfp3j5MH-OKOdQLXOQxuONyse62b3esNCn-zUcl-qwiXXFTcP2jC-NtfERbjrR0qAHcB57Yk1z0WgLazFg4x3KJJleQhwagjNpzqmYpIRP93yCrUl0r6TrStZRtEIpnFsOx1hZeWNyERIEohJZ7eFNwhicMdZASVDYZBKsmAN9hEy_qnDWaKWs5FHvZwFWTwqhHigQb61lCqnAeG9N11HJnFyV9fOLiAOmA7SSalMVE1T1uH5wcosPfSWGiLY12y1autFjmUkre2L1x4_EJJ2Yg1WP3Zi9VxKoIfy7SnNZj3nydJc0DE_UOozuT5a1ImBnRDUa9QFQ7GUp__ZmoZJv1_WIXVoat2Wqb3KdXcQRQx0AWbwADRRhc12-cGO98DuJVHYtrznnzAK4lA7PSFlWa-cYHNMrYkgiwNh60eLMK0DDboILeCCUVU0ghfSRpFa5gXq_798CfvG3hl7e35KqJlsFPHL-ns4y7GUyF2ZsuwthiNvFHG33gEkole2d5-DrIXNhrmR5oriiVRxAiHcADOCGthx1BnrIYgIUf6jFHw_ZstOw_-zm9ktqKk2ufsyRXrnSn0qP86YNjPCDHhMJxdwiTo7v9zkRc53McaL_WnmH53HIyZPrAR7iONcuq2GjsywojpOOnx3PPPexKDoU0NDUJX3MsN9pKp14uKOTtGi2w8FVkb0kPpseFclG4wsODKZKsn6-4m87iKZeNjK9AFMnXGrmsO4WIbY1rHYBu5aT4M52y2t9d4kPtg8Q1M15afFt-VT0w9YJ71iLZxfLUTSGH4F_RMWv3kx2BEvkOKV3Ug2LCD86iSeH9VOxAH_SDZU8nx1RdegLU6Vo_pRJ27XbHiTaDjtmEpplRmGd1__fvOGDDxMgaRddC9YcJjOIgF3b462Qe9mMAJBPjhhCyl92YNPXyMe5iqVdeLQDYdyEqSEMM3n-sx0x5SJm7diD4jaSyVbsFO_yUblqTB17VOwLgVNJaKyIzFAraTbGVw2ws1dTi83lgOhyuS9S5jez1goF95brR1_tNvwTOZVqaqOwjAz5WotZfuFdjRIbKI_80u5R_SVaV01E-ch99-Siq0MusZDLoAKyeqRIshxjdXWA9f3Ks4chdwfdfzr0MWXaW08A07NicCrq0ieROXIaFUbiiWwM5sIWjEI14NfcH6bBS3Bc875sn8hD_ko4TfrMnzcgHMDKpVA0AGx3PO9NrGd6pQ5EEyHsBkmHARXkYnwMXvOiFzaCzYIBFjbLz5D7Abqtxv8o3oJ9QrH5w8qNHJ37gpGOn5ci5pWUkNtwyE_KMgUHnShLehFtXp7qIkPhBR7wC_8anElNdRhwOwPkXMxUNweFj08ing_venF2lObvrFJrfDajKuM8ig71zx9NL4xg78sAUOQdO7BoFDl4DN6HQXAqm1OgblZsX1Wd2OlpSOkTYqfnlkt1BczwYQYVQyua3vHb67YZhSf6TDiTZQWIsCW_tAhBC-8c05J9H37DjwI4VVmCgnfnbWdUjQyTMz20e2n18xYzGrDqKp9E7GB9Y774NOIhJZSMcez7yZ5ZNO0JQF5rrytFOKCEZMyhomFLy43oSzv717EKGn59qhPD8kZYlBRXfk1rwLf1fKxcfF-L_WoWUnfCnxyURtKfTnsxh7w0LJ_RFHIrS7z0FQuQBL0y0O7WR6zZbS2AU9uNWwWJkAf-QEHlAUiGiNQBL3ooqpvv-E7Melbc70MMvXjbg0IhXed65PDxh3YeRKWOFgPbiUiuoMDHuJ2lUmbp_JYx1IacU8u7faBS4Utlq9NxwgdBtyZ-6sI2_hVhProksKzn2sDJ75tQeE1r3nsdAQOUHuY2I0t5wuT7vbDT6jkNubf5XpGZmK76uDBH_RZb4sciXUhV3fd3deVjHKOUXtKH8kHH3xxLR0cD3y8Z-p_AUC1cSI5EjE7lQtpv9XKzAf_HLv12F4cX7FypSzXlROns8cwfdKpShXeOj3IxS3x63SMmBRKLoUdYW3kihnrgIuLHtTN83SpHvaibrzpzbCaA93W4KnuMJ0Z4hldC2DQC0gOId1D74tQ9nA_fGR75Jjvm0_ydx_cx1uQxoraFRiSAfS8RCyOwfDRnXkD_iw4c4dYGebXM61J0nDduUu-jYIuVm6lpFfw23jiZiJisWfYuE2SctRO_t5Y_JKmueQVde8UcW1UjOFm5USllibEx04fdru6oPMjRk1OrxV8o-PNGqatCY3hi1uZaA95e2C78IUg5CA3yCoUHz1J1wzyESeCIEYO-0PPL2mfgzinHSvk2T7qY-smYpQcrvvSAo6nPhS9egnH6Rzvq3EPaGTyS29nADfC53Dlsf_5X6RW8NrSedkJ3PfEe78dHEpPt2L3yRzxboYyS96hOr332xHSwsz3hbgkbYZlWHSoWXGVuscfSTBs9GHbaqkePKBw11QNiKQ4ZZp82RJegOHCnHRvsjq4w_-Gfyi_g5Gtrb9LCcaPWdmf9Lhj6wsOMqPNHE1E3_k9qp-cVh6j2cmg8PKp_8IRsDBA68ZApRf_DBskF4iHT-yLZ_DXHwLLEErqnE6_xaraGDZhAt2LY4KggpPxy60RrghDtygoaDmoKoCcdW0yiCeccUX50CkQ27as&cid=CAASJORoEinwB4-tD3Bn8QBHONCb4ljqpmTQiywZBEFlhxgTcUEfMQ&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:10:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/ Frame 63D4 27 KB
10 KB 150ms
36ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
server: cafe
etag: 12800787445863738695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:07:58 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame EEBF 13 KB
13 KB 104ms
33ms Image
image/jpeg 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQEcZeEWLhqj-ZXn1hntBjMlSfeZFuT3dcrBVZXpJ8sinIOY6o_&usqp=CAI

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ac5c29dc8e63a7c56da7c23f91eba0cc07c26db67ced53b1ae3b36da9ff85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:37:16 GMT
x-content-type-options: nosniff
age: 2030
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12867
x-xss-protection: 0
last-modified: Sun, 23 Jan 2022 13:25:09 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 14 Jun 2023 19:37:16 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame EEBF 11 KB
12 KB 105ms
33ms Image
image/jpeg 2a00:1450:400e:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTTBxvrBKWEc4ajuEMJtvRvrPdDCij3VlRIxdKlO9UDXONa6UU&usqp=CAI

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

73f10318e0e003f649379675211850f06dbde6fa8907ecc938dab9e651ed4f4d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 21:36:49 GMT
x-content-type-options: nosniff
age: 167657
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11693
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 11:04:53 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 12 Jun 2023 21:36:49 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame EEBF 12 KB
12 KB 124ms
56ms Image
image/jpeg 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQRAJH4Tkcp95hZyfGtc1-HBbvM8jB67wnNyctUYBuG_SAOHZKl&usqp=CAI

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

68b5549d16e6187b914af65ece77610b3ffb47d61339183b7a082affdf4a5317

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:07:11 GMT
x-content-type-options: nosniff
age: 32635
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12632
x-xss-protection: 0
last-modified: Thu, 11 Mar 2021 18:23:21 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 14 Jun 2023 11:07:11 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame EEBF 12 KB
12 KB 96ms
28ms Image
image/jpeg 2a00:1450:400e:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcRbDP51ajnrXA7QuhwlBKoIVstCCltCbiOt-pl6aC_hY3MICnE&usqp=CAI

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:810::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3076512682b57ce089c1782f436affd059cd4f116fba2460da5fd3fe03d1eeac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 08:20:43 GMT
x-content-type-options: nosniff
age: 42623
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11786
x-xss-protection: 0
last-modified: Wed, 03 Nov 2021 11:04:42 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 14 Jun 2023 08:20:43 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame EEBF 14 KB
14 KB 97ms
27ms Image
image/jpeg 2a00:1450:400e:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcQUYepzCauHUTLKkX7HO3t6gfVXa12V1YcfNa87JqLm7et5fXc&usqp=CAI

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:801::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52345a5218b66dddc973e775bf3aa17ec16099469f01ae23ad2fe668ba4428f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:01:47 GMT
x-content-type-options: nosniff
age: 36559
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13960
x-xss-protection: 0
last-modified: Mon, 04 Apr 2022 01:40:43 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 14 Jun 2023 10:01:47 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame EEBF 15 KB
16 KB 78ms
22ms Image
image/jpeg 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcQvbSwd-jd3JgFi96ZRWcYYgYaPj3BTscSb6LqE05NAgrNuUTA&usqp=CAI

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9378219c4a2aa5e196c1123768dcd2ff0082c6fddf1794b94d92baffe4d3bc3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sun, 12 Jun 2022 05:54:46 GMT
x-content-type-options: nosniff
age: 224180
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15324
x-xss-protection: 0
last-modified: Sat, 04 Jun 2022 02:50:10 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 12 Jun 2023 05:54:46 GMT

GET
H3

200

1855790038366648222
tpc.googlesyndication.com/simgad/ Frame EEBF
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDbxsi7jQEQ6AIY6AIyCFR5nIyM6Xl-
https://tpc.googlesyndication.com/simgad/1855790038366648222

2 KB
2 KB

23ms
22ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1855790038366648222

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 19:27:58 GMT
x-content-type-options: nosniff
age: 434588
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1882
x-xss-protection: 0
last-modified: Wed, 17 Apr 2019 14:59:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 09 Jun 2023 19:27:58 GMT

Redirect headers

date: Tue, 14 Jun 2022 09:26:44 GMT
x-content-type-options: nosniff
server: cafe
age: 38662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/1855790038366648222
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 14 Jul 2022 09:26:44 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 1608
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBntacHEv6fNsFjpANpt7JM&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBntacHEv6fNsFjpANpt7JM&google_cver=1&__user_check__=1&sync_id=1fa146bf-ec1e-11ec-a474-132476d60406

43 B
548 B

27ms
27ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEBntacHEv6fNsFjpANpt7JM&google_cver=1&__user_check__=1&sync_id=1fa146bf-ec1e-11ec-a474-132476d60406
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6NqpuwEwAQ&v=APEucNXmGDQugHTl0aObGWmAdF9lIbbsc485tR3T9KIOgTSggf__mHIfAMcDsf8qBifretxwBmEedk6yuEQqOHmwRyF44kcm-dPn0_qaja7V-IP5HtR4d1jgddRkn8E2oBza_ElbtMy2xveoEqpJo-gTeufp5Ji_SFyKRWmsFw3Y-WjMkkbTQCMOZG8jcy4hNoqkQ5VUlijLGg1jreU2Gm2Dx7ZzWWLRgg
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 63
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEBntacHEv6fNsFjpANpt7JM&google_cver=1&__user_check__=1&sync_id=1fa146bf-ec1e-11ec-a474-132476d60406
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 143
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1608
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWZhMTQ2ODMtZWMxZS0xMWVjLWE0NzQtMTMyNDc2ZDYwNDA2

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWZhMTQ2ODMtZWMxZS0xMWVjLWE0NzQtMTMyNDc2ZDYwNDA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkY6NqpuwEwAQ&v=APEucNXmGDQugHTl0aObGWmAdF9lIbbsc485tR3T9KIOgTSggf__mHIfAMcDsf8qBifretxwBmEedk6yuEQqOHmwRyF44kcm-dPn0_qaja7V-IP5HtR4d1jgddRkn8E2oBza_ElbtMy2xveoEqpJo-gTeufp5Ji_SFyKRWmsFw3Y-WjMkkbTQCMOZG8jcy4hNoqkQ5VUlijLGg1jreU2Gm2Dx7ZzWWLRgg

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=MWZhMTQ2ODMtZWMxZS0xMWVjLWE0NzQtMTMyNDc2ZDYwNDA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 103
Connection: keep-alive
Content-Length: 0

GET
H2

404

sync
pixel.advertising.com/ups/55946/ Frame 1608
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adtech_dbm&google_cm&google_dbm&_origin=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEGAFYCtxVFHUTa7L_rzhHpQ&_origin=1&google_cver=1
https://pixel.advertising.com/ups/55946/sync?uid=CAESEGAFYCtxVFHUTa7L_rzhHpQ&_origin=1&google_cver=1&verify=true

0
254 B

23ms
23ms

Image
text/plain

54.93.76.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55946/sync?uid=CAESEGAFYCtxVFHUTa7L_rzhHpQ&_origin=1&google_cver=1&verify=true

Requested by

Protocol

Server

54.93.76.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-76-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55946/sync?uid=CAESEGAFYCtxVFHUTa7L_rzhHpQ&_origin=1&google_cver=1&verify=true
date: Tue, 14 Jun 2022 20:11:06 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

404

sync
pixel.advertising.com/ups/55946/ Frame 1608
Redirect Chain

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true
https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

0
254 B

23ms
23ms

Image
text/plain

54.93.76.211
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true

Requested by

Protocol

Server

54.93.76.211 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-76-211.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true
date: Tue, 14 Jun 2022 20:11:06 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/20862571333860544/ Frame 88CE 137 KB
30 KB 68ms
21ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/20862571333860544/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c7e76ee07bade3cb9e08b7b403376125027809613c351e84d546fc60d0b7e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 538202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 30982
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 14:41:04 GMT
expires: Thu, 08 Jun 2023 14:41:04 GMT
last-modified: Fri, 20 Aug 2021 16:34:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A2B1 0
622 B 131ms
64ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8BQbgcF9J45n1dp2jFSfCd4bkbC5f_gXV3YebpRXAQOtwAfu67aCeEeS_kWDTKURyHJJnWlV60fF63slF2Oa8megl_lKGcpeBSOg9MRGQfY0O28bo7lvmu4Pie_wOKw5R0MQX4ybw37WayzAGGeQOruZnt_mv7ROboIuESCIleyPacGf-1NSslaT0ip31JHaIsOL5yUwCGivzD6-YsJFy9TQq8raqRlFMntiJpxSdJxxjp0FnIMXKmEUCYRhOkFoPxvgSwQVvFzeyab10Gv9bCRayr3rcTWl8kR7_pwmwZcZ2ImF5TJGqeLpikNwWsN24pgb5ZP03AAox8vfV7OUz0ZWmEgWfX9f35QD8KeUENo4VfBcLT6ciaPAG0H15VUIrtI8U0Ow60Xm_jn4Q2sNREEN2PZ6Dr-iR0JvSZHR5vCdrDKn_VqmgPgF7Kdh68jn36UzUhfMKked8a6FApBANwxP0VrkhcbMmxkJSgShdpEVn5NDDXAWQUsad7v1FDvh6L9482coLrJHJm-MszSbAPwMjgckHKTyJjyw-0VQMP_3xq7p9gb-HlXS1XQxbptLREjHtDQs2HD1QvLpJ-AxSv9zPRUJrtLfElGv_8VK17KOH325q3xfnCAzY-8AyAW9UuIzGPro-fl2O_W9a7kvub4ZhZst-4pE-ghOoNLlRyEzxS8HzvnIUD8y9DFQ2Yt7IEuAFuHY8zpMUFjRLAcIjrEWVJ6FAlClfTjmPVEKPLbYjQfO4oV8ROgo0to7pivYlVYIJNwCXpS4tOm5pD0fHgALW4nN8wBUH9CKXhXa5e0hmKdsUvGZMMmE_FzOQ9FFPsFu7DeuS-Fx0hi9VXVaMadiu0skvel0ts0TjG8HD1kPOzKPNGuZuAeepCfLUOGwvixrai94yNkJY_rFDLTO4s4-QVnkCaWNFmU1VhTCaOk2oE2HnplF6TZhs9rjY2tn83CE7vCZ4tJsMOZgVeKoXAkhzrIjfybXdyG9jG7PFaKK30W4nLhVFb6YrnVfv_XbziK-ZMh-I2wXBSCKFgCHZ3exmGiPzUwk6d-aWgOl6ci8X_Et9c1aNIbuUmOtKpzsyoFYS_cIrjvSy5zMImwvEwEAqRq3XEmyd-CT6ji2QqTwwnYsLKlQxCwGAs9YWpQq_y77QoJlxk0VNiwOGUY1PLKohVjcM9lhSG_qwp0dJSnCPLzJqMFXHgOvgguFCVeIi8vJXeWJL9Dz1gXun_8LH6KuFz-KvbzeoNhS4sDluFEnV4x9dwyVh-xP4zDPEof7gOafS-fJWma3xGw&sai=AMfl-YTXIh_c9eCpfdi1TBCyqVE7qEmNytRFZCpxcCns4U3u_XUKo3HFUvn-BQgaH2JDdUAQmIR6rKj1mwZUNSLXJPaRd3elbgDTm-v8BOS93GbLt5Uom44PnjFp6b6orbgWq3i523-NXoRMM-gAreuYR3WHeeiMCgYfKgLCKr_8p2b-TNvevss0_TB0Md-rqHYNlXyLd_iTLesjxyWvE6tLRQ&sig=Cg0ArKJSzAgHJTtd3hTrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=186&cbvp=1&cstd=183&cisv=r20220609.99709&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/886862/58750208/ Frame A70C 235 KB
71 KB 184ms
47ms Script
application/javascript 34.249.219.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/886862/58750208/skeleton.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.249.219.119 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-249-219-119.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e1182a94011b2c6c6af53ec1d82b5ebef7ae69d253f7b400d83315620927a21f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame A70C 170 KB
59 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
Origin: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:58:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33162
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 10:58:24 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/ Frame A70C 8 KB
3 KB 93ms
43ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DcXnG4m15jUCeDZ-jmvjm48yig3qBTFYk9JSxH15qHLUc1bZ884nw1_utmG_vejiB0gcgp243z78jV-JPqT04D2eDyQS9cmjbMRBGSlZZTuo0bfFJV2j3Kieh4GCKdkAeV94oCvKqfJv-2BUxfngQ0pyNpJw&dbm_d=AKAmf-Dgb8aDm79CBcBwslNi-8K8U5wq7VPYcHUy8jo8eiWZnFfa6bjqUFTLhCn2JQrL8yXEJXBfbA9zaf6RM2SAYnEMyPkmoU5gPZLaHyCEbzaSO0VMqZiihA_rXL1E5BrW2tVpRBcokferJgjhU46qxcWLm2TQqCMxblr1ATKcETSOMm0gjvpwb-SV2dO-i4mF4ZhKZEyMopMEsJnk8wnkF4z6ORefq6YmzZ_GrIISb40Sv8TfKXEYgqFMxzmZJyA7KrWA73jB3G67NjPZhyAFGKGBmiVGjSvB1KgHywuSQzxopr3XsduI6OvtLCXUmppivuQcwQmOecUna7jbDdhXc6RHDFK8FTHEJ9e47o6ljwIMx7v4Q-YXm--eMe_FoK0ZwE93Y7JWlj1PQ_CVEGFwUYqM2gHFnFnw5UH-rDxO9vIrEoMHczPPOT8BjKzM9aJj2V2OOwPtBMex6W-U-Axl6rAjR65gZSCK-C0oNW-zOt-Jxun66c6MSo-Bgkhno5SbPTfyQaDdrNO926igfb1bl4IkpvfQdqB2ZgjCH5lSlAN-bNBfoK8ZbQZLfASrvimFNePhu9kjDjtFeKVlv9yz8Xn6sejgS3f4p4sReafFEgW2YZTtKE54I8mp7qTanFZOlp9gu7XScIxs4fa7JbDPniPQbRo5lW30jZGyZspMaT4GbqxZpVgToanlH_sZbnnKl1krNQ-M-qBMGY98nYUIJzDg_opHYmV35bN-B1tw-zPjnTT9KAN-gm9y8d2vtqZ8-cYWCXQvejMXOSpu-RAy8n2NuPdh578XRac8kg0Q8n2ASXbomFd3HiYjSsENgIAHwJADqZA4Vrvu4N4gQwI8vygBuxP262Eo2PH4_UOSFonLKlL0kHxVIdCeg2cvU6GSP3p3v7jIGyFQ9jhzlV7Ms6CPK9O94IyWVj-FV0-WorIsZq8FUMBu85xpS97IYQkMeR3bCBlFTJ2lLzaBUizwYqT29rx5K3SlPuDrZkxMCjMeO60JYoIzQrhcNUGU4k8536H47SeKtSjG3vWHqtwP_B1U468DpMrO75-6EKienPR42cx2ibZkslrueJLBESAkr_0IKKgRPqS5i1Ym31nkKYXqOi8pOctGywgGk431Zsgvx85UNiKlrDeptmK0W4jSlwDBR0wPzjd13w3ra3dH2xnLVDIgytzg0MgGk4Tv6iwglq7LY5jEOY4xtgN_Epo0M8OLNyTK6hUmxNYjDRkv6Ow2gxgJmC01nBui25Cc-7853T7VB5cJcWW_H7xaI9N0BryvVbGDLqlyODZDQpmAFCd48NmYlHQW0T09XR2YR1IU4cc1csFrLMAJyzz1_YARKKqu_guLPyYRFHJqyV456vWQzJ8imRI9J2lS_l4oYIwWWseGHeYUSzFx5iTDKF7IWcuL6sNOqSESy9LavdyAMyiOqnXhdI5IRDQdMX1P_lBSudsZuT6YgdKa7e6a2mjOFAyBLzBHwiqnnrf2q5fdORCQEn7bTcLrFrKeQfE9ROzCgHVCETvhjDPKAQkkuImC7frYOBMmzdjbSwRIkyPMmETO4Ahq1_Q9Gzjna_R3-rHyDo-8_eQ_teFfWLXXwE5IuTsj6NqrpxEaOex-ksj3vm3Pv7DRUik2oL0UbaOFF_R9qZ6gbxDoB2iVLmNBpVn4wjwC5_ifRmuyWmDoqc8SSiUdU0_xOG758QvXdI6kppsI1Vb8A-W0Wt_lqgN8bQ0N4Q1Dzn0aEvVc2FMpOem6jWE3F8j7bD_ks2VTWQELxvfPiJ82xyrIWqYMmIUxrzXLI8DBmJPSCwSYeARQ6GIIKw_8gsldTnWazix_aN6tg23l2E1uPvJPBdNdw_87nxCIHnuI8wnRSKjucQOb1NLU0dXzYNW0BC6uvuhQ_Jq5iIar9UlGxnaU5GI-fxYxoc8njV0CUeiO1roErEElSA93Afdry4ZJ9vGhHI5AFV_z_RYcIPIHhTPsdqzFI9laU0rWKaZ-e9NYJ8qIypwC10iZ360KSowVC2yKOOUJLCE-4Koz6KZcaYJuKu1L2WBA4bbyfCJtN31Urv_d49I8wRpfvkDH6TgMrP9KJYJXtP12Sajf-q38YSIstG5w7w7Ua1B74XG5mbJR18l9r4O649dhEukodrD3XWtlqEMAXiFXIbJMmHDz3D1Eni0YGGAmfBTe4MnYzUn66j5-BrySxafNAD0Tb_b4S49Le7aWyqcuu28jmtFIEptG3J7k1XXGXbJSjg82ozHB0HAw6dmzq3sC2NTCXn5MBM3su7LO871fNQoTZGfv1ptxUmQmO4t6qBDlEMlzy2-j5oCHT-0DBMEPg4m6TnKPyLQI54-nO2_PdSC7Q8vp1FNG1zfBATdr9wTmlZ_s2yid-AelKWMmuwKUUOLuYrS-MEQLun5PArozyXQi9xw61FBvXZeur2HAouZJdgG94cIaXO_2AFwxh286_99ZeMkn_AAPXxPWDwZZrY5f1gmjX8r6WLIQjasd_mCTsP4RsQ3X4kdW0F-Rj2rF3nySSx-v5jkXzB_KvtlPF191EQWBEsCIW5IoazbndEsP4O5EEYFlIA-NVvi2fe_2CtERVYFYis1ZqtX55DS1E-7LpQmbD2xf6jitVVKpfXKrNCNGqiWPwK2lYcGpREKfAkbmb_MQDitA1WaDyo1uLpvqlfjvBYLgHTDkZi9O8JVHSkDZJwZNvnGinCw-_V5y_LV_vN9If7suaXJ_Eap4SIQzvrCVhaOcpzcaMNYriJzVvRy_5J0DqB6r0jWJ4sVmf5pCWxcTb3Q8nIsmaGzSzrgQfLdvvfEO0Wf68oPBvZIuJ4r9V1gF5yFwVZMeq-WJEzBt2ELWA_ujI_PLnRP1O07aM2KxSjmwqAHZFGpecTbT-IcWNPm4SpI6XiKXi4QyUjIBxrtGde-AoYXHacoul7pzD54CIiHsZjBombjgUZgiJM6Pn5ZXF9Rh4nc1h4CDndO5Dp0B7YWx2YVto6kbupgzyOuva7Kl2QUFjiFZjpk6rZiq1LkdyxlPepqt1lsjPXPz9TWlAflxDK017CvY0rFzvB5_yMryS-ViQe2DKsj99aXQCcyrpJaKhD9-ob4BaMLSjBzanQDGcX7r_v7oWN44ISccIGhbnTHVWXnngEb5sovcsI-iMBBHUmtqyFgokLpJX1cwYIzUbHhWPSUOwrIa9Wfx2ByvbTKfErzn5paSVWPsNqcOYHRTQ_f98tE3MYvbQaFm5Ee8z9HdS-SPOrc018yitMklJnY83-hB8TWO2jdVQ73WGN7GZc5IV8KVTPph7fkXA3BvYbRR7jUcKzI9nvdS0Sx8hHxj0bV8hfmrr3JcwKanIdM8-MlVVmHIHKfL-le8Pc2AqNzSGZH5aSbQ7qpOj_PQaZbPA-sE1F6Jmbr_zK1xShskGy1fUkfianKWL6i-nA&cid=CAASJORolRqCK1gVmzFaex29euOKP-01VTmEiB-1ZF-09P6H7l31MA&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:10:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/ Frame A70C 27 KB
10 KB 73ms
26ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 188
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
server: cafe
etag: 12800787445863738695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:07:58 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA0C
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B

170 B
188 B

33ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVMYhNz2589ktgGSXPdDG1y2aW93s-KeFKyVjo1kls1Z2Gjm9JkkCmCndIABU8c0HLu3L-C1WiBOUPcY6yXh4b8ZMVi111ULkFBpsawn9czTxIHfUKBHU45xPF1qTQFNMe-zU5DNIQOftwKnDBTpYSy75MLEkvGdBNtGIKSwoiYESwupxeIhoOdir2jd5DwUakhzltMswsWeurkFJPxMZrO0uR_5w

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B
date: Tue, 14 Jun 2022 20:11:06 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame CA0C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1

43 B
721 B

138ms
63ms

Image
image/gif

23.35.229.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJfwggIQh8Wh4QEYkb3csgEwAQ&v=APEucNVMYhNz2589ktgGSXPdDG1y2aW93s-KeFKyVjo1kls1Z2Gjm9JkkCmCndIABU8c0HLu3L-C1WiBOUPcY6yXh4b8ZMVi111ULkFBpsawn9czTxIHfUKBHU45xPF1qTQFNMe-zU5DNIQOftwKnDBTpYSy75MLEkvGdBNtGIKSwoiYESwupxeIhoOdir2jd5DwUakhzltMswsWeurkFJPxMZrO0uR_5w
Protocol: HTTP/1.1
Server: 23.35.229.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-117.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1655237466455065-402
Expires: Tue, 14 Jun 2022 20:11:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame CA0C
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OGQ5ZDRhMTc2Y2M4MjZkZjk3YzU4ZjI1YTc1NjdhZg==&gdpr=0&gdpr_consent=

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OGQ5ZDRhMTc2Y2M4MjZkZjk3YzU4ZjI1YTc1NjdhZg==&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=OGQ5ZDRhMTc2Y2M4MjZkZjk3YzU4ZjI1YTc1NjdhZg==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1655237466499019-417
Expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CE6
Redirect Chain

https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true
https://ups.analytics.yahoo.com/ups/58269/sync?_origin=1&redir=true&verify=true
https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B

170 B
188 B

34ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGKmVr8wBMAE&v=APEucNUaWL7Q5j6Q0mlIBua8ou7fUcU0LvwiGjLQpX3jYXOtR7j2uzTTPiBGybEwrkalSjSAAgjW3mIZpKy0QAzxgiIgtRFO3bKn31hcjXrV1Cc95UCkS6kT2K_nJ4cMxcbrowkQwJQ5qAeQsRJvgvNHXN-HwssVIAJOrjknrbnBrmHDCaQV1fCjxHudO75-8FIpg-Ch-unjtkTtGeXzQ2y_qegJhnanJQ

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath_dbm&google_hm=eS1DLktYQ1R4RTJ1RVAzZ0QzeTJWVEFKYXlYWkJGSGpiYX5B
date: Tue, 14 Jun 2022 20:11:06 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

user-registering
ads.stickyadstv.com/ Frame 9CE6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm&google_dbm
https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1

43 B
720 B

108ms
34ms

Image
image/gif

23.35.229.117
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJDi1MQCENjdsOICGKmVr8wBMAE&v=APEucNUaWL7Q5j6Q0mlIBua8ou7fUcU0LvwiGjLQpX3jYXOtR7j2uzTTPiBGybEwrkalSjSAAgjW3mIZpKy0QAzxgiIgtRFO3bKn31hcjXrV1Cc95UCkS6kT2K_nJ4cMxcbrowkQwJQ5qAeQsRJvgvNHXN-HwssVIAJOrjknrbnBrmHDCaQV1fCjxHudO75-8FIpg-Ch-unjtkTtGeXzQ2y_qegJhnanJQ
Protocol: HTTP/1.1
Server: 23.35.229.117 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-229-117.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 43
x-sticky-vk: 1655237466445040-367
Expires: Tue, 14 Jun 2022 20:11:06 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEKvURjG1YeBRzO3F7AWvtq8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 317
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9CE6
Redirect Chain

https://ads.stickyadstv.com/user-matching?id=11
https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2ZjY2JiMjJiODUxZjNiYWQ3OTNjYWI4ZjFmMGE5MQ==&gdpr=0&gdpr_consent=

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2ZjY2JiMjJiODUxZjNiYWQ3OTNjYWI4ZjFmMGE5MQ==&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Access-Control-Allow-Origin: *
Location: https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_hm=Y2ZjY2JiMjJiODUxZjNiYWQ3OTNjYWI4ZjFmMGE5MQ==&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
x-sticky-vk: 1655237466426058-390
Expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 09CC 41 KB
15 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CHO1Oacj0e6dQE-BHmIAPmiDE5q3TjGFFyM9giWbLd-8WVG8KaV8sjOgcdcvfRAPJ8I4GfJJb1pbDrqH-l-xuuSGOt-gdHOaZ-PKthBziJ5O0TVUxpQa8Lfc2-6aK6w1GJaDBQy0VxCWgtFEWKKB6LvRt2-g&cry=1&dbm_d=AKAmf-AHky8tOGyw8l2g42e8jydlbfa4la_LioF6Ly2smbFv1hPtRbWuqcoIulrmlgUe5ZVMqxj_40AUEmux186vHv1SDYGOD2lfN_DoT7HpRCfa8gO4W0Mdc1dNCTxB8IvDaqOUphdGXL9J86zmRapOT8d0ESMSA99lqtpd3UUjUkslwyW0TQRsmDsmWMl3_BAJmYmEYNnQZWDvYTiMaYiPDWijtWw4CmKlM9Ql0JhPU7Si8mGIaDgDhi8vSOBRCZm1Xb2eK5yPva-z9KAzdBOei_bTCjZRu0KB7awwP4fYlYms6SMNQnOMWzEjgmejvFcNiyfWWIAi9MXwTGu7ymuRRtJQqXM6aCFnfjMY4DzAD1Xqyc5CACzvkQBgMjkDq6qWGh5KIrqRTpCdT42_CZt_wQvr4GiS4uFN8QdJGnxBk1dEm5KtV_71Jazx005O0jDk7sEvqrT7VX9be9l7aTpsYXZw-yDI5On06xEjF3o5wOpJL4qk-j4ouzK_QAfwqqWnOE1URyHQd3_EZawJIX-INi7j-zigYnQ7NROL6X7bmhcM2hpYPqcTlRUHOf1qbq1YmSDp6vroTQFtRWYL8uZXwgM2yczBcxf4USTlLrz8B7qRtBOzhzParAfswKqW2TJ7Eo4qYg-0VcmEa5GlZr6c5efBepv5RXS5zICgNYdt2FevPOXB0sWGa93OTDRtGPS_FRa2dkDwNKJbE_4wYKnYz1hhBWVUXggHfHBje4fMH_RbNM0YCYscZzG7BXPSl4PZFXbh9Uk2_cIDa-qtyYFTITCvt7PM4I8T-jLPkXl7vAqRsJHd7vBJYAcF-5C4YLv6BMuHRoSc3vOySEUaQI28VTOWCnV3fyYnFDsR0PdMRXoGnGbe06otVZEgsbmtvrInWdtRQe2YjTLoeonT3B7N823wZ-c6kB0hgZFxavcQ1mGaOakgXDeQMOeg2yGgTej2C1grvcEN8kJin8ZvuTF4WJ1kDKzCYevRedxdGKRBgoumMUiDjkIjpeqGS5ybqZWaeynxzJm1wEIpzJqZzgRf1TKNHT1gZHJnflCWRxK2kuLoGgz-LdnLAJb0C6jMrx9Gumi2ZXR9D1dsRfyOTqGiJfA0RluuSuwPNI3kDN2PEJVUTpkqZxCt2_bgrqf88Gy-tz7GXoxXmgsSjxfjm3ypbi4m3UYkPJP6-kvieVuUFrpGKz5NF5_D_XkyEOGc33ifKLPEDxAgA89-CThJEsQyoZx-rZDuuu1erJaaNJj6CILxY13NM8B14c4Iax7v1P4ishY83T2NZLNKm7qV8Z6I5NWhAvh3mn1bIGmak_CN45DRKlfKArSyQix21VXAOGLric9vvPDIQCSeKz7k3pGGOmLySwhjo0No_gbq1HSi53WSHNcYekfQSdv74O-Zm0L7DiGupjdv7iNg5_u0KFlgCzdU--YmE2AU1LB1oUmvPRCHqsEBzdsFQTi1NuFbEaGAPE8sfp2ma47tYBJnoPWWEkJwKfcg2LOBf8zCS7j8YW2J7IO69nY53xGNdxHiRi8SyClNKIBEYCuJwZDyG-9W35CWG0aE6laziVBkQrYSACwXcR0EIWlRMlLL_wTKC7DvE8Pn0fImUqqDqW-dsA_s88kv-3Y63FJt3DA0D1S3Hg7kzosikvzr7SEtAdIyUJPibXRyEhEY5ePsBLipXYRGK7K7upU1hLdnYxytOhQSGdpsQr8bQK3ItAAxHjwgtkpkor0u6BTuhNUzz0QBmHfSe7AWGqm5q_zk64X9elh00VXOWZRAoE-bSpj9uVOChQCHBik8fOJ7Q60r0kS6bvpo6Zq7w1xnj9SDOQWXHzMQgiTg3lW1C0u8OM7H41xiEMNhQEBQG3WZlyfTgOUmP-KzE4fGpk1_HyYqOIk4ptfIxEAebYVPqVpKDka3vBx9YYAZOyysLbCyOQirHwRWMLgxqwdbAY02r6P8FE6_a1ewGqwgpoKzu1OesnWAB33QZg_Aa6gfVk4PercBbGti-ZFCCR-MHCwUE5LS1WZ_RMW2M-AS8M-2RCzZZ-zrV1Na6r3XtmQZXkc7R33ewID5-G2bJ607ohbaZplnShWXJHNY_YS1-xjEFfE3UnDH5TG9yTj-hGgGjfDrcRM9qfvsy5-AwLWzfwI1tY9LiqkCYVqu9VWF-A9Mbt-p2AOgqveiOb3VLySxuB5Fy8FjUEzAAqgu89glDbckHMy82rkZgoDwmcwLdVbE4buKEHuN9aP1_o9RgAaq0ielpXGLI4YhbxG2WzmbxVOXE8Jj0_K2B0llY-voRAJ76InU7z1azAf4wFhGj6dTZxxUFdEv66yJj8iDZbq6EL4oJBYucgaF_WR9T4y0ZS7Tut0PURQmaipLtYPVfOhckM_QdD-aigXvd5hRH_Do-ooRVswcYRbRi9uWCV1W3fZuYo17uzxjveQy-rtTKVB1AqnsHTVJ78CNq0Gzq2ekL9RH8ipu6KHQiqFzV997yUoqE5Zys5-TX_BvYVzb8DFHab8gn6A3LFVxbReKY4kcCgVnTl27ve0B8WQ3bkinQ8XbAfP4OfTxoUYW3oUz78m8seBxFRm01QwqrL4_7JdTT2u47fxM0RqJY-Jxj8lzDYsFVCPWlZCWsYNZOiBcEapnkGgOjUIAFgVlEAjIYz9zI0F-nRxXUpULyYgR3578akS3Y3xSycBQrcPK3YZNdeJOfQVDx-9TI8VnmNV39Oyb7nYoSubXPIlJvYtACRu2N5vnAhMOlqB2Q3KX9B13De2CHIquyzxhQEEIlKHWWuXiCRkFLg6wzQN1hQIzBHNvX0QxP67I6ATnrbVOTV1MkZtAlGHMl06dkrvxQWc490TTenqsvgyERXVRq5fU5zxvvOmsWR7u11YCyRo4bSRLNPtqRZtv1RF8_FLlPbxN2qC0cVLOuelRqPUHGIuBDZ2QB1sOlRyUSLtEPrz8GE2-doZrAA_gAcN2ZFNojIbmvmM44KrrcvHGx4IxrB6CW08qaFIescAyy8VWtZL_K25sOQ48atqVZ5ZSYfSArLqTf_kedxho2gR9nAGdUlzuih7lu1oBIAapNRp5DvZWzdJwVrlfh-HJmok4XGdSQixIHuMg7RR6EOtQOWUtbfw8bRVtiAbWToCAXc70p0lABQAC65NnUbsrmLQ5KPSya8dQxHZD2VJU-VIuOJcCCHLzEGAsQsm5StyA78s0u9vgoUG0e-9bJxnuqSKjQJXJoIMw7b9IQd0fCA&cid=CAASJORo6SYfSwy-_WxXWuUxLAyjRmRqj0GNDdHGlInB_tIk-qEMGA&rfl=2%2Chttps%253A%252F%252Ffornoob.com%242%2Chttps%253A%252F%252Ffornoob.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EAED 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7F0A 783 B
534 B 34ms
34ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f11b06b8a5fcb7bc7aea36a89cefabcbcf5ef16f878043d16fcbf95ff44973a9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-AcGdTbwiHzREfsx5gcXS1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-AcGdTbwiHzREfsx5gcXS1w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame AB93 0
327 B 121ms
51ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l4elnf1e&c=6907604607019&slotId=3453802303509.5&qqid=CKj2mIngrfgCFUX9uwgd8YALHg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB93 15 KB
16 KB 22ms
22ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 113282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:43:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame AB93 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 118999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB93 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CxDDpWeuoYujlHcX67_UP8YGu8AGXgrq1arT5ktHSD-3p2r_NARABII3kvSlglbKfgrAHyAEFqQIFR_opfXyxPqgDAcgDmwSqBPgBT9CoXlCbf8bjilcVBUkb7QGXDGmI3FZA7LBjwEdkL_LisZttv3DKP_0Bx33hr1ah9n7UadqFbk3GPgDmbl1C09HqnRrxlyOadbSfrr6mnk32rFp3SS8bLQFJaNLOt_4-yfz8Ybbujs1YD5axqLlkgbodqlg9TzHZrfGOVQwk0Z2LonEs0BHvZMZQkamQi6nnQ4jEIFkGBr6dXkldUG1YDft9Fgzm2GbLEDo71rMpLuwVZo_1EQvDYVwI3ZNvDQw7qIkpKXgjzI7KrlemXkp1mPXvX885cuNv8Ln7CaNWhS5H5SFmMdduA9taUpnEHaeRHeGtnoM_LnvABJ_j5aj6A-AEA5AGAaAGdoAHvLGnrQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUwMDQ3NTU5NjE4NzQyNzaACgPICwHgCwGADAGwE8jYsg_IE43ks-AD0BMA2BMKiBQC2BQB0BUB-BYBgBcB&eventType=clickstring&clientTime=1655237466357&ai=CxDDpWeuoYujlHcX67_UP8YGu8AGXgrq1arT5ktHSD-3p2r_NARABII3kvSlglbKfgrAHyAEFqQIFR_opfXyxPqgDAcgDmwSqBPgBT9CoXlCbf8bjilcVBUkb7QGXDGmI3FZA7LBjwEdkL_LisZttv3DKP_0Bx33hr1ah9n7UadqFbk3GPgDmbl1C09HqnRrxlyOadbSfrr6mnk32rFp3SS8bLQFJaNLOt_4-yfz8Ybbujs1YD5axqLlkgbodqlg9TzHZrfGOVQwk0Z2LonEs0BHvZMZQkamQi6nnQ4jEIFkGBr6dXkldUG1YDft9Fgzm2GbLEDo71rMpLuwVZo_1EQvDYVwI3ZNvDQw7qIkpKXgjzI7KrlemXkp1mPXvX885cuNv8Ln7CaNWhS5H5SFmMdduA9taUpnEHaeRHeGtnoM_LnvABJ_j5aj6A-AEA5AGAaAGdoAHvLGnrQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gH89EbqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUwMDQ3NTU5NjE4NzQyNzaACgPICwHgCwGADAGwE8jYsg_IE43ks-AD0BMA2BMKiBQC2BQB0BUB-BYBgBcB

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame AB93 29 KB
16 KB 144ms
56ms XHR
text/xml 142.250.102.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-CtH8AKyaI0LufDFYg_fo-Jp8-VMLL46HdBwCBuBC-d0jO4wMq2UOQfA4RQv9TlAck8nO-aZ_qeYM-Asld7U9NFXZm7jQ&cry=1&dbm_d=AKAmf-DaohI6m_oF9fT4p8WnB19qYvTK66HPisPb3JOZqJKbZWqfTh4uGcpaai_MoHFI7nfjeT9_syCx5Qto6dEUW-bXQ5xrboF4fWZscxd75Vvkr-Qw8r7xE9IBqMqSq70v7t0-K6zLPC-DElz_-cGpyLzvyfHHvVbb-7OXQ3lm9COMivDZ7ridZEA2jW_SUNRTv158uF3OPh1-GYj55GSgX_TdOnl2f14HiMFlVo5l_avBcJoL_ztGGD-aLb6bqmifuasS4z1MNn0AL9AHO7Z4_R7NZgyWspm-zrHh8rmmGooNR5Mv_k1XbezQjZa90wd_bEefHXTu1XfkJ1F02jOrru7klfihkpfHOyNY5TKR5wbEtvkysBEQyZtNIUelJ_7P6MQSvzSoHsDlJLCN_xPKqesCIIPA2y_Z4AnnRV57RCaL9AXm_VhqhJOvDldk5fdhMYprd0qBcKoBpNKbJM71IaW7pdYLpLKxDqgpwqKR8z5EkSrOSN16X8SumaUkUIF4DY7x7UzESMkqcVXNjf9sGdGRErBYEfaTZXaRthqgG34PfCiaFd_J1evdoot9MMQWw_0aK_ohWyWo_4DSAjSEyc0IL1YLNY8e1G2cuQhW5j4QCRvMS9lO6b0QPI_bzo-bcaErOqcIwXRxhs0iuu_K0aMKd2DMIF-6okKkBQpnzBHyR6QkGdNf_q32nqm12AwuvtSrqQjWTPfU5zgHjc2mDc5oa7fXH-WFctT0rquyhZm-HUjPySWZapFPpblD6H5sAhr9-dphpBSNGHbQzOWkHjiI3vzw977OxYlwemE1uyKKFop8zqg87gJTb07_-WOcTWVhwHvAptFx7o7mcogW0fCdNdLS3uB6oMvKRKRtdijTFJwj2qouHBnoRaOOc6wiPSRP7EgZlYRrBMBb9Sjq3A7Sit4gfxk4MzXuS9PkJMQqtdkqDc802QJ9r9tLbwbW407FZ5tXQOW_01VxeVs_sUqRPrBP27KNt1z-AG9U1EU65UTVB-ZIa9wHAg11PUfJ6r7-FHYZmNw7A4gyt4NUpe7qbZoGlhgrUGzCjfpr5UvXT4DNRJSNGPGpPgcATQT0Tu7PWTHP0ntbccu83gyUQ2MOIp90ciRAgSIfrZmDWvabaU4IhRqwoooaWCqKYoSRanyyfr0r4USzy36CXOGMUHPqWR-cN1L58AUnW9U_F7irKiyyVsMIgzUla_rtNzRFjmqnAVDtr3UrEUJGF_NsVEpf1YRNchICKmUkoJfDVsDppDwT-EAlUVhQwWo3PCKc0IIDdIaSAN3sN1G42UPPEzQpJu8LciODgk34vsjjNZZyY4ZdRBQ05ifMpvQhffzsO_7pbQLEOVYGgUEceuiEsn6bS2P4vko6IbfQqBe9tLLhOvki0D-iEAFzZDXTbSR0R1e5T_CErNf0amTBxdWZlHs8Txnf3V2scBiG9KJ-twwNJA2ifrfCxyQRZQT7zdiV6S-MMepPH0iH_P4XmxtGqB4QpEPY22O8FIzaaGi6zluMuCO-6_jTkc_GR7yLHCQkPcQUw6JrO9f4WsFvia3PeQGXGBdsG__tgqJKPP4FUltITKJ8wPkmY3Xe25n7F38nUAAk90i4jKeJqPS9Hq3hYsrrGu5Mz5PsO1fWGNQtTSkmMEcP9ziulFlThxElhsNB3sd_KKs4ObD3yNnStx6fyRd-yNgx6nLKs740Y9M34DKG-0_sRXXWZvucSCeFoei8cvdx53c3-w-pqG8kXvLgOqiXZgb4ehDzvYtBLCN46lZbaAlcrtBbxVqJt20U6C_kDmUWSmKkVopSfP16VCxWir7dwgx-BgQAHqHa96-iLPgzDadv0Ia1KMwS9LPz7NgxCg1byn0AFXfdGNCFpGnBVTEJ4DB0gyjdNDiDSFVc83qJ3c21fIvTeZWjKbnVZvi6MC-kfOrlTnlvJM5b_jiiLa22WfnVmynn1m6L76W_tIsnHh00rnmk-VhR_0bh1cBz5v9blwTb39-MQYJd6G9YKzsspMd6Uq3EXzvbxbfhINFBO6cHNke5UV9u7EpyfnC4ISNsdxa_Z3RGYhzLXt3gAZd9K4Kiciq6ghult1glsSpdC22aYXk0i9mwGRBfAMX789GBequYveUw66UwXyITE9J8vFRcodhd9hy9VGup3VVzoMmh0Z3pWqxA8mQC8x3i434wl1C9mUOKTNLeyNvtSRlTey7YDo_G-KME8x8VGsYMtvqbsrVtycyRvocUn5qdVJVQuBM3aqyas1F88nvdSprDfffc0b3Ia39hN7vRjdAZmELygsx9IXVFU9zhbnfPdCgS18vyASHWQH2tMY6vPduthyUFY6wuAbKocHmPitCkAIXqUcKk6mKI5xgfbCeZ_q1-jk9VxXyDymx7g8XdB63gJE5679kZw1DC3q1Nyi_EENjMv3lMQYLEyUnPVdPFAfs42vR7sdgjhS6GvsZo58vTi4_YBrlXNqfOfVYcI7ltCbFzMryXMHMWvOZj-jliqBhtfhWzYixJpFEaMqKub0pwazl_fF5B_luoIr83bVp7s4961cO11rUF075m8RykIYrEabDlpvjBkMobsVX-VVcrpokKXWD6CjKHe86eIsaDZNNAdoEtajzcCwAgV61u6wneP3zoOSB8wn-m5C858ZG98qNREmdYT6ab83fEX0HCjw-VJER2tviVo3pA0E1oKyCbgTfa_3WB6krDMlj-9KY3OmysS2MOL-Hi_FX-6xW3FANIVQKmGGP5-0q4WPl7zKESFqno3lbOASPJozukyTL0kWl9Ixfd_-LIa9R6jTY8XzLY7c2CIiUJ5CXwej9sSv8BXJNu3pjriNO6ZuI6kvLyH_YL4kQGpSiTTgbhJTffSjHVAfHiTrUjCJXtgY46GwQTFoLggZef7psphgTFh2rvJdmZZR1KTI35FQPY9d0Vne0UdFfxoTB4RmS5Br6R6cF8mflCnYvkKcYTpI5q5nrQ7lJVvajpJ6sGpRRMaf48Hx95IIl31RnQoTA6nBF0HmQZUFd9I1fakgVZLraPQwe6BLYK5wTlz_AvdzFrxTi15bnGSXegzdMcf_5QJGUzWGWuWHNPL_A6oobzbKHU-bf9-prGq6sXlcuG1fq-maLT_ckh6Nhpc8lZVXlmLH1tLlNisl0pmeQ-Fv3hRSVjDYMUdhn66AwMxhJmxyrHNana8rD7IwpiK8WHT9Z8o7gVlah5ShT0r76ejFWQ32A_vVfMEkbpbXdJHwHn9Q3lzpquDFCN5Ha0jMVxQstW1OJ-EqV0AMMwtRj7KRpIMErGzAHcc4JIe99JOJMe3hVGnC31mkmhIYVKGvWOkbVaKyvC4CiV7P9jAyTNAuN9CZ1OjwX_z1czDczXIloRwITPff9VIhJ1JW6KManMocHgkrkLtdfKThPVvZnPytb7LvWt_dYtkzYoLr9UN8eLDe2Cj7SGvBWaJVmEY9ixc5x5ORCjwJB8pSEo_Dvxs48z0_F04eQVDeHp8ckHrKkCwtvOjU3sS6l9fIuHjEzklfmBnYUP1N5-nfuJ&cid=CAASJORoQAP5ZG5x7WLkO1Xp-8eY-Ll9RXcNxpW-MbxnjhubrdiseQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f157.1e100.net

Software

cafe /

Resource Hash

146f9af5cd05799c57b6870d468aeaf3cf9150ac47532a17cbd9e1388b61f926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15717
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame AB93 0
0 62ms
60ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CRmPoWeuoYujlHcX67_UP8YGu8AGXgrq1arT5ktHSD-3p2r_NARABII3kvSlglbKfgrAHyAEFqQIFR_opfXyxPqgDAaoE9QFP0KheUJt_xuOKVxUFSRvtAZcMaYjcVkDssGPAR2Qv8uKxm22_cMo__QHHfeGvVqH2ftRp2oVuTcY-AOZuXULT0eqdGvGXI5p1tJ-uvqaeTfasWndJLxstAUlo0s63_j7J_Pxhtu6OzVgPlrGouWSBuh2qWD1PMdmt8Y5VDCTRnYuicSzQEe9kxlCRqZCLqedDiMQgWQYGvp1eSV1QbVgN-30WDObYZssQOjvWsyku7BVmj_URC8NhXAjdy26X-ag6z7vy1KzyD0WmgSkwnfrqUzwtacJQ_mVTs9IRUOxOXOEUoHEfz4HPTDSFNEUKi4nEeDqgAsAEn-PlqPoD4AQDiAXOnN_bQJIFBggbEAIYAZIFBggdEAQYAZIFBggdEAEYAZIFBggeEAEYAZAGAaAGdoAHvLGnrQOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHChDT4RwYi-bhywHSCAkIgOGAEBABGB3yCBthZHgtc3Vic3luLTUwMDQ3NTU5NjE4NzQyNzaACgPICwGwE8jYsg_IE43ks-AD0BMA2BMKiBQC2BQB0BUBgBcBshceChwIABIUcHViLTczODMxNzE4MzA2MTQyMTYYleIf&sigh=lxdokrxIecE&uach_m=[UACH]&cid=CAQSOwCNIrLMpprcmoZq_AVc6AlBc5oN8q-EsdpELORZr_m-nSej0860XAtWAq3AjY2BJo5Zm2wRJTVOrOJx&vt=10
Requested by: Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FDD0 1 KB
749 B 27ms
26ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame AB93 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 31d9cfb913e7524c1b98191f76f2e322eaf20c34a87a64b0d3ed2fa36f22524e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2F8 13 KB
5 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4CDF 783 B
532 B 35ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a4425024bbe1de347df32a7b0a09a50b3c5f1ed0ea1ae0112d676890a852c219

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i--PbxYoqW2q0GCEtdNsfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 510
content-security-policy: script-src 'report-sample' 'nonce-i--PbxYoqW2q0GCEtdNsfg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F93D 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3111 783 B
533 B 34ms
33ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ece50b61d5509fdd249dfda21d00b271ef9f47b1c141fe8f0fcabd354866d7ca

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-805_wfbpnJ-Iu0hu1gmfNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-805_wfbpnJ-Iu0hu1gmfNA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 204 csi
csi.gstatic.com/ Frame 9928 0
54 B 89ms
52ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~l4elnf10&c=4281417526683&slotId=2140708763341.5&qqid=CKq4nongrfgCFVaXdwodKOIB7g&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9928 15 KB
16 KB 20ms
19ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 113282
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 12:43:04 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9928 15 KB
15 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 118999
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 Jun 2023 11:07:47 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9928 0
20 B 55ms
54ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=C3NX2WeuoYuqnI9au3gOoxIfwDpeCurVqtPmS0dIP7enav80BEAEgjeS9KWCVsp-CsAfIAQWpApX331czhLE-qAMByAObBKoE-AFP0KXTV9wkBc0hmP3NtwWICWAsZ6B8C-KqtXhHi5dIoBqM4pNSRd1Ycqn4DqeiZK3NOw8ub7eb8V9vweWgP3TSI2lwcAd1pJflGtEKylJTm3w3QJ9_D5X7XnvLuwjTIPPPbIl-8w6VVcaznbYF4iqdWfSULCtJQqBiMxPXURHc6aywQ_4q6ceOgsM4dK2eB8bg6b7LEvmfgE8dwO_auXc21p_bqlGD1b9eY3aC6Yah5Q1rXBqEpr_9z4kobDYUxowBvrxQy6okOUTATXe2XsUhcxjhntXOwXzhkuM4JTFoqhqcccuoOfSe803h18-1ApEWDtD6miSBaMAEn-PlqPoD4AQDkAYBoAZ2gAe8saetA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTAwNDc1NTk2MTg3NDI3NoAKA8gLAeALAYAMAbATyNiyD8gTjeSz4APQEwDYEwqIFALYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1655237466390&ai=C3NX2WeuoYuqnI9au3gOoxIfwDpeCurVqtPmS0dIP7enav80BEAEgjeS9KWCVsp-CsAfIAQWpApX331czhLE-qAMByAObBKoE-AFP0KXTV9wkBc0hmP3NtwWICWAsZ6B8C-KqtXhHi5dIoBqM4pNSRd1Ycqn4DqeiZK3NOw8ub7eb8V9vweWgP3TSI2lwcAd1pJflGtEKylJTm3w3QJ9_D5X7XnvLuwjTIPPPbIl-8w6VVcaznbYF4iqdWfSULCtJQqBiMxPXURHc6aywQ_4q6ceOgsM4dK2eB8bg6b7LEvmfgE8dwO_auXc21p_bqlGD1b9eY3aC6Yah5Q1rXBqEpr_9z4kobDYUxowBvrxQy6okOUTATXe2XsUhcxjhntXOwXzhkuM4JTFoqhqcccuoOfSe803h18-1ApEWDtD6miSBaMAEn-PlqPoD4AQDkAYBoAZ2gAe8saetA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAfz0RuoB5bYG6gHqpuxAqgH35-xAtgHANIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTAwNDc1NTk2MTg3NDI3NoAKA8gLAeALAYAMAbATyNiyD8gTjeSz4APQEwDYEwqIFALYFAHQFQH4FgGAFwE

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 9928 29 KB
15 KB 127ms
63ms XHR
text/xml 142.250.102.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-DXWAM1juaKtv6VDuCykbKLX18gdXYY6WotF_oAgKjL90fr3ds4pyD9EDhkAgqEnz5VipuQRbJ63ckLZJxg28AldP4JWg&cry=1&dbm_d=AKAmf-CEej8z4U-SJ7vvPvtOIgpIx370OsdeonpBmKihR3KA6c3sH8AUwhfCSLmyPCHoOykRagcyGBiq1vZBc1ekvcv68xcVYrxdX2JFDAfG8tAmX4j-D1F1x9FTHC-CrxaqPi8dZdbfk5HDxwz-YN8S4sKVhTRaF9wboTzXnkwzThG6uUhOSlTtdCYy3MmrJeDScRNXBKOdxXfJxtmFyd730lCYILIdvYHCUlGRAw6epQETVWsbQ_vNpmIa1v0CiE43U2LKIGTK4GnBp0n3n1-ShO6dw231P5IBXW5eQ6jzfLgc2VR5RH3lhxxYi3ZTd_O0YH2-n73kCR1D95xc550lzlGw-Hptw2DWDlcuJoWq-gw4SXKJj3CZfNZK7su2bQr2ktrgbfQDg07It8SGlnE_cLWwPFADXnNsLVXoc19upv_sjFHwMfGDIjkt_Q2fEgs1C_Dk2zAR3MjhbET7-Le2ZI2fzNeG8tDjo4sOwUyCFtqlsFn5YXEg9t5Z-LJSeza5wCv0AC2oQNViBlOARuGNk4y74-JuDBcZ3y72IASNJEbORR9fZBt2MEXjIMSGO228xh1lXWjDQI-IX_s_bUle46GNJT2Sk2hdRNYtldm2dBZv9UgI7uetnTZhQJnxMMjdasSO2IVZNXvq8z7JhWxWY9REwnOJU9nYhxmEnV6qMpddHA7_3LAUXn_Ro5G8wrLdLtZY1bRC0509S8Rr3s-PU72G-z7gbxTffob7MLxOqPZ7zjCvFmj6CFyefEjcfdx0cgjKIKvBlZKJDQu1bYo4hF_KMj8nbhihR5JOeHq40PdNAzAIbpkiYuflM-o_LnJaBzdIfVKuL7isnIIJSd7-9oGeVNX3gcdRE9fb9ri_cdfZF3AcvG47bQ0k_2mwdvMTKlI3Y1uqiYx9PHpQA0FgXMbduSdW5EKAWd1Wi88B0cyLfS22Fck69HIkBn1WSVe2MOIm-gB8opGEC2ROXrbBMnaNZdqYuz1BLSS_tvJk9ycEfgGsPd-Tt4qD_U5VGXRVv6e5Hwp9XRxjXbTMdL9BkQQ87GOvUEDwqPu-tDwywOUDU6UCPg98vfv559lVRv9Hb1kJ1DYhiUhMPUStLESePCPtPIBHa9ZuEQ8UygpBll3jdMvOUspt7Xymz6mWSJulrifvuI50JQPFIFnbcUFepT8dr5yxUwGB54vZlX8ZNA9vOfm8zOxd3b__ogkCOV6iaJ4PKYygQ27iHQP8tJPE1GBaydjtOz7lWHgdG1tM4cejYOgQ9A7_XMa1_RKcotdECWy1GM111oKWiUPPSO-5yvCFsd7DRY0tO3b2xk5gSY_asJJjQ_wopVdsmiTxYFPCdfhdTIltkW54LNiCt45D8fZA3EQgB_WEWND9tIolyJlTtWF55SPhtBWtWcmI-LHrvmkXJuvrzVadcJ-kta2h5vDeq0fBsoVRPk8qCWqignSB_JK4ZyBUlrsYuF6OT3F_I8rqMDPUYaFuoDvj8Phe4YbORoMzXtNLEGeEGdvHt0b-A2Va5n8kTrr-nFvpqE5aR_hR-IXl69Gh495UTyhZVTmjyEf617QhO5_-h1fXiLEPUV70dF9xUHHw34BrU7Qhaerpn9vPNzsBL8RNjwn5MF8t1U0T81N4k34CJ48qWolnt3JuNIHlVVy3fVHoi1-0H1PgUZRFO6AThGaRSVcXPRUVBE7_mgRRV14HzJeUpQdXx2lpfbqZddxqwhNmvtanonc7-HXRq10N2XuyEzjA2izFXaXc5UGf6op0-B2EDmql_lh5U9WX8ZHBBt0-kDDGlOwDsvQ8B1227dTzj8VUvyB0xzxkmc13rcd3ZqDSdTd4tnE8Ub9derdo_i9uwpn89HtWTa6f3rfWB57sW5A7KgZfnuwDm70_q2q5slIMfr8ZwlThCByeIih3FHG2ZIAaF5TPYufHP4_MHSV1SMy6cKi-3i2_afhUxamADV-JuB_Jxzf6E7PWnzxRsBjcQeUcwWXakZsmn1SAiGHze-Tp6gb24gSNInvHzbhRZPjIPqdW5lOZrt2z75Xa5UymPjtp-oOJR1oGmdZZRacDNXEefVwkJhR4aKE7tiN8SPGpPttc1pRcZTzFtaYmFLfopqWx6j7lOOaVpS1559i7NrvRbH6d49QKKiPtZ1fCJZAI8kxLV8_6dTUXkk5079v612GNQY6qTAr3vuuGULa3YcniTal5mlmnYsIaWH2dXD-F1b5ySmI_soTTjYYoavz8BpiOiEWGK6g1UCguwe7GvfOc1e8YOly-61LDUYYGdvfNOwmnnB2Q16iuUkDTiQs7U7UyeaTfzUgowzsSfSD4Vg3bZbOnaaUTfomTmj69iNmxMBhex2JLQHaNh2MYcHgF2D38xWJS1_eeZyC-HaFO6e0XMAg2Q9n_b2QlLzrZZxu3tldL3ktIxgx1nsBaJSk58Ia6-xx91_gwqyyVS85vJczsbyj0yUghUySBbnuLRjAVREyxqPAW_1fTIbzkl4kFhb9uSzN-zM_aeSyn4-5sf998vwFygNnaGVD1QumBPCeGiWbRUmSfyDsdemOo9qgWq0XA9_4p4cL2Lkz1rM66wxarjEZe9gyn_L-Wco3xQaimvMmyJXpQNGh_mv_cZ6_ctsHTJ_nAgCap4xf6H4Egoztw0loqtz6qWYnruleJM26eUFkIj-SMlkhGiGB0nBGVPhQy9ZG9_B_eXHEY57z8N_yRfg39AunUr_sVr0VO-DBIIKGv9rIWPv3jMhl2snARu87N2-Uh5wT6iNvdjJiOfPN8BaYTzQs6a7VNmftywnUA7PkEgM5AaZ979Yp-_8RytvOC86abBBVGfOaPlqX-3cCSRqadWl170lwSmCpud7blFpbODCHOiFVNBYDUoC2ZBb7MCm7yEibvJ6cfEJ7xLrjnG1caP8wlIyhAexlm7Guc6gONHUxG5vbpcGqIbSy-EOMncmmiPxyDy-_v9ph9CzCKq6z084iP9mbRN6NvB_5gnUzNoGdxZL1zMc-KP1VGnge6lo0uS1eQ_Yr22MWg4EFSSn6Oc7oUHksEiSZG67mdq8GWRZ_4upXNPaLpW7-8QBurxV-vV5JZEtQnHJx_ahssg6Vf14XigSgxEwD-CNAI60QdLU9AqmJg1N3dMf0kCPN0TtxhrSiyf4ZpZdKpHHD7gKKbfv4TIL-I1ck9OEuBM2xHanQLFC46bGS2c7rffsKXVnl7amaRImpekWOj8fsUayL_xmlz-esXkHg77Rx4CnVpgmmDPe2sCIEJsffvfUiDYjUWXzRxtDpbDdDD9ZWSjsImOIE0PIRqxOQJ8SJptp3xtiqWEB5RuB28o6ZsEuDrwi5yrBT7uPezTQyhELVVI9qorBmsTZYEXnX_tahpV4bHYlv4xIvqncc23le8aZSq_4MCqS3UgL4oiH99QSqDeV8p4MXwnoOaNXciKMQGo-ZC_tcqg4h6ube6aZapE-z7JIEqjojVo-CQ9udpw92WIX-dmqtVjoATruVshQvjzDYwg5rEH7rStPUpVuFfs55yCqEFInkH&cid=CAASJORoEy7fFsxjkoV7_A3-0zt8RNVUhH032AHVDoofaE97Yv-XqQ&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.102.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

rb-in-f157.1e100.net

Software

cafe /

Resource Hash

5822ff661d2b5f16e4efad01dcff2ac5eb31deeb2cb4dbae4ff9095bb68d1c29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15631
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9928 0
0 60ms
60ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmbftWeuoYuqnI9au3gOoxIfwDpeCurVqtPmS0dIP7enav80BEAEgjeS9KWCVsp-CsAfIAQWpApX331czhLE-qAMBqgT1AU_QpdNX3CQFzSGY_c23BYgJYCxnoHwL4qq1eEeLl0igGozik1JF3VhyqfgOp6Jkrc07Dy5vt5vxX2_B5aA_dNIjaXBwB3Wkl-Ua0QrKUlObfDdAn38Plftee8u7CNMg889siX7zDpVVxrOdtgXiKp1Z9JQsK0lCoGIzE9dREdzprLBD_irpx46Cwzh0rZ4HxuDpvssS-Z-ATx3A79q5dzbWn9uqUYPVv15jdoLphqHlDWtcGoSmv_3PiSg0N44zH5P4LotnJRq4y8ib-NiJSlPVy5M4LuzcdkKYyiDWi6PYvG3w3IYhG1JkIzZ6TqIuic-XR8QbwASf4-Wo-gPgBAOIBc6c39tAkgUGCBsQAhgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAe8saetA6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEIqQHRiL5uHLAdIICQiA4YAQEAEYHfIIG2FkeC1zdWJzeW4tNTAwNDc1NTk2MTg3NDI3NoAKA8gLAbATyNiyD8gTjeSz4APQEwDYEwqIFALYFAHQFQGAFwGyFx4KHAgAEhRwdWItNzM4MzE3MTgzMDYxNDIxNhiV4h8&sigh=cC9uXbmhJ5A&uach_m=[UACH]&cid=CAQSOwCNIrLMPKzWhulckuc9Mq31eDvpwiPF3qEKsxgSFF8cHkJ72cJKT1VH6fO_oFvb1LmNRK3gtcPV-c8d&vt=10
Requested by: Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8BDA 1 KB
749 B 22ms
22ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/20862571333860544/ Frame 44CA 137 KB
30 KB 23ms
20ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/20862571333860544/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c7e76ee07bade3cb9e08b7b403376125027809613c351e84d546fc60d0b7e3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 538202
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 30982
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 14:41:04 GMT
expires: Thu, 08 Jun 2023 14:41:04 GMT
last-modified: Fri, 20 Aug 2021 16:34:10 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame C7AD 0
64 B 66ms
63ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv75laP22UZe28YWuL3oishliS8PRNy7vJSiKTJSGnDhy0BETqMDw-M28ObbDptNjgvHqNwm47261W0xnZBy3t1n7TE6P7M5fvDfsOwSNNzc2Jus5RFR3i1oC4Ehc-YRyFTGDrFnwn-fkoKNVdMtAoHwNXCGP0Vz09xSW3v2aLhjGtNa-6sD03QmrgzGpC8W5KmCZcIAc8CXRqT6DaGPNDkhkpnONY8RbcpGjaSQzY-_t4TVC_jEP44EB5iKT2yBsBg3L4kkRK4hZWSyStJw73khTDNDCMY81TaEX-9w_ChriVkbEOe-PEFr8x5PcRnM5Tw5NZWnssdvHiZna4IoYS20mkpqnrWV8QrCWdtaQbbXp8ZIJf9MYHz-Y4EY8IDciybiKdwDVIq2nYC4ZaVME881hugab2VjnNmPxcVsz6rgm0pv7JOTDmiT8tZUA0jfVLCtp-FcY_gtPgCDD_eMiml2EhgMCEJ73TUA0BHeUX5KTQJlVb0ENVayboCgfl-XOJPMHLjS3rcYqIiYSEP5y8mdv38e5kcOI6GWqfD03jyblsP8rQcwBgcclCgluIpZ0uTLOnC5Zf9xeyrXdO7ws1a7sU3DCTNPuyqhBoe5lV0EHgHjecWs-XvcUTvDQKnRgsxepmnwCpK8Om5iMIlN_LMT0ZxtEVzQy6OsN_dh4EJr2m5-bdEPF8KrA9UWWaN4pkW5aahYPVXFbnpw4EPxb-FKj6_ZUZtNpZ1HiUX-EmDkOmeSDAfwsass1y0T-hnlXwQvGg2ZwkDAe10ix8bd6SeQRBqZq-ZQt-ZaGZRcoNTctWoIK1oK8Cqh-K6f4YItppZivgPxkxNxUlcwVfMFl4AOW1s_hFIidVLl0_MsMb51uqdNS-ka75XEqGu6BoDd1FpuP1C7zBmjpmii6kOeUYUpsH9u1NlLqSbU_ePEv_And89qzD-3HhQqw30iPNYm2Z2MyHprOCXT_Rehp8fMihry33IcFB_UWLy8I3DfqeydYsrgfte9Lmu9MRWElIoYNUuRK6rgdILh1YwhhBe1XnWqYvBdq7UFyI1xz60-bHHONHsRYAq7G2M-lu3pAb0kq9btDt9AzU5wgO5kjwMgCfNcsmvP0EBjzF1LNhMgf2rTJT5yyXHy6Q5ouk_edqGp6jNEVQyLT30uae8J8TSjGQH_ZGSiiNOZBiFjWYUTXVUWEoF4LS0hJ1_xoeHLhMbYD6INMDtMC4X2Jq-ljSnMhVk41uYVtbVCh51fA_1lczTDhrcN1MnzOmb_DXszUUzlJ3go40soB-4xUGYqQ&sai=AMfl-YRn5zfC4uRimBxR8dqbmb991Aq-pNJO9j7kmAlC4FatPOkXgdA2lIB5wFcj9lH0n--G2Pk0pwQVDqgGNlYFNp8ioB1iUCW4_zPjInVXX0syu5glRjKiynF-Whpgl2K52qKZbCTza403m3zxPXKsnYld-z5tdS94b1rqdl0cNOK9Tslve9uGc_eByz9q09Jjypecm6qf_Dx6awPbrjzmVw&sig=Cg0ArKJSzNTcuhIQKGFTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=184&cbvp=1&cstd=182&cisv=r20220609.30143&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4D74 13 KB
5 KB 21ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 24FA 783 B
536 B 33ms
31ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

acdd9b4c65ba5299d5bcd170cd394901ae5fd1df030f96edbb8d4bbb7427fdd2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1F30qRRq2RYQZDNp1NFPag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-1F30qRRq2RYQZDNp1NFPag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame A60E 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9EB2 783 B
537 B 31ms
31ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

25b52206ece095b3182673281f7b1bfc49154e59ac23bc8f8a7387514173f91c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3GWeO-zqxIlMF7bkU1yKAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-3GWeO-zqxIlMF7bkU1yKAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2DD9 13 KB
5 KB 22ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E0CE 783 B
534 B 33ms
30ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

52c7bb550ac34a5c39fde8043f5d1d1fb8a06d9204d523a3224588c42e7a4176

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QRrzyFS2o27mbEzoPEbJ1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-QRrzyFS2o27mbEzoPEbJ1Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 52C7 13 KB
5 KB 23ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0E01 783 B
534 B 37ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0ea1f36a98af52dfc2a2f68ecfde3365756637b31504e401bf363482204aa190

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Scv1f8lhmAHk4h4I1NZdhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-Scv1f8lhmAHk4h4I1NZdhw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 46C2 13 KB
5 KB 26ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EB15 783 B
535 B 35ms
31ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5554d984db74508e641c61a11f56a876354f04fb600abd500c73c87f22dd5318

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-z6ko8qLTshlzz2L-uZEjtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-z6ko8qLTshlzz2L-uZEjtA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8770 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 844
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4590 783 B
534 B 34ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3806e509981b6ccdb0e21c5bab692b6ef033d2084990eaff3c44dbd6ead3e552

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ozr_HD-F6H1n-HzaeQZepA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-ozr_HD-F6H1n-HzaeQZepA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Tue, 14 Jun 2022 20:11:06 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 9928 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: adb64011ff77eb84019aba3647332c825b30ae17e9d1a256eb94e01d79af2e94

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 4 KB
1 KB 327ms
327ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5a175492ad431e1aa9279cb438c016b1d7fb06f081672a51df3bd0204185f9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 1296
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Wed, 15 Jun 2022 20:11:06 GMT
last-modified: Tue, 24 May 2022 04:01:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63D4 0
27 B 106ms
65ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbYxstu3cGlaxdK4J-tuSU3o420p4p5MtFiVvs0akvKuQVxBLCxATeKl1X4tOoyL_kpzL2cqHi7AqyCp-QS52UPP17aYVGhm5acknheUNdpOnISEoaj7AIyScP33rUK5t80pXGqBVwgiNoh0sadbvNo6v3OVyWXe9GBpfI6jI47r53BBdB0GC96qQXA3J8tQZYYQVl12KrIPTJFkvnCMsKK__bZ9vajmcfEWX95nJ2vZEyHDLXVlO0e0F0rMr8VnTqvSh98MQAmHa_FECjslAfJLzJij51tDK8aSk2PrtOSDprUWVEoSFJdvb58ntvCuGoX0EUIR8kabW49g4S_C9g52cClt6yv2a6qXyZQzNHtWYHT2si1o3E2C1CkBxG795i3QJAxXIPFjZHcZAFT92z4RzI6YIghT_GB299aM6XVIwQJtbpF-f5T6l7PGMtUfOW_6TOAYSIRl2gDHusuCtcqFvIAO8ScNRf_5Fz6eSZ0C0LOXpDQ_l5AgdB6CtA9flVWvNrFtc7C_8D0x64ofl9v5_CV40MSRS6aXLYoIazCsMAedUFANgjAC1ELXjuRom9S7CFosY_jlt7JGHbCfaj2nac7nDsMLSO4AqeVBDCsfGbmrLdcZ1pR-XWnW_WeY0KGi0zC4-SaZKVemQPBunAjnC0jJ_hCI-AyeA9GBRgTncamtwhboyjK5aQNv5fC--sX3LrssVozsInQ-IR26rDo7GoBO6pYCmuiCoiR9oFHpTplg8dCEZHRmwbcPlvUiXY9b_gdnxay92IT3vCbJN4nJmMHstVhLmhkG8ZCm5BAz_x3JMWMKIJvYoyRiZVVFsQqaViy2raLwK9sXkyPsl-MJ0vvHrLP39Xn7Ovl3tae-D2JiB_Br2ud96Kf_KLBfxQ7b6-nGSYCS6pNcojjjXC-lgJ6AvOB7R3a5iKdX_HewwNtfpKaWkLpSH5FPMaje-R-U2_DjiB5-IlM5cZkg4IJ7XKsgVPsMXfcWJViFhZaQxCwBoQ_mo0nL5o10TF7ro9qPgp3N21cCueUaUM_F2DufY9bVjCaePHSljaQTVC4IJX6F7uM0yfTitFYgwTWDNd4e5bS28i-mNyre3G1Tij5oXYE2SZJbhRTkDm6XsSFnJUj8ABF9aKCSQgYC70XqkT4tYI8KiYAwDbQj1w-u4ptpw5RM6IzXixYPyffB4AUhtdgFRJjCnnEGl4FnwPhfzGKUg4L5iFvEskmrXBzBqBveJq-L4OgeDAMekiSzZKAA&sai=AMfl-YS7PRVR0-M-dbKux2YRoYmJhFnTkPYtAtknpMfjxrNOfEL_mifCc8qHGNo1J68IzXD2ivhAWMdraYj__V-CQD5wAueUDgz_ERcx1Q4e_wIVedGj0kFoYlZYe3hNPpGLMa7qtXIhhddhJijkMxT4Vs6V_YVeI0K0ljPdsyFirnLT3PctebhEW4sEl7jJRlCC26BGy0t-ZiAYRPNM-FhH7w&sig=Cg0ArKJSzDecElF5CYaAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&cbvp=1&cstd=205&cisv=r20220609.37249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvbs_src_internal107.js Show response
cdn.doubleverify.com/ Frame 09CC 55 KB
18 KB 31ms
30ms Script
application/javascript 2a02:26f0:b600:1af::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=15911784&cmp=184176&plc=6558440&sid=18330&dvregion=0&unit=728x90
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:b600:1af::4469 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:11:06 GMT
Content-Encoding: gzip
Last-Modified: Thu, 09 Jun 2022 14:27:50 GMT
Server: Microsoft-IIS/10.0
ETag: "0f7cd18d7cd81:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18120

GET
H3 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 88CE 28 KB
10 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/20862571333860544/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/20862571333860544/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 16:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 16:38:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame F62A 1 KB
749 B 20ms
19ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2732 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376182
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 44CA 28 KB
10 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/20862571333860544/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/20862571333860544/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 16:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12775
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 16:38:11 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame AB93 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 20:11:05 GMT

HEAD
H/1.1

200
OK

file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AB93
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

109ms
20ms

Fetch
video/mp4

2a00:1450:4001:65::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01A5A7314ED4D1130713AADF133FC359DB1B59C5.47059C4CD51B83A99F48DB0DF6656E4B706611C1/key/cms1/cms_redirect/yes/mh/N7/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1655236645/mv/u/mvi/5/pl/29/file/file.mp4

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

HTTP/1.1

Server

2a00:1450:4001:65::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2224398
Last-Modified: Tue, 31 May 2022 13:30:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 14 Jun 2022 20:11:07 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 654
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/01A5A7314ED4D1130713AADF133FC359DB1B59C5.47059C4CD51B83A99F48DB0DF6656E4B706611C1/key/cms1/cms_redirect/yes/mh/N7/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1655236645/mv/u/mvi/5/pl/29/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame EEBF 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a0c6ea1aba989ae9348726d603dd0fc2420ce7029872dc437c6100a0e3737b16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 9928 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Jun 2023 20:11:05 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

110ms
21ms

Fetch
video/mp4

2a00:1450:4001:65::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/41E68D1F49028FDB7C8F4E7B76B09DFC9C163FD8.6D95C4EACBA8FC17DEA0B9060DB6EDC580981F76/key/cms1/cms_redirect/yes/mh/N7/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1655236645/mv/u/mvi/5/pl/29/file/file.mp4

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

HTTP/1.1

Server

2a00:1450:4001:65::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2224398
Last-Modified: Tue, 31 May 2022 13:30:54 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Tue, 14 Jun 2022 20:11:07 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 654
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
location: https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/41E68D1F49028FDB7C8F4E7B76B09DFC9C163FD8.6D95C4EACBA8FC17DEA0B9060DB6EDC580981F76/key/cms1/cms_redirect/yes/mh/N7/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1655236645/mv/u/mvi/5/pl/29/file/file.mp4
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A2B1 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2CE7 1 KB
749 B 20ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A70C 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 0BED 1 KB
749 B 20ms
19ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame C7AD 41 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 20FF 1 KB
749 B 21ms
19ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 63D4 41 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376182
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 42B9 1 KB
749 B 19ms
19ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C7AD 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 916f91458a3f95eaec269b30fd277d4bd5ccfe319f1999493c9f392c374019e8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 09CC 1 KB
896 B 123ms
26ms Script
text/javascript 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_9603081878&jsTagObjCallback=__tagObject_callback_9603081878&num=6&ctx=15911784&cmp=184176&plc=6558440&sid=18330&advid=&adsrv=&unit=728x90&isdvvid=&uid=9603081878&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=0.10&dvpx_strhd=0.10&brid=3&brver=102&bridua=3&dup=null&srcurlD=1&ssl=1&refD=2&htmlmsging=1&aUrlD=3&m1=13&noc=4&fcifrms=15&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=155&eparams=DC4FC%3Dl9EEADTbpTauTau7%40C%3F%40%403%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau7%40C%3F%40%403%5D4%40%3ETar9EEADTbpTauTau7%40C%3F%40%403%5D4%40%3ETar9EEADTbpTauTauaa43hd5%60%6026a2cah%604g6a74e6b257ahb%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl23%40FETbp3%3D2%3F%3C&dvp_exetime=22.00&callbackName=__verify_callback_9603081878
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: 07270d4ff39d60b36f95020cff9f1dd72fbff625f52567485643986f7fef573e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Content-Encoding: br
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0
Transfer-Encoding: chunked
X-DV-Response: 1
Connection: keep-alive
Expires: 06/13/2022 20:11:06

GET
DATA 200
OK truncated
/ Frame A2B1 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4601f041c77f81e02552a91b75ca64266c63e50ccd42962d73093fffaaea8b41

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 63D4 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a548b6eda1b3f677fa06a48f7f9072af550bfbdc1d1027d5f665298319fe6c6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame EEBF 20 KB
20 KB 21ms
21ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 22:13:40 GMT
x-content-type-options: nosniff
age: 597446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 07 Jun 2023 22:13:40 GMT

GET
DATA 200
OK truncated
/ Frame A70C 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34be7d769acefeed98cef4b73cf3a8f7901cb7d228c79080708fd5215a80747a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 20 KB
4 KB 28ms
28ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03432474ec9f60ee729e17904a239e0b37cd07468e2c9809e5cc2a166e1a8e9d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:06 GMT
expires: Wed, 14 Jun 2023 20:11:06 GMT
last-modified: Tue, 10 May 2022 13:01:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A70C 0
27 B 63ms
63ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRQAqF3RxHB3chu_7vg8VOdgNEh6vZB0PbXzOze8Qke5BLTNhCIX7MyuN97MUwSPB7sORybcyXsenDufl8B9MuviZ0qUMn_gsGWfLtyeBahbKPTjzZWmz1G6OoJKYd-ZyvYSaQNeTExm3BajEddmuOTfZMR0azlv0g_LEz2GEdvlkGnXX4uMe-reRWY4mzdID8d6FnfX2-jBPRm6oO956ki2A-G3-63Jo8hIm9tfa2t8GrGoepxrStO4Jwtlz9vMASMiIjS2yA8UDv5Hr8XUIanimWAeQSJl28ytS2NHKNK3q1XgBRoXgNX6C1ZL_VggukyDaRord5mZ1dRiDCMeZ2vkGHy56vlEP-qpSWcljJDp3x48kl9_WgAOFM1TnTIaaoPAE57hZvILR-jASpra_6O91UvzNohBxcKYq1fBmuAqygW-QxmhY32N5ttByD86HDVG6nw8az7sUNZZzDVb883ukYVMfaoJLjvn8JlwM8iPGUufTOFg24qEUv-3e4IOc9ptrUq_5N18OBTtj9m_ZdvPLPBWIRY5C47quFz3Qow9sAGZ1axgookSqTiPBT-Ia7zxujr821ymxYDczO8gmnL1zG_mbZNZ1CPZiv4fEdeJVYJK63q-dzKbpWN2kl1ICGDLDgnYWLmVr8P6gMeo-_-Vp4wT2gbVNy0xREmY1tjpnc5hg2n721pn_mvBawdzHH6M4dOzE3EdYdRXJKvINkuAi9z5I3VxzTRcGrzKdsi6g_yDgtge_CgXNyG5fo8HoZpvEy6PuGBj2wFCDHkuH7G29ZwOJ6s57kbYqWt-1UL1z6LvtQ1-bwzCWGoXYj27hdCVkdlD7FnirhxY5MuLMtWuWKvB4bXIHGrbjRjgvKwNbCKv8j-5eS20g5exGtwMq89dYmvyC_bVrLWlQ3IBlfYezhue2GrDYBh_W4mv_ga1nSjUkDA6WoMBD3OSBYLdPe2BhuUhOJ_oJkKto3ieUJDfoMX8t2lBTIp8HFLAcx4MFxmjLqsZlJnbLDspPMYBjUVU_GV3r58jjNvEB2fwB7XN4l82qt4OKRQOMxHisScKGarQqrTUgMPezFQY8ESSdqqO8YONPhtj6LNs7Eg7LOhN0apr07_9mTcFielNFIBF4IomXAmi17hb_VrSf2798RPmj0t85X-deDxotJX2X4fJi3JIpwc8LywKLsUDpBkmthoyoWtcnyZxeGWTl_VzQTnbX-T3kLejoqjvl2bMRPYnvmsx8A0oLE0LKCzdBDTHiAy8NHZRzx1Y2FxVlR5uu6tj_tQNZoFWFGlus&sai=AMfl-YTiHcfdjdNX63-MM3lOxevQWeucDoKO_VONi-aDWthTuxMJApY5lSBRRQxtAOcvEl65PSFihVxrA1oZpNyIkcFe3_FItTR-2qjIVlMgqCLHlXivgU9XmkgoP48BnwKuVLCmIl2TAGMrPQVqRB2bPXdENLM_bXAYaaMHqsqZaUH5H7yh_BcRlKVGzjKdAkbc1BtfKGjGPGoNYHb7XKdeHQ&sig=Cg0ArKJSzPU1aceGNTnmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=486&cbvp=1&cstd=482&cisv=r20220609.70766&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 14 Jun 2022 20:11:06 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDD0
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GA_rZoFCU6p2PfO1sAvQKZonQwTpkTHv2ISU8nOdz5...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GA_rZoFCU6p2PfO1sAvQKZonQwTpkTHv2ISU8nOdz5j5uapFNPa6q36JSQn8IyXEX6PF55ZvhKZSCOENgU4JoGbumDxgl3X

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-03a22fdbefd04bb5e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GA_rZoFCU6p2PfO1sAvQKZonQwTpkTHv2ISU8nOdz5j5uapFNPa6q36JSQn8IyXEX6PF55ZvhKZSCOENgU4JoGbumDxgl3X
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDD0
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKSHYSBi7vtDjx8s6ZdxMXI&google_cver=1&google_push=ARnp8GCi47DCS2QK0dGw8edwIEYE7echAWy1MkcvfQzzO77l-D_eQy-p_ZUmZ1HEHVhf4aA31nCUz_UW7KR6kFfD...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi47DCS2QK0dGw8edwIEYE7echAWy1MkcvfQzzO77l-D_eQy-p_ZUmZ1HEHVhf4aA31nCUz_UW7KR6kFfDt76moq5wH5o

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi47DCS2QK0dGw8edwIEYE7echAWy1MkcvfQzzO77l-D_eQy-p_ZUmZ1HEHVhf4aA31nCUz_UW7KR6kFfDt76moq5wH5o

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: MT3 4447 e18e916 master nrt-pixel-x15 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi47DCS2QK0dGw8edwIEYE7echAWy1MkcvfQzzO77l-D_eQy-p_ZUmZ1HEHVhf4aA31nCUz_UW7KR6kFfDt76moq5wH5o
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDD0
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEMzg2g6BuWdfjgpGUPUDor8&google_cver=1&google_push=ARnp8GBDXsVGTRKUg7f9mBjcIVIZG7fysog4jAG2TtAfBzHEqIjEvFyI856oZyjJTtbODO8Y5Scl9oypTuRBEm...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwOTE5MDc4MzYxNDU4MDg5MA%3D%3D&google_push=ARnp8GBDXsVGTRKUg7f9mBjcIVIZG7fysog4jAG2TtAfBzHEqIjEvFyI856oZyjJTtbODO8Y5Scl9oypTuRBEmzEQY...

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwOTE5MDc4MzYxNDU4MDg5MA%3D%3D&google_push=ARnp8GBDXsVGTRKUg7f9mBjcIVIZG7fysog4jAG2TtAfBzHEqIjEvFyI856oZyjJTtbODO8Y5Scl9oypTuRBEmzEQY--D8JwCPS2

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzEwOTE5MDc4MzYxNDU4MDg5MA%3D%3D&google_push=ARnp8GBDXsVGTRKUg7f9mBjcIVIZG7fysog4jAG2TtAfBzHEqIjEvFyI856oZyjJTtbODO8Y5Scl9oypTuRBEmzEQY--D8JwCPS2
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDD0
Redirect Chain

https://match.adsby.bidtheatre.com/adxcookie?id=&google_gid=CAESEKKkVwW-2s7WS8-i0XpqHFI&google_cver=1&google_push=ARnp8GAQLihUImry9DRMQc5E8fOEW-296NEz2XZt8BmIIPZ0Kx1qJMEGNX-2ykczfv0fKGiexWMPcfcU-K_...
https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GAQLihUImry9DRMQc5E8fOEW-296NEz2XZt8BmIIPZ0Kx1qJMEGNX-2ykczfv0fKGiexWMPcfcU-K_wAIS_nDg5aDk-1fF1

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GAQLihUImry9DRMQc5E8fOEW-296NEz2XZt8BmIIPZ0Kx1qJMEGNX-2ykczfv0fKGiexWMPcfcU-K_wAIS_nDg5aDk-1fF1

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=bt&google_push=ARnp8GAQLihUImry9DRMQc5E8fOEW-296NEz2XZt8BmIIPZ0Kx1qJMEGNX-2ykczfv0fKGiexWMPcfcU-K_wAIS_nDg5aDk-1fF1
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: Apache
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame FDD0 42 B
233 B 331ms
106ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAC9TKuIuyaiyR_xr74fV_4&google_cver=1&google_push=ARnp8GAZiAMRxXtGCQf87X1urwgDer8GhqPHgl3772226BCiuG5e4BZJSYa1jjZtHMNNmMI6jvdQXRpszbiWdMZSv7w2kfl6O60_
Requested by: Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FDD0
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFvmfqqgy8EsXZgopk8DF-E&google_cver=1&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFvmfqqgy8EsXZgopk8DF-E&google_cver=1&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q42KqqsLVvj7&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q42KqqsLVvj7&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GAHqUyI61UBEnyQT4DxAKN6xtZg4-dNfMNJkkK_QpzMPO7TuhbAS0-DgXXJNThkoC-8r5eDN9PCROjn60W9Q42KqqsLVvj7&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H/1.1 200
OK sync
ssbsync.smartadserver.com/api/ Frame FDD0 0
75 B 163ms
32ms Image
text/plain 185.86.139.101
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssbsync.smartadserver.com/api/sync?callerId=3&google_gid=CAESEN71OK3zPF75V-A0kbUb8C4&google_cver=1&google_push=ARnp8GDk_BRvJJCBVD91VsWAsHs0gUgUO1zSZfRtoRawc_nqNQI0Bhg-GwjU2HLNjlzH66qTq7iATCx-XK5dXPQ9iNJqCzTGZ7oD
Requested by: Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.101 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FDD0 0
12 B 27ms
27ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13L91n6ggaGmFrUYZEXcL5eKH65rmXsesaD7pKzIPJcIOryGNlgiWbl5pz4RK7kIRTV-P73a

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 8BDA
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA9pGKj3v5XtgC4xt9tCKJ4&google_cver=1&google_push=ARnp8GBaveavn4XkvsyZkshmgU6oZrWwJKzlWRd9aPa-y0McZa19h0DhMMHI2qzO_pVShEZx5M68857b3xr93jzi8eXjsu4q6Dc
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA0NjgxMzU3NjU4NDM4Mjg5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1

43 B
398 B

85ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1
Requested by: Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BDA
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHpzzclNJjwDTpXwl08PNWk&google_cver=1&google_push=ARnp8GDvS9PoaJqpKR_0IXjLRh5mgVT9WdXgDVmOBZPfjUORp46I_1s5ICuCTLAzoMS4AIZ0CXBDvFg3QJPPQteyQcs7QC8ztsI
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDvS9PoaJqpKR_0IXjLRh5mgVT9WdXgDVmOBZPfjUORp46I_1s5ICuCTLAzoMS4AIZ0CXBDvFg3QJPPQte...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDvS9PoaJqpKR_0IXjLRh5mgVT9WdXgDVmOBZPfjUORp46I_1s5ICuCTLAzoMS4AIZ0CXBDvFg3QJPPQteyQcs7QC8ztsI

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:06 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDvS9PoaJqpKR_0IXjLRh5mgVT9WdXgDVmOBZPfjUORp46I_1s5ICuCTLAzoMS4AIZ0CXBDvFg3QJPPQteyQcs7QC8ztsI
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 13 Jun 2022 20:11:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BDA
Redirect Chain

https://a.c.appier.net/gcm?google_gid=CAESELswxJq1uoJV9kRFOn5WgpY&google_cver=1&google_push=ARnp8GD2l_qOfHuCflB6WtdFA-GchrYEU-uesLDD3lxO_LiQJ78-3WCRLwKmGP5gB1UVCyyyJMxv_b25yNJcs6QRfeBJwpuXZQgk
https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=X1FqdTViNXREeDZHNXFuQlctdW9ZZw%3D%3D&google_push=ARnp8GD2l_qOfHuCflB6WtdFA-GchrYEU-uesLDD3lxO_LiQJ78-3WCRLwKmGP5gB1UVCyyyJMxv_b25yNJcs...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=X1FqdTViNXREeDZHNXFuQlctdW9ZZw%3D%3D&google_push=ARnp8GD2l_qOfHuCflB6WtdFA-GchrYEU-uesLDD3lxO_LiQJ78-3WCRLwKmGP5gB1UVCyyyJMxv_b25yNJcs6QRfeBJwpuXZQgk

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=appier&google_hm=X1FqdTViNXREeDZHNXFuQlctdW9ZZw%3D%3D&google_push=ARnp8GD2l_qOfHuCflB6WtdFA-GchrYEU-uesLDD3lxO_LiQJ78-3WCRLwKmGP5gB1UVCyyyJMxv_b25yNJcs6QRfeBJwpuXZQgk
date: Tue, 14 Jun 2022 20:11:07 GMT
cache-control: no-store
server: nginx
content-type: text/html; charset=utf-8
content-length: 243
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BDA
Redirect Chain

https://sync3.sniperlog.ru/?src=ggl_nga&google_gid=CAESECGUuPJEBiGkuo_v_d3yPtw&google_cver=1&google_push=ARnp8GDFQAEH6LyxeiGrHrCIfAK28qKjHruBhotZa9KWvMpLMXUkuBUhMSJY8OwHk4vMN-sVyEfhrv0oK9K2gXVPCSml...
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=ARnp8GDFQAEH6LyxeiGrHrCIfAK28qKjHruBhotZa9KWvMpLMXUkuBUhMSJY8OwHk4vMN-sVyEfhrv0oK9K2gXVPCSmlU8FCAgMt

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=ARnp8GDFQAEH6LyxeiGrHrCIfAK28qKjHruBhotZa9KWvMpLMXUkuBUhMSJY8OwHk4vMN-sVyEfhrv0oK9K2gXVPCSmlU8FCAgMt

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: nginx
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Location: //cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_push=ARnp8GDFQAEH6LyxeiGrHrCIfAK28qKjHruBhotZa9KWvMpLMXUkuBUhMSJY8OwHk4vMN-sVyEfhrv0oK9K2gXVPCSmlU8FCAgMt
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8BDA
Redirect Chain

https://a.rfihub.com/cm?pub=445&in=1&google_gid=CAESEC1XlcLL2GaJlYRZNM4QOWc&google_cver=1&google_push=ARnp8GBVmHdK7NyOpMrUSqSefxamIXyk9N_zva0lPNHxQ8euXMDR9_p1WItF12HhZINi9VtsJZDC9Mb99scBrpE2EICKdi3...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBVmHdK7NyOpMrUSqSefxamIXyk9N_zva0lPNHxQ8euXMDR9_p1WItF12HhZINi9VtsJZDC9Mb99scBrpE2EICKdi3DKEAs4w&google_hm=MjgyOTA4N...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBVmHdK7NyOpMrUSqSefxamIXyk9N_zva0lPNHxQ8euXMDR9_p1WItF12HhZINi9VtsJZDC9Mb99scBrpE2EICKdi3DKEAs4w&google_hm=MjgyOTA4Nzc1NjM2OTgxOTkyMQ==

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=ARnp8GBVmHdK7NyOpMrUSqSefxamIXyk9N_zva0lPNHxQ8euXMDR9_p1WItF12HhZINi9VtsJZDC9Mb99scBrpE2EICKdi3DKEAs4w&google_hm=MjgyOTA4Nzc1NjM2OTgxOTkyMQ==
Date: Tue, 14 Jun 2022 20:11:06 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 um
cs.emxdgt.com/ Frame 8BDA 0
45 B 64ms
63ms Image
text/html 18.195.155.181
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.emxdgt.com/um?ssp=google_ob&google_gid=CAESED1ICmTtL41hOcIEHFw7jZk&google_cver=1&google_push=ARnp8GBOO_Go9MIcnPK8lZJaytRQQjMCYOlBgK6dFhCAubLyndTbBq-_2LwwZTwSWoOBzBKdw1OLR_v2RzYnYyOuRBzVmXxj4Jpj
Requested by: Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
content-length: 0
content-type: text/html

GET
H2

200

/
onetag-sys.com/match/ Frame 8BDA
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPBazvNK3gTDxrfidKyDgVo&google_cver=1&google_push=ARnp8GCJn7_RTxW573uDbKXpVnuA6uvsyaT5VR-oXbxLCJKCJlercGNfoVnX998PvIlHfz7AoNCcZ9L3Mlf...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GCJn7_RTxW573uDbKXpVnuA6uvsyaT5VR-oXbxLCJKCJlercGNfoVnX998PvIlHfz7AoNCcZ9L3MlfB2s1vQgup6ixBECRntg
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

23ms
22ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 8BDA 0
12 B 28ms
28ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LQgWB4bIOa_mxIjX8uMl0ZCOrw95Gf4SxtklMeZtI1Gkiu543JMEe5Wu-7vBdmrNw19sOAQQPD

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:06 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

4.js Show response
static.adsafeprotected.com/ Frame A70C
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/886862/58750208/4.js?ias_dspID=&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adContainerId=brand_safety_WuuoYu3oCv3U7_UP4b276Ao&cbFu...
https://static.adsafeprotected.com/4.js

1 KB
1 KB

20ms
19ms

Script
application/javascript

2600:9000:223f:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4.js
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Server: 2600:9000:223f:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 18:01:36 GMT
content-encoding: gzip
age: 439772
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
last-modified: Thu, 09 Jun 2022 18:01:29 GMT
server: AmazonS3
etag: W/"96e16e7453ae2e6952bc6d2a20ea29f7"
vary: Accept-Encoding
x-amz-version-id: ajLqUzYlLq9UvcjLNBqQ.xh4M39Co5Ln
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: wUFdyP-IH5gkRkwSO1UDBtNtra-IKwGuz9zU8_n3gwWXujn5jNh5tg==

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.12.js Show response
static.adsafeprotected.com/ Frame 105B 80 KB
21 KB 84ms
24ms Script
application/javascript 2600:9000:223f:a400:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.12.js
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:a400:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 13:58:04 GMT
content-encoding: gzip
age: 10303983
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Thu, 19 Aug 2021 16:31:24 GMT
server: AmazonS3
etag: W/"9304f57298c3834ff107ea7ccb547996"
vary: Accept-Encoding
x-amz-version-id: 9YodSBhG3Q8HTUbQ_WDUpcPK09tSZ5ja
via: 1.1 3a21078459f955a33f79dacf082781c4.cloudfront.net (CloudFront)
cache-control: max-age=315360000
x-amz-cf-pop: FRA56-P5
content-type: application/javascript
x-amz-cf-id: RAC5WbLvtTA7VSjE2Rs8xOe6uhjLO7qp8fitzOeyq4QDmfjfjL3sEQ==

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7F0A 0
0 60ms
60ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=2501487154844104&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4CDF 0
0 69ms
68ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022061401&jk=17015131854404&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3111 0
0 69ms
69ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=2177734489905010&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A70C 43 B
216 B 339ms
104ms Image
image/gif 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=29767ff5-dd44-eb1d-b4c2-1dbebf1d967d&tv=%7Bc:fxR6fv,pingTime:-3,time:102,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:102,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B97~0%5D,as:%5B97~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8LtIZZ+1111%7C1112%7C11131%7C1114%7C1115%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1311%7C1312%7C13131%7C13132%7C13133%7C1314%7C1315%7C1411%7C1412%7C14131%7C1414%7C1415%7C1511%7C1512%7C15131%7C1514%7C1515%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C1714%7C1715%7C1811%7C1812%7C18131%7C1814%7C1815%7C1911%7C1912%7C1913*.886862-58750208%7C19131%7C19132%7C19133%7C1914%7C1915%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c32%7C1c33%7C1c4%7C1c5%7C1d1%7C1d2%7C1e%7C1f1,idMap:1913*,rmeas:1,rend:0,renddet:DIV%7D&br=c
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A70C 43 B
215 B 337ms
105ms Image
image/gif 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=29767ff5-dd44-eb1d-b4c2-1dbebf1d967d&tv=%7Bc:fxR6fx,pingTime:-6,time:104,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:104,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B98~0%5D,as:%5B98~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8LtIZZ+1111%7C1112%7C11131%7C1114%7C1115%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1311%7C1312%7C13131%7C13132%7C13133%7C1314%7C1315%7C1411%7C1412%7C14131%7C1414%7C1415%7C1511%7C1512%7C15131%7C1514%7C1515%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C1714%7C1715%7C1811%7C1812%7C18131%7C1814%7C1815%7C1911%7C1912%7C1913*.886862-58750208%7C19131%7C19132%7C19133%7C1914%7C1915%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c32%7C1c33%7C1c4%7C1c5%7C1d1%7C1d2%7C1e%7C1f1,idMap:1913*,rmeas:1,rend:0,renddet:DIV%7D&tpiLookup=ao:fornoob.com*%2Cfornoob.com*%2Cfornoob.com*&br=c
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
x-server-name: dt05.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 main.css
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 1012 B
486 B 22ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/main.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47631a93014060d8640dcf78b9286cbbbf2408038bd4d1a97c51d356aba9d00a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 36746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 458
x-xss-protection: 0
last-modified: Tue, 24 May 2022 04:01:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:58:40 GMT

GET
H3 200 Enabler_01_247.js Show response
s0.2mdn.net/879366/ Frame A446 118 KB
40 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_247.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 10:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 35674
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41099
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:45:07 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 10:16:32 GMT

GET
H3 200 backup.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 19 KB
19 KB 25ms
25ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/backup.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a799d23d36de5b0ca951ffc72d7aa3d5c9a992ad9518856904cfb7519a568bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:56:32 GMT
x-content-type-options: nosniff
age: 36875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19886
x-xss-protection: 0
last-modified: Tue, 24 May 2022 04:01:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:56:32 GMT

GET
H3 200 intro-bg.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 86 KB
86 KB 22ms
21ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/intro-bg.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2f2f425bedf2373ec9389e630ace5b186eb8f434e6db171c71855660472fdb12

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:56:31 GMT
x-content-type-options: nosniff
age: 36876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 88107
x-xss-protection: 0
last-modified: Tue, 24 May 2022 04:01:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:56:31 GMT

GET
H3 200 viper1.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 149 KB
149 KB 26ms
25ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/viper1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f1e85b652a4d6b4b42132934a25260a8146162c28262bfd2a5bbf7447638874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:56:31 GMT
x-content-type-options: nosniff
age: 36876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 152568
x-xss-protection: 0
last-modified: Tue, 24 May 2022 04:01:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:56:31 GMT

GET
H3 200 copy1.png
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 10 KB
10 KB 25ms
24ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cb6fb79174c01e3b61a094b4c77cbaa637a0aa5e3cc397e69f6755f619cebb62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:56:31 GMT
x-content-type-options: nosniff
age: 36876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10133
x-xss-protection: 0
last-modified: Tue, 24 May 2022 04:01:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:56:31 GMT

GET
H3 200 viper2.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 141 KB
141 KB 28ms
27ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/viper2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6eef2168d529d99e761504bdf1067099a5a408c40b18bbb62627de5383daea5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:56:31 GMT
x-content-type-options: nosniff
age: 36876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 144240
x-xss-protection: 0
last-modified: Tue, 24 May 2022 04:01:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:56:31 GMT

GET
H3 200 copy2.png
s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/ Frame A446 7 KB
7 KB 29ms
28ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bbcbc3e59924206530df9d2b2f180e9063d2c91a66e6036fc62761f462bc790

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:56:31 GMT
x-content-type-options: nosniff
age: 36876
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7205
x-xss-protection: 0
last-modified: Tue, 24 May 2022 04:01:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:56:31 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/ Frame A446 106 KB
32 KB 84ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.2/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/62117556/20220523210130266/index.html?e=69&leftOffset=0&topOffset=0&c=GaendiWHX8&t=1&renderingType=2&ev=01_247

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a8b140064d6ddb3746fda2cd6719d1403e0a48ab74c565c3fdc44efecc847231

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 520251
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 31489
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1a78a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J8ekS9RbLe1lssjJvgZY0y7ATG56Kb%2BAJbzrLYI5yazKivPW3SsAGS7CuzqAdh6OVPxL%2FSCkk7rywOFg7%2FpL48zRcVMkYEklY73SpwE8F3ZXx6OpJp67ZexoRBhDWLu7LajhKS%2F6GAyfpEDH1AhqI6K4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71b5b69978766967-FRA
expires: Sun, 04 Jun 2023 20:11:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 24FA 0
0 84ms
84ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022061401&jk=2937035963368993&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame F62A
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEA9pGKj3v5XtgC4xt9tCKJ4&google_cver=1&google_push=ARnp8GDf6EjleA5kfwVHoDtf5ULiInZB1iGztoYciPiM1Ch-jh_a6HW63-gqgOB3qC1rkT2q54xUX0ZACZgJASdVbvU1s3xAlctp
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzA0NjgxMzU3NjU4NDM4Mjg5Ng==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1

43 B
398 B

70ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEAOWEi61zlt16LeOMX47TA4&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F62A
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHpzzclNJjwDTpXwl08PNWk&google_cver=1&google_push=ARnp8GDFRdD6hLonryMJBKeSLtZjZaPAaEEPnicG8iGXzF8Tz3Z1cz5JSaugkSCxcaFQHae2NUWP8HEuGCO_mR7vcPj7S1r9Y7A
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDFRdD6hLonryMJBKeSLtZjZaPAaEEPnicG8iGXzF8Tz3Z1cz5JSaugkSCxcaFQHae2NUWP8HEuGCO_mR7...

170 B
188 B

35ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDFRdD6hLonryMJBKeSLtZjZaPAaEEPnicG8iGXzF8Tz3Z1cz5JSaugkSCxcaFQHae2NUWP8HEuGCO_mR7vcPj7S1r9Y7A

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GDFRdD6hLonryMJBKeSLtZjZaPAaEEPnicG8iGXzF8Tz3Z1cz5JSaugkSCxcaFQHae2NUWP8HEuGCO_mR7vcPj7S1r9Y7A
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 13 Jun 2022 20:11:07 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame F62A 43 B
350 B 96ms
34ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPsx9CeaHrPwoymZqGsb9Ng&google_cver=1&google_push=ARnp8GC19dDSxf8PQcbzrBOY4_kJkw__dRnZGW8seUUs-iDpcUkCX9c4nOD0dBJnwr3lTrNIseb2-58FWgPU0o3PuX5EY-1SXwso
Requested by: Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 7a15u8i7k9rej134afsgc8kjh1t725s4

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F62A
Redirect Chain

https://google-sync.rutarget.ru/sync?google_gid=CAESEGb47rR_hzQ2hcKwFUow0G8&google_cver=1&google_push=ARnp8GC6jbQhNChK98xyhaa83juE3XM4mXJMJsRHEAz8VnYI6ChO5DCZwnPcXwn_D7iFFY9JB25ZmWNozDx9i50zrApSb4V...
https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Q1BkRjBWMXBFVkxX&google_ula=2046794&google_push=ARnp8GC6jbQhNChK98xyhaa83juE3XM4mXJMJsRHEAz8VnYI6ChO5DCZwnPcXwn_D7iFFY9JB25ZmWNozD...

170 B
188 B

135ms
134ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Q1BkRjBWMXBFVkxX&google_ula=2046794&google_push=ARnp8GC6jbQhNChK98xyhaa83juE3XM4mXJMJsRHEAz8VnYI6ChO5DCZwnPcXwn_D7iFFY9JB25ZmWNozDx9i50zrApSb4VHYFw

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=segmentoru&google_hm=Q1BkRjBWMXBFVkxX&google_ula=2046794&google_push=ARnp8GC6jbQhNChK98xyhaa83juE3XM4mXJMJsRHEAz8VnYI6ChO5DCZwnPcXwn_D7iFFY9JB25ZmWNozDx9i50zrApSb4VHYFw
Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: nginx
Connection: close
Content-Length: 0
P3P: CP="This is not a P3P policy. Please visit http://rutarget.ru/p3p/ to get more information."

GET
H/1.1 200
OK us
sync.go.sonobi.com/ Frame F62A 0
478 B 126ms
27ms Image
text/plain 178.162.133.149
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsonobi%26google_push%3DARnp8GAxkcDmjVKZSkEVjaG8v28sR-vlZ23XHiDSio5A1_1XdrheyUb9z2W7UhZ2JcpU5_POjbuvG94v4XOxBpxG1kPOBh_eFoei%26google_hm%3D%5BUID%5D&google_gid=CAESECp1rdV3pEovTnYww89dWck&google_cver=1

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-sync.go.sonobi.com

Software

sonobi-go /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: xcp-ams-1-7-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Type: text/plain; charset=utf8
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame F62A 42 B
233 B 324ms
101ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECmn8-TLAcxIWcyMbMKiSek&google_cver=1&google_push=ARnp8GAQly4Mo-X0LAOCb4G0DpJHe2ZcuDlQFaCiY6H13Df_KvMrNGRI1SRK0V2JWS-KCF0PZGLVvB6p3QNkXoJLYaefSWu0sRj6Hw
Requested by: Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H2

200

/
onetag-sys.com/match/ Frame F62A
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEPBazvNK3gTDxrfidKyDgVo&google_cver=1&google_push=ARnp8GD-9wCNdpOKwfer-QI5RJkLGt8YCwo0oa8O4v-Qf3Jd7owRm3Kc7E0pmBM8KevYrG7z6nXnB7QkcSt...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GD-9wCNdpOKwfer-QI5RJkLGt8YCwo0oa8O4v-Qf3Jd7owRm3Kc7E0pmBM8KevYrG7z6nXnB7QkcStLuiIHMGIzQqoxflI_TQ
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

24ms
24ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame F62A 0
12 B 27ms
27ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LYVO2P07vKHFIWPi9ziMTrbjAHxsT8BDBvad_9znfQ5ke640L6SbiDoh0nJzR9NUnRgmbT7HE

Requested by

Host: ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
URL: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 5125 0
209 B 85ms
18ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame AD01 23 KB
9 KB 21ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:36 GMT
expires: Sat, 10 Jun 2023 11:41:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9EB2 0
0 96ms
96ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022061301&jk=1029710552979205&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E0CE 0
0 61ms
61ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=869890229658479&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0E01 0
0 96ms
95ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=3076159435321455&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB15 0
0 95ms
95ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060901&jk=142207005426590&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 81B7 23 KB
9 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376171
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:36 GMT
expires: Sat, 10 Jun 2023 11:41:36 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4590 0
0 69ms
68ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022061301&jk=1006889467867368&rc=
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B658 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adlib.css
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 5 KB
2 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/adlib.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1870
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:23 GMT

GET
H3 200 fonts.css
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 1002 B
256 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/fonts.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 227
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:23 GMT

GET
H3 200 adStyle.css
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 5 KB
1 KB 23ms
22ms Stylesheet
text/css 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/adStyle.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

069b1d320215b1b841cdd04ec7cd4d8e7406bfa804b03231244ca95877ea0dba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1068
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:23 GMT

GET
H3 200 Enabler_01_248.js Show response
s0.2mdn.net/879366/ Frame 5D4A 118 KB
40 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_248.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 09:10:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 39610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41094
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:45:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 09:10:57 GMT

GET
H3 200 gsap_3.2.4_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5D4A 57 KB
23 KB 39ms
37ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.2.4_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23276
x-xss-protection: 0
last-modified: Thu, 05 Mar 2020 03:53:22 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Jun 2022 20:11:07 GMT

GET
H3 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 9 KB
4 KB 24ms
23ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3818
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:23 GMT

GET
H3 200 adlibUtils-v3.js Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 25 KB
10 KB 25ms
24ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/adlibUtils-v3.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10657
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:23 GMT

GET
H3 200 animation.js Show response
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 18 KB
3 KB 23ms
22ms Script
application/x-javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476e4379a0ef1b75a78f9d8df86027b89ace5ec01d16bc3e15f7d851b362529d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2731
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:23 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6267 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame B8BD 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8CC0 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376183
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 204
No Content bsevent.gif
rtbc-eu3.doubleverify.com/ Frame 09CC 0
319 B 71ms
23ms Ping
text/plain 34.149.12.213
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=ceb928639e964c258012813a133ca149&vfdur=124&cbust=1655237467033631
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 213.12.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:07 GMT
Vary: Origin
Access-Control-Allow-Origin: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
Cache-Control: max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: 06/13/2022 20:11:07

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 09CC 23 KB
9 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal107.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2b1348622fc97e3f0f6e0272b5707fd75af7bd22e5996b6337c233b94cca504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 19:52:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8772
x-xss-protection: 0
last-modified: Thu, 09 Jun 2022 18:01:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:52:14 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A70C 43 B
215 B 282ms
105ms Image
image/gif 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=29767ff5-dd44-eb1d-b4c2-1dbebf1d967d&tv=%7Bc:fxR6gr,pingTime:-2,time:160,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:336,mdZ:610,beA:902,beZ:903,mfA:904,cmA:906,inA:906,inZ:910,prA:910,prZ:924,si:931,poA:932,poZ:952,cmZ:952,mfZ:952,loA:1006,loZ:1008,ltA:1062,ltZ:1062%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:300,h:600,t:28%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:160,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B154~0%5D,as:%5B154~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:t8LtIZZ+1111%7C1112%7C11131%7C1114%7C1115%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1311%7C1312%7C13131%7C13132%7C13133%7C1314%7C1315%7C1411%7C1412%7C14131%7C1414%7C1415%7C1511%7C1512%7C15131%7C1514%7C1515%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C1714%7C1715%7C1811%7C1812%7C18131%7C1814%7C1815%7C1911%7C1912%7C1913*.886862-58750208%7C19131%7C19132%7C19133%7C1914%7C1915%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c32%7C1c33%7C1c4%7C1c5%7C1d1%7C1d2%7C1e%7C1f1,idMap:1913*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:DIV,sinceFw:130,readyFired:true%7D&br=c
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame EAED 35 KB
13 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 7318 36 KB
14 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 15:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15934
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 15:45:33 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CE7
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGe-RlcUAXUsS2QjIwpwVa4&google_cver=1&google_push=ARnp8GCn2HSTZrQc8BFIszbWu7UGGWaFHzccmSgKTEOuIvAjK-GLPf4HLWaKCYd0N5F-irO9FS9OP...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCn2HSTZrQc8BFIszbWu7UGGWaFHzccmSgKTEOuIvAjK-GLPf4HLWaKCYd0N5F-irO9FS9OPJj6JNBshI6bDD0j52IRHg

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCn2HSTZrQc8BFIszbWu7UGGWaFHzccmSgKTEOuIvAjK-GLPf4HLWaKCYd0N5F-irO9FS9OPJj6JNBshI6bDD0j52IRHg

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:07 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: F2A1560307664F73806BBDA962D52E96 Ref B: FRAEDGE1207 Ref C: 2022-06-14T20:11:07Z
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCn2HSTZrQc8BFIszbWu7UGGWaFHzccmSgKTEOuIvAjK-GLPf4HLWaKCYd0N5F-irO9FS9OPJj6JNBshI6bDD0j52IRHg
x-li-proto: http/2
x-cache: CONFIG_NOCACHE
content-length: 0
x-li-uuid: AAXhbgFH1gdzU4FbTXFtqw==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CE7
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIGxKlIwpESKQDx_Jj3A0DQ&google_cver=1&google_push=ARnp8GCUqmzj5KnW2Oq6CP-CaZNCb6KgpybfUjsXpxzt-i5AaxOLC7RX6dZZPVo2TOx_VG1RwTaQ7Mav1Yn...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GCUqmzj5KnW2Oq6CP-CaZNCb6KgpybfUjsXpxzt-i5AaxOLC7RX6dZZPVo2TOx_VG1RwTaQ7Mav1YnJNaNzDZvN8qAHFLc&google_hm=mfJw7tYcQjGZP4AtELz7nRU

170 B
188 B

58ms
57ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GCUqmzj5KnW2Oq6CP-CaZNCb6KgpybfUjsXpxzt-i5AaxOLC7RX6dZZPVo2TOx_VG1RwTaQ7Mav1YnJNaNzDZvN8qAHFLc&google_hm=mfJw7tYcQjGZP4AtELz7nRU

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GCUqmzj5KnW2Oq6CP-CaZNCb6KgpybfUjsXpxzt-i5AaxOLC7RX6dZZPVo2TOx_VG1RwTaQ7Mav1YnJNaNzDZvN8qAHFLc&google_hm=mfJw7tYcQjGZP4AtELz7nRU
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CE7
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESEIDlNN-oSUvY0DhBWF87uHM&google_cver=1&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw
https://px.adhigh.net/p/gm/rub?google_gid=CAESEIDlNN-oSUvY0DhBWF87uHM&google_cver=1&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw&b...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw&google_hm=lFR-1xowgSMAAikABlGBY9dc...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f3-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GAEFhnBt9VfgbtlVibUhwzKUSAlgxmZ_c4yI9X9_NDQveCGnJF0klGQHPblTO1Ctpj9vR0JIWOj8dF7dQ6cEZyF8mvDEWw&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CE7
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESELnVvJ--sCkWs4oyyGMSdVM&google_cver=1&google_push=ARnp8GCJXsjrKudxEhNIXy8RLe0AZf-E-PeETEBNw6fsNCV2X7GgPmLsx9EpzhqCdbTC2S3v1ZfHSbTmp8jvYAg...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZEHk-kN2SBBtU6uvCA0QVNly2hU&google_push=ARnp8GCJXsjrKudxEhNIXy8RLe0AZf-E-PeETEBNw6fsNCV2X7GgPmLsx9EpzhqCdbTC2S3v1ZfHSbTmp8jvYA...

170 B
188 B

31ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZEHk-kN2SBBtU6uvCA0QVNly2hU&google_push=ARnp8GCJXsjrKudxEhNIXy8RLe0AZf-E-PeETEBNw6fsNCV2X7GgPmLsx9EpzhqCdbTC2S3v1ZfHSbTmp8jvYAgO-s0NH2R2cvM

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=ZEHk-kN2SBBtU6uvCA0QVNly2hU&google_push=ARnp8GCJXsjrKudxEhNIXy8RLe0AZf-E-PeETEBNw6fsNCV2X7GgPmLsx9EpzhqCdbTC2S3v1ZfHSbTmp8jvYAgO-s0NH2R2cvM
Date: Tue, 14 Jun 2022 20:11:07 GMT
Connection: keep-alive
Content-Length: 241
Content-Type: text/html; charset=utf-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CE7
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEFvmfqqgy8EsXZgopk8DF-E&google_cver=1&google_push=ARnp8GCw_6mqRODz_k4l7s4iu9c1K2pfI-tSjVxiLBDjV9q_ZLgKVGkJZuzUEt7k_dq-epn4nIDXxdJx5UxzAdbCx...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GCw_6mqRODz_k4l7s4iu9c1K2pfI-tSjVxiLBDjV9q_ZLgKVGkJZuzUEt7k_dq-epn4nIDXxdJx5UxzAdbCx4nIrkkJ4g&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GCw_6mqRODz_k4l7s4iu9c1K2pfI-tSjVxiLBDjV9q_ZLgKVGkJZuzUEt7k_dq-epn4nIDXxdJx5UxzAdbCx4nIrkkJ4g&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GCw_6mqRODz_k4l7s4iu9c1K2pfI-tSjVxiLBDjV9q_ZLgKVGkJZuzUEt7k_dq-epn4nIDXxdJx5UxzAdbCx4nIrkkJ4g&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CE7
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOr9oyo4zYrIsNJowm6gags&google_cver=1&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs7EOX20MqlM7bo5nOWOZ3swO2TVXXRgBW_Pmi0r7zYJw
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs7EOX20MqlM7bo5nOWOZ3swO2TVXXRgBW_Pmi0r7zYJw...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs7EOX20MqlM7bo5nOWOZ3swO2TVXXRgBW_Pmi0r7zYJw

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GCbF1B6OvrGuRa_BKSZhwjWx6MvlYvNSJ7inTIxEmSlyiTjfsNs7EOX20MqlM7bo5nOWOZ3swO2TVXXRgBW_Pmi0r7zYJw
date: Tue, 14 Jun 2022 20:11:07 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2CE7
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEPlNLv3i6CoMc7ncPSvvF00&google_cver=1&google_push=ARnp8GD431nsB2Cjn3oIwlmMVsGVNIH4LBmsMrGdFwbyUD3xSePKRPtj_dEVi8_tRQvtUfk0FZSknHq7I1KNDu29u17-RviA7p7r
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzBlZmQ0MzYtM2VjOS00MzQwLWFlNGQtZGEzMWIzNzE4NzM0&google_push=ARnp8GD431nsB2Cjn3oIwlmMVsGVNIH4LBmsMrGdFwbyUD3xSePKRPtj_dEVi8_tRQvtUfk...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzBlZmQ0MzYtM2VjOS00MzQwLWFlNGQtZGEzMWIzNzE4NzM0&google_push=ARnp8GD431nsB2Cjn3oIwlmMVsGVNIH4LBmsMrGdFwbyUD3xSePKRPtj_dEVi8_tRQvtUfk0FZSknHq7I1KNDu29u17-RviA7p7r

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=YzBlZmQ0MzYtM2VjOS00MzQwLWFlNGQtZGEzMWIzNzE4NzM0&google_push=ARnp8GD431nsB2Cjn3oIwlmMVsGVNIH4LBmsMrGdFwbyUD3xSePKRPtj_dEVi8_tRQvtUfk0FZSknHq7I1KNDu29u17-RviA7p7r
date: Tue, 14 Jun 2022 20:11:07 GMT
x-envoy-upstream-service-time: 3
server: istio-envoy
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2CE7 0
12 B 34ms
28ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LbsPwgONkFovRMXTRzXiUPLD9ICd_o6IbnlThICnxXzz43wAsodWdOj9UynvWMvmRvl0re0Q

Requested by

Host: 5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
URL: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 204 pixelSync
pixel-sync.sitescout.com/dmp/ Frame 0BED 0
191 B 140ms
37ms Image
text/plain 66.155.71.150
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=8&google_gid=CAESELLnocLiWozzay2rZus1P7o&google_cver=1&google_push=ARnp8GCAN2ThORBoy2uCoroWzVwIlfifOAnYz7FqohvyOthC_N7WJekZfzzQBxKLqlbXOdX2modwwYn63O4eXDmzEQkulv3oEocDkg
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 66.155.71.150 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software: AC1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:06 GMT
cache-control: max-age=0,no-cache,no-store
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BED
Redirect Chain

https://b1sync.zemanta.com/usersync/googleadx/?google_gid=CAESEIbjXSHvqSJMirtIcY31QC0&google_cver=1&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0...
https://b1sync.zemanta.com/usersync/googleadx/?google_cver=1&google_gid=CAESEIbjXSHvqSJMirtIcY31QC0&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0...
https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0C1ypZaWswmPZbbl&google_hm=RThvX01XSGtKNmN3QVBI...

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0C1ypZaWswmPZbbl&google_hm=RThvX01XSGtKNmN3QVBIUGRkLVU=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:07 GMT
P3p: CP="We do not support P3P header."
Location: https://cm.g.doubleclick.net/pixel?google_nid=zemanta&google_push=ARnp8GBzRSrU1UfVDx_wI0VvnI8uLYjhk591QS-XcX1RzCBaIisFOaM5LR_cFwckrWTJ7BxjZ86jEsgxOLYq0C1ypZaWswmPZbbl&google_hm=RThvX01XSGtKNmN3QVBIUGRkLVU=
Cache-Control: no-cache, no-store, must-revalidate
Content-Type: text/html; charset=utf-8
Content-Length: 236
Expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 0BED 42 B
233 B 222ms
105ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEKH09bGtzuFfdPAiBUI7fS4&google_cver=1&google_push=ARnp8GDMPaN5JYHL7sR88wqgHl8czc0Mx-4n5CW1ym1WysuqmIo8m0RbSpivV2F-3WR4YKT2zSIYQWhmz4FWCJQYe3ZI7jpbhjUTrw
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0BED
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEBtcFX39lHsJmgUnTCKp0ic&google_cver=1&google_push=ARnp8GB5v5NeTpL0CJVE7iY-6I4xehSwvp45dsQacwFZR3EL5jmrs-aq1K7mzUI1b-lq9bLQ_BDki5J-2X9AWJs0Y...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GB5v5NeTpL0CJVE7iY-6I4xehSwvp45dsQacwFZR3EL5jmrs-aq1K7mzUI1b-lq9bLQ_BDki5J-2X9AWJs0YF6StRvMMms8zQ&google_hm=Ez6bpGZHZ9_Zk85JRLGh...

170 B
188 B

53ms
53ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GB5v5NeTpL0CJVE7iY-6I4xehSwvp45dsQacwFZR3EL5jmrs-aq1K7mzUI1b-lq9bLQ_BDki5J-2X9AWJs0YF6StRvMMms8zQ&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=ARnp8GB5v5NeTpL0CJVE7iY-6I4xehSwvp45dsQacwFZR3EL5jmrs-aq1K7mzUI1b-lq9bLQ_BDki5J-2X9AWJs0YF6StRvMMms8zQ&google_hm=Ez6bpGZHZ9_Zk85JRLGhv1Mw
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap1ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H2 204 exptsync
ads.yieldmo.com/ Frame 0BED 0
35 B 222ms
46ms Image
text/plain 52.212.248.230
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.yieldmo.com/exptsync?google_gid=CAESEAd3Lf-uBeKfItO7PhBONPo&google_cver=1&google_push=ARnp8GAQEYDZJal_eOSTIEQFuJZVqMXunQPIpHiCR2fiKSCTqyoQ-FeNOnH2-CbhZUhSDsMZU3uUB7iKMUS2gF1j1F0uj785v0bC
Requested by: Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.248.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-248-230.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT

GET
H2

200

/
onetag-sys.com/match/ Frame 0BED
Redirect Chain

https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESEJ5UlzXB-zTWQF7ttuJY2CE&google_cver=1&google_push=ARnp8GDujYeskF4Ee8_CjDrSFjjOVKVL4djOpbOMAKe85zeyGhLcxd7Bpo4hIxTmWIv3f58p3bItfoITkiT...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDujYeskF4Ee8_CjDrSFjjOVKVL4djOpbOMAKe85zeyGhLcxd7Bpo4hIxTmWIv3f58p3bItfoITkiT7GTNY30ISPDtYOuwKb_Q
https://onetag-sys.com/match/?int_id=19&google_error=5

0
151 B

24ms
23ms

Image
text/plain

51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://onetag-sys.com/match/?int_id=19&google_error=5

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://onetag-sys.com/match/?int_id=19&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 255
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

404
Not Found

/
b1sync.zemanta.com/usersync/ Frame 0BED
Redirect Chain

https://b1sync.zemanta.com/usersync?google_gid=CAESEEyo2tUTe2OkkX8mYw1ohEU&google_cver=1&google_push=ARnp8GByykpZWXxnI6_PE61ll8gL4qW7mgV_DUWBKEaK_3mJdavk5Vj4G_DW7exAVlafuAn2bbTWfsb-CwPdG8Cyw7H_wmlV...
https://b1sync.zemanta.com/usersync/?google_gid=CAESEEyo2tUTe2OkkX8mYw1ohEU&google_cver=1&google_push=ARnp8GByykpZWXxnI6_PE61ll8gL4qW7mgV_DUWBKEaK_3mJdavk5Vj4G_DW7exAVlafuAn2bbTWfsb-CwPdG8Cyw7H_wml...

0
0

125ms
124ms

Image
text/plain

64.74.236.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/?google_gid=CAESEEyo2tUTe2OkkX8mYw1ohEU&google_cver=1&google_push=ARnp8GByykpZWXxnI6_PE61ll8gL4qW7mgV_DUWBKEaK_3mJdavk5Vj4G_DW7exAVlafuAn2bbTWfsb-CwPdG8Cyw7H_wmlV7B8-CQ4
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: HTTP/1.1
Server: 64.74.236.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Redirect headers

Location: http://b1sync.zemanta.com/usersync/?google_gid=CAESEEyo2tUTe2OkkX8mYw1ohEU&google_cver=1&google_push=ARnp8GByykpZWXxnI6_PE61ll8gL4qW7mgV_DUWBKEaK_3mJdavk5Vj4G_DW7exAVlafuAn2bbTWfsb-CwPdG8Cyw7H_wmlV7B8-CQ4
Date: Tue, 14 Jun 2022 20:11:07 GMT
Content-Length: 169
Content-Type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 0BED 0
12 B 34ms
28ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LJZKGqpLsZEVSwStGCC9pTi1RwWV4YU3xJr8Y-rue1YYbKr2nsoYulB3K-7r9XYJmJ7dBD3E4

Requested by

Host: f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
URL: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame C2F8 35 KB
13 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20FF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEKSHYSBi7vtDjx8s6ZdxMXI&google_cver=1&google_push=ARnp8GCi1mc3wabxiHLG8wBv4-ChUrcYFYDQKHWMHWPyB25xMTxV5kXM6ASvOOPve5w4LjsUc5BdPKnxpYPcCM3f...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi1mc3wabxiHLG8wBv4-ChUrcYFYDQKHWMHWPyB25xMTxV5kXM6ASvOOPve5w4LjsUc5BdPKnxpYPcCM3fpZ61xyBfgeph

170 B
188 B

29ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi1mc3wabxiHLG8wBv4-ChUrcYFYDQKHWMHWPyB25xMTxV5kXM6ASvOOPve5w4LjsUc5BdPKnxpYPcCM3fpZ61xyBfgeph

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: MT3 4447 e18e916 master nrt-pixel-x8 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ARnp8GCi1mc3wabxiHLG8wBv4-ChUrcYFYDQKHWMHWPyB25xMTxV5kXM6ASvOOPve5w4LjsUc5BdPKnxpYPcCM3fpZ61xyBfgeph
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 14 Jun 2022 20:11:06 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20FF
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&google_gid=CAESE...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcdJ1eBZ9SPvS7tVtzfwDs&google_push=ARnp8GBwgG_L6CyyCruJdbaM7stYAW-SH39UTXubGA5Vvhm1yI5DDGSGV3...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcdJ1eBZ9SPvS7tVtzfwDs&google_push=ARnp8GBwgG_L6CyyCruJdbaM7stYAW-SH39UTXubGA5Vvhm1yI5DDGSGV3u9ppgE96HExAhaOdNcuoh9Sv68uy7XEent9tZbpqsF

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1655237467.140635,VS0,VE92
x-served-by: cache-hhn4037-HHN
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_hm=&google_cver=1&google_gid=CAESEKcdJ1eBZ9SPvS7tVtzfwDs&google_push=ARnp8GBwgG_L6CyyCruJdbaM7stYAW-SH39UTXubGA5Vvhm1yI5DDGSGV3u9ppgE96HExAhaOdNcuoh9Sv68uy7XEent9tZbpqsF
cache-control: no-cache
accept-ranges: bytes
access-control-allow-origin: *
content-length: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20FF
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESENh3MT7DjqwREEkrFZWWlbs&google_cver=1&google_push=ARnp8GBVqeKOWmOTDwLPpoe4svhaqO9gZnuPpGV_DYyQdiDxWCssvdDaYtWakrz2Ps0kX_vbeFRctKsaumy26z7UnKIfwRs...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GBVqeKOWmOTDwLPpoe4svhaqO9gZnuPpGV_DYyQdiDxWCssvdDaYtWakrz2Ps0kX_vbeFRctKsaumy26z7UnKIfwRsuXZsL&google_hm=Mjc1MzUzNTEwOTY0MDg5MD...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GBVqeKOWmOTDwLPpoe4svhaqO9gZnuPpGV_DYyQdiDxWCssvdDaYtWakrz2Ps0kX_vbeFRctKsaumy26z7UnKIfwRsuXZsL&google_hm=Mjc1MzUzNTEwOTY0MDg5MDcxOA%3D%3D

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:07 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GBVqeKOWmOTDwLPpoe4svhaqO9gZnuPpGV_DYyQdiDxWCssvdDaYtWakrz2Ps0kX_vbeFRctKsaumy26z7UnKIfwRsuXZsL&google_hm=Mjc1MzUzNTEwOTY0MDg5MDcxOA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20FF
Redirect Chain

https://s.ad.smaato.net/c/n///-?adNetInit=g&google_gid=CAESEMtnLhjJ7KSumjI5H31Xb5w&google_cver=1&google_push=ARnp8GD3mB8nZCoQTl-l7PtgY3AWBfu5JUe-LlYojIKR9xZsZThAjfeboTS9aBh-ASFlOp-IIi5rIJ847kabLPFa...
https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD3mB8nZCoQTl-l7PtgY3AWBfu5JUe-LlYojIKR9xZsZThAjfeboTS9aBh-ASFlOp-IIi5rIJ847kabLPFafdIPDaQDhwcF

170 B
188 B

56ms
56ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD3mB8nZCoQTl-l7PtgY3AWBfu5JUe-LlYojIKR9xZsZThAjfeboTS9aBh-ASFlOp-IIi5rIJ847kabLPFafdIPDaQDhwcF

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:07 GMT
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA50-C1
x-cache: FunctionGeneratedResponse from cloudfront
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://cm.g.doubleclick.net/pixel?google_nid=smaato&google_push=ARnp8GD3mB8nZCoQTl-l7PtgY3AWBfu5JUe-LlYojIKR9xZsZThAjfeboTS9aBh-ASFlOp-IIi5rIJ847kabLPFafdIPDaQDhwcF
cache-control: no-cache, must-revalidate
content-length: 0
x-amz-cf-id: sRlLOjtcyyMLVfJ4qk3XZbVn0HsevWDihIKDy1xWuQcIbyuWJ_kgLA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20FF
Redirect Chain

https://tg.socdm.com/rtb/sync_before?proto=google_ebda&google_gid=CAESEKmE0jA438ah1CAXvpX9Ohc&google_cver=1&google_push=ARnp8GCBPLAXE-tTP5DVIh9XU9zGxvRlaf4GENYdOBjpO0PHSwaPg1kdshqrCO9yHIPnfqxW1aHYD...
https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ARnp8GCBPLAXE-tTP5DVIh9XU9zGxvRlaf4GENYdOBjpO0PHSwaPg1kdshqrCO9yHIPnfqxW1aHYDHwkn8YHvzwztSIgU2ShyX-z&google_hm=WXFqclc4Q28...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ARnp8GCBPLAXE-tTP5DVIh9XU9zGxvRlaf4GENYdOBjpO0PHSwaPg1kdshqrCO9yHIPnfqxW1aHYDHwkn8YHvzwztSIgU2ShyX-z&google_hm=WXFqclc4Q281dWdBQU4xaXNFOEFBQUFB

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

X-SO-Cluster-ID: 22
Date: Tue, 14 Jun 2022 20:11:07 GMT
X-SO-LB-Data: {"ban":false,"clean_query":"\/rtb\/sync_before?google_cver=1&google_gid=CAESEKmE0jA438ah1CAXvpX9Ohc&google_push=ARnp8GCBPLAXE-tTP5DVIh9XU9zGxvRlaf4GENYdOBjpO0PHSwaPg1kdshqrCO9yHIPnfqxW1aHYDHwkn8YHvzwztSIgU2ShyX-z&proto=google_ebda","cluster_id":22,"gdpr":true,"ipv4":"0.0.0.0","key":"YqjrW8Co5ugAAN1isE8AAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40070"}
X-SO-Ads-Time: 3
X-SO-Key: YqjrW8Co5ugAAN1isE8AAAAA
Server: nginx
X-SO-Upstream-ID: a-ad40070
P3P: CP="See also http://www.scaleout.jp/privacy/"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ad_generation_eb&google_push=ARnp8GCBPLAXE-tTP5DVIh9XU9zGxvRlaf4GENYdOBjpO0PHSwaPg1kdshqrCO9yHIPnfqxW1aHYDHwkn8YHvzwztSIgU2ShyX-z&google_hm=WXFqclc4Q281dWdBQU4xaXNFOEFBQUFB
Cache-Control: private
X-SO-HostName: a-ad40070.dc2p.scaleout.jp
Connection: keep-alive
Content-Length: 0
X-SO-LB-Hostname: a-tgng40017.dc2p.scaleout.jp
X-SO-IP: 217.114.218.21

GET
H/1.1 200
OK sync
rtb2-useast.e-volution.ai/ Frame 20FF 42 B
233 B 309ms
103ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb2-useast.e-volution.ai/sync?exchange=193&google_gid=CAESECmn8-TLAcxIWcyMbMKiSek&google_cver=1&google_push=ARnp8GDez3xfGaYbEeU4O5ppLaIYwCdNUTVIekqyVfysfq_wgooUW_qHk1nc4x3ReS8dMR17uZZYCSaT6I2ZbCTHUqO_ns9l79QI
Requested by: Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 20FF
Redirect Chain

https://ads.avads.net/sync/ggl?google_gid=CAESEPlNLv3i6CoMc7ncPSvvF00&google_cver=1&google_push=ARnp8GAW34mGEt7_9EU9T2L9s5_dRBu-2Or5eri320z2EjWPXzDne0nRZ0oj3wXVdXWqVhf6LNbt-8njfPq398q6xfi_kP4D0KpR6g
https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2JiMGI2ZmQtYzM4Mi00N2FkLWJjNWEtZjNlMTUwNjQ3ZjJm&google_push=ARnp8GAW34mGEt7_9EU9T2L9s5_dRBu-2Or5eri320z2EjWPXzDne0nRZ0oj3wXVdXWqVhf...

170 B
188 B

38ms
38ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2JiMGI2ZmQtYzM4Mi00N2FkLWJjNWEtZjNlMTUwNjQ3ZjJm&google_push=ARnp8GAW34mGEt7_9EU9T2L9s5_dRBu-2Or5eri320z2EjWPXzDne0nRZ0oj3wXVdXWqVhf6LNbt-8njfPq398q6xfi_kP4D0KpR6g

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=antvoice&google_hm=Y2JiMGI2ZmQtYzM4Mi00N2FkLWJjNWEtZjNlMTUwNjQ3ZjJm&google_push=ARnp8GAW34mGEt7_9EU9T2L9s5_dRBu-2Or5eri320z2EjWPXzDne0nRZ0oj3wXVdXWqVhf6LNbt-8njfPq398q6xfi_kP4D0KpR6g
date: Tue, 14 Jun 2022 20:11:07 GMT
x-envoy-upstream-service-time: 13
server: istio-envoy
content-length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 20FF 0
12 B 33ms
29ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IuXoI4o1WkmSzytEsqPjk0Af3aBDkTD_qWa3-GoxqwNSARGVgo8M6MhJs7CqG0eC4R2jAMobc

Requested by

Host: f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
URL: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame F93D 35 KB
13 KB 27ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42B9
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEMvxofntg3cwstkm9ZlBr_A&google_cver=1&google_push=ARnp8GAy2ihkjUIt_g2R_E76GzI7XujAXfAj1pYsG1cuyis4-NE7fiz-I85VYsy6tWxzh1i9sqsMk6M7I706HGqV2XF1--9YOgsfkg
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GAy2ihkjUIt_g2R_E76GzI7XujAXfAj1pYsG1cuyis4-NE7fiz-I85VYsy6tWxzh1i9sqsMk6M7I706HGq...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GAy2ihkjUIt_g2R_E76GzI7XujAXfAj1pYsG1cuyis4-NE7fiz-I85VYsy6tWxzh1i9sqsMk6M7I706HGqV2XF1--9YOgsfkg

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GAy2ihkjUIt_g2R_E76GzI7XujAXfAj1pYsG1cuyis4-NE7fiz-I85VYsy6tWxzh1i9sqsMk6M7I706HGqV2XF1--9YOgsfkg
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 13 Jun 2022 20:11:07 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42B9
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESEBQCwSQs9zXdZESIUarv8m4&google_cver=1&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLmg
https://px.adhigh.net/p/gm/rub?google_gid=CAESEBQCwSQs9zXdZESIUarv8m4&google_cver=1&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLm...
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLmg&google_hm=lFR-1xowgSMAAikABlGBY...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLmg&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f3-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GC_HcJcPz3ea4K1_nNIWOuyg2nEPqzMbWtrqJ_FUIhrrtsgZk1gGFjXWxnfFW9psGDE_1vVIez3qQUSFpiaCkvKoPJ4b6RLmg&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42B9
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEMGwIWyo_TXH9TxFX_N7eVs&google_cver=1&google_push=ARnp8GANPIePEGhkdCZxLBbSwnJ80tEKa6T0YMy4bmihFNgVP9olrrCHpdEuY1NeS7GiVcystgI6-ki4lgohxyVA6OeZ8GI...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GANPIePEGhkdCZxLBbSwnJ80tEKa6T0YMy4bmihFNgVP9olrrCHpdEuY1NeS7GiVcystgI6-ki4lgohxyVA6OeZ8GIu2uHCdg&google_hm=Mjc1MzUzNTEwOTY0MDg5...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GANPIePEGhkdCZxLBbSwnJ80tEKa6T0YMy4bmihFNgVP9olrrCHpdEuY1NeS7GiVcystgI6-ki4lgohxyVA6OeZ8GIu2uHCdg&google_hm=Mjc1MzUzNTEwOTY0MDg5MDcxOA%3D%3D

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:07 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=ARnp8GANPIePEGhkdCZxLBbSwnJ80tEKa6T0YMy4bmihFNgVP9olrrCHpdEuY1NeS7GiVcystgI6-ki4lgohxyVA6OeZ8GIu2uHCdg&google_hm=Mjc1MzUzNTEwOTY0MDg5MDcxOA%3D%3D
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42B9
Redirect Chain

https://sync.srv.stackadapt.com/sync?nid=154&google_gid=CAESEMxmnhM3S4kxQF09pHcYXko&google_cver=1&google_push=ARnp8GCWu5rPc6BOVbD1sKR9VbplDffi4pnV_eBBZhWZ8R-12_yFY-ozBl2easFZJt3vwYRtySer_h7Ct2jUyje...
https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1EpwWvjoSAtu7Dv4BBWS29ly2hU&google_push=ARnp8GCWu5rPc6BOVbD1sKR9VbplDffi4pnV_eBBZhWZ8R-12_yFY-ozBl2easFZJt3vwYRtySer_h7Ct2jUyj...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1EpwWvjoSAtu7Dv4BBWS29ly2hU&google_push=ARnp8GCWu5rPc6BOVbD1sKR9VbplDffi4pnV_eBBZhWZ8R-12_yFY-ozBl2easFZJt3vwYRtySer_h7Ct2jUyjehIXatUEmlU35q

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=stackadapt_usd&google_hm=1EpwWvjoSAtu7Dv4BBWS29ly2hU&google_push=ARnp8GCWu5rPc6BOVbD1sKR9VbplDffi4pnV_eBBZhWZ8R-12_yFY-ozBl2easFZJt3vwYRtySer_h7Ct2jUyjehIXatUEmlU35q
Date: Tue, 14 Jun 2022 20:11:07 GMT
Connection: keep-alive
Content-Length: 242
Content-Type: text/html; charset=utf-8

GET
H2 204 pub
cs.chocolateplatform.com/ Frame 42B9 0
68 B 554ms
244ms Image
text/plain 159.203.145.121
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.chocolateplatform.com/pub?pid=ebda&google_gid=CAESEAsOeTx_7GdW-YMbK5Bf6uQ&google_cver=1&google_push=ARnp8GCGC8p__C-_4SflUT2-Gwpf03-NfUkAEicCnpqrmHGywLoXphxwx3gZehXNIhe7OLMZD3HwZ2dCSAlIRVLmbiB1U6rMMOe16Q
Requested by: Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 159.203.145.121 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: Chocolate Cookie Sync Powered by Vdopia /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
server: Chocolate Cookie Sync Powered by Vdopia

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 42B9
Redirect Chain

https://sm.rtb.mts.ru/p?ssp=googleban&pm=1&google_gid=CAESEMZaquyIWq8cWxZ6iFhOTK4&google_cver=1&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA...
https://sm.rtb.mts.ru/match/second?ssp=12&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA_RwJbvG8rxWrg&exu=CAESEMZaquyIWq8cWxZ6iFhOTK4
https://tech.rtb.mts.ru/?dsp_uid=fa1f5779-5985-4dda-9ac0-09d819f68307&return_url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dstream_llc%26id%3Dfa1f5779-5985-4dda-9ac0-09d819f68307%26g...
https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=fa1f5779-5985-4dda-9ac0-09d819f68307&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQ...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=fa1f5779-5985-4dda-9ac0-09d819f68307&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA_RwJbvG8rxWrg

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Tue, 14 Jun 2022 20:11:07 GMT
Server: nginx/1.20.2
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Content-Type: text/html; charset=utf-8
Location: https://cm.g.doubleclick.net/pixel?google_nid=stream_llc&id=fa1f5779-5985-4dda-9ac0-09d819f68307&google_push=ARnp8GA5TqdS6berzweMz3Aywlp9xpSjp3fPInOeImm1sdxUq5aR3OnR4yMgLSHOBL9siNRffD2UAXozAaKwciTQA_RwJbvG8rxWrg
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With

GET
H/1.1

404
Not Found

/
b1sync.zemanta.com/usersync/ Frame 42B9
Redirect Chain

https://b1sync.zemanta.com/usersync?google_gid=CAESEKVC6rPu6wNSBeKiHDEkeJU&google_cver=1&google_push=ARnp8GBnT1X358SL5h45fHmRcG_STI4FgAtu8AiAFiJc9nJrAahv2MYXpn7px41nPnpvCCiMSppAhZexd_Qmm4AZbVaNVXLU...
https://b1sync.zemanta.com/usersync/?google_gid=CAESEKVC6rPu6wNSBeKiHDEkeJU&google_cver=1&google_push=ARnp8GBnT1X358SL5h45fHmRcG_STI4FgAtu8AiAFiJc9nJrAahv2MYXpn7px41nPnpvCCiMSppAhZexd_Qmm4AZbVaNVXL...

0
0

121ms
121ms

Image
text/plain

64.74.236.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1sync.zemanta.com/usersync/?google_gid=CAESEKVC6rPu6wNSBeKiHDEkeJU&google_cver=1&google_push=ARnp8GBnT1X358SL5h45fHmRcG_STI4FgAtu8AiAFiJc9nJrAahv2MYXpn7px41nPnpvCCiMSppAhZexd_Qmm4AZbVaNVXLUHEwm6fw
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: HTTP/1.1
Server: 64.74.236.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: chi.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Redirect headers

Location: http://b1sync.zemanta.com/usersync/?google_gid=CAESEKVC6rPu6wNSBeKiHDEkeJU&google_cver=1&google_push=ARnp8GBnT1X358SL5h45fHmRcG_STI4FgAtu8AiAFiJc9nJrAahv2MYXpn7px41nPnpvCCiMSppAhZexd_Qmm4AZbVaNVXLUHEwm6fw
Date: Tue, 14 Jun 2022 20:11:07 GMT
Content-Length: 169
Content-Type: text/html

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 42B9 0
12 B 31ms
28ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IlQQohpT747Zj02L7BY-nWnHmmlGga2AuEcMwrxjtAEoK46LXR4RwSP0jn23VeRzI-fJIYUH8

Requested by

Host: 0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
URL: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D74 35 KB
13 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame A60E 35 KB
13 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3 200 Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2732 35 KB
13 KB 26ms
23ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 17:14:10 GMT

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 2DD9 35 KB
13 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A2B1 0
26 B 57ms
57ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst8BQbgcF9J45n1dp2jFSfCd4bkbC5f_gXV3YebpRXAQOtwAfu67aCeEeS_kWDTKURyHJJnWlV60fF63slF2Oa8megl_lKGcpeBSOg9MRGQfY0O28bo7lvmu4Pie_wOKw5R0MQX4ybw37WayzAGGeQOruZnt_mv7ROboIuESCIleyPacGf-1NSslaT0ip31JHaIsOL5yUwCGivzD6-YsJFy9TQq8raqRlFMntiJpxSdJxxjp0FnIMXKmEUCYRhOkFoPxvgSwQVvFzeyab10Gv9bCRayr3rcTWl8kR7_pwmwZcZ2ImF5TJGqeLpikNwWsN24pgb5ZP03AAox8vfV7OUz0ZWmEgWfX9f35QD8KeUENo4VfBcLT6ciaPAG0H15VUIrtI8U0Ow60Xm_jn4Q2sNREEN2PZ6Dr-iR0JvSZHR5vCdrDKn_VqmgPgF7Kdh68jn36UzUhfMKked8a6FApBANwxP0VrkhcbMmxkJSgShdpEVn5NDDXAWQUsad7v1FDvh6L9482coLrJHJm-MszSbAPwMjgckHKTyJjyw-0VQMP_3xq7p9gb-HlXS1XQxbptLREjHtDQs2HD1QvLpJ-AxSv9zPRUJrtLfElGv_8VK17KOH325q3xfnCAzY-8AyAW9UuIzGPro-fl2O_W9a7kvub4ZhZst-4pE-ghOoNLlRyEzxS8HzvnIUD8y9DFQ2Yt7IEuAFuHY8zpMUFjRLAcIjrEWVJ6FAlClfTjmPVEKPLbYjQfO4oV8ROgo0to7pivYlVYIJNwCXpS4tOm5pD0fHgALW4nN8wBUH9CKXhXa5e0hmKdsUvGZMMmE_FzOQ9FFPsFu7DeuS-Fx0hi9VXVaMadiu0skvel0ts0TjG8HD1kPOzKPNGuZuAeepCfLUOGwvixrai94yNkJY_rFDLTO4s4-QVnkCaWNFmU1VhTCaOk2oE2HnplF6TZhs9rjY2tn83CE7vCZ4tJsMOZgVeKoXAkhzrIjfybXdyG9jG7PFaKK30W4nLhVFb6YrnVfv_XbziK-ZMh-I2wXBSCKFgCHZ3exmGiPzUwk6d-aWgOl6ci8X_Et9c1aNIbuUmOtKpzsyoFYS_cIrjvSy5zMImwvEwEAqRq3XEmyd-CT6ji2QqTwwnYsLKlQxCwGAs9YWpQq_y77QoJlxk0VNiwOGUY1PLKohVjcM9lhSG_qwp0dJSnCPLzJqMFXHgOvgguFCVeIi8vJXeWJL9Dz1gXun_8LH6KuFz-KvbzeoNhS4sDluFEnV4x9dwyVh-xP4zDPEof7gOafS-fJWma3xGw&sai=AMfl-YTXIh_c9eCpfdi1TBCyqVE7qEmNytRFZCpxcCns4U3u_XUKo3HFUvn-BQgaH2JDdUAQmIR6rKj1mwZUNSLXJPaRd3elbgDTm-v8BOS93GbLt5Uom44PnjFp6b6orbgWq3i523-NXoRMM-gAreuYR3WHeeiMCgYfKgLCKr_8p2b-TNvevss0_TB0Md-rqHYNlXyLd_iTLesjxyWvE6tLRQ&sig=Cg0ArKJSzAgHJTtd3hTrEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=965&vt=11&dtpt=779&dett=3&cstd=183&cisv=r20220609.99709&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 52C7 35 KB
13 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 46C2 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 8770 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89156
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame C7AD 0
26 B 59ms
58ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv75laP22UZe28YWuL3oishliS8PRNy7vJSiKTJSGnDhy0BETqMDw-M28ObbDptNjgvHqNwm47261W0xnZBy3t1n7TE6P7M5fvDfsOwSNNzc2Jus5RFR3i1oC4Ehc-YRyFTGDrFnwn-fkoKNVdMtAoHwNXCGP0Vz09xSW3v2aLhjGtNa-6sD03QmrgzGpC8W5KmCZcIAc8CXRqT6DaGPNDkhkpnONY8RbcpGjaSQzY-_t4TVC_jEP44EB5iKT2yBsBg3L4kkRK4hZWSyStJw73khTDNDCMY81TaEX-9w_ChriVkbEOe-PEFr8x5PcRnM5Tw5NZWnssdvHiZna4IoYS20mkpqnrWV8QrCWdtaQbbXp8ZIJf9MYHz-Y4EY8IDciybiKdwDVIq2nYC4ZaVME881hugab2VjnNmPxcVsz6rgm0pv7JOTDmiT8tZUA0jfVLCtp-FcY_gtPgCDD_eMiml2EhgMCEJ73TUA0BHeUX5KTQJlVb0ENVayboCgfl-XOJPMHLjS3rcYqIiYSEP5y8mdv38e5kcOI6GWqfD03jyblsP8rQcwBgcclCgluIpZ0uTLOnC5Zf9xeyrXdO7ws1a7sU3DCTNPuyqhBoe5lV0EHgHjecWs-XvcUTvDQKnRgsxepmnwCpK8Om5iMIlN_LMT0ZxtEVzQy6OsN_dh4EJr2m5-bdEPF8KrA9UWWaN4pkW5aahYPVXFbnpw4EPxb-FKj6_ZUZtNpZ1HiUX-EmDkOmeSDAfwsass1y0T-hnlXwQvGg2ZwkDAe10ix8bd6SeQRBqZq-ZQt-ZaGZRcoNTctWoIK1oK8Cqh-K6f4YItppZivgPxkxNxUlcwVfMFl4AOW1s_hFIidVLl0_MsMb51uqdNS-ka75XEqGu6BoDd1FpuP1C7zBmjpmii6kOeUYUpsH9u1NlLqSbU_ePEv_And89qzD-3HhQqw30iPNYm2Z2MyHprOCXT_Rehp8fMihry33IcFB_UWLy8I3DfqeydYsrgfte9Lmu9MRWElIoYNUuRK6rgdILh1YwhhBe1XnWqYvBdq7UFyI1xz60-bHHONHsRYAq7G2M-lu3pAb0kq9btDt9AzU5wgO5kjwMgCfNcsmvP0EBjzF1LNhMgf2rTJT5yyXHy6Q5ouk_edqGp6jNEVQyLT30uae8J8TSjGQH_ZGSiiNOZBiFjWYUTXVUWEoF4LS0hJ1_xoeHLhMbYD6INMDtMC4X2Jq-ljSnMhVk41uYVtbVCh51fA_1lczTDhrcN1MnzOmb_DXszUUzlJ3go40soB-4xUGYqQ&sai=AMfl-YRn5zfC4uRimBxR8dqbmb991Aq-pNJO9j7kmAlC4FatPOkXgdA2lIB5wFcj9lH0n--G2Pk0pwQVDqgGNlYFNp8ioB1iUCW4_zPjInVXX0syu5glRjKiynF-Whpgl2K52qKZbCTza403m3zxPXKsnYld-z5tdS94b1rqdl0cNOK9Tslve9uGc_eByz9q09Jjypecm6qf_Dx6awPbrjzmVw&sig=Cg0ArKJSzNTcuhIQKGFTEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=922&vt=11&dtpt=738&dett=3&cstd=182&cisv=r20220609.30143&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 impl_v89.js Show response
www.googletagservices.com/dcm/ Frame 09CC 54 KB
21 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v89.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5c074fe7caed85285ceec6f5a877867b78a4af8f1ef0b0adc9a2200da2112d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 11:08:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32578
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21503
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 10:59:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 11:08:09 GMT

GET
H3 206 file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame AB93 1 MB
0 48ms
22ms Media
video/mp4 2a00:1450:4001:65::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: 8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
URL: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2224397/2224398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2224398
expires: Tue, 14 Jun 2022 20:11:07 GMT
last-modified: Tue, 31 May 2022 13:30:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
client-protocol: quic

GET
H3 206 file.mp4
r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 9928 1 MB
0 46ms
21ms Media
video/mp4 2a00:1450:4001:65::a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r5---sn-4g5e6nz7.c.2mdn.net/videoplayback/id/6e0278adb5a38b70/itag/344/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1686773466/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/41E68D1F49028FDB7C8F4E7B76B09DFC9C163FD8.6D95C4EACBA8FC17DEA0B9060DB6EDC580981F76/key/cms1/cms_redirect/yes/mh/N7/mip/2001:1b60:2:240:3247::10/mm/42/mn/sn-4g5e6nz7/ms/onc/mt/1655236645/mv/u/mvi/5/pl/29/file/file.mp4

Requested by

Host: 2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
URL: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:65::a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2224397/2224398
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2224398
expires: Tue, 14 Jun 2022 20:11:07 GMT
last-modified: Tue, 31 May 2022 13:30:54 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
client-protocol: quic

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 9F91 0
208 B 21ms
21ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 300x250_Calculator_v3.gif
s0.2mdn.net/sadbundle/20862571333860544/ Frame 88CE 104 KB
104 KB 22ms
21ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/20862571333860544/300x250_Calculator_v3.gif

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cee9422f15936bb88a311a8bf2423833a6a80dff9da0e603529a9e21a3a7a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/20862571333860544/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 14:41:04 GMT
x-content-type-options: nosniff
age: 538203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106883
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 16:34:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 14:41:04 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame EB9F 0
208 B 21ms
20ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame AD01 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14007
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:27:44 GMT

GET
H3 200 KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js Show response
pagead2.googlesyndication.com/bg/ Frame 81B7 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/KTHYOna8VhrtXL7WgNcsIkAo3r0EoLxY2-h6-FKeiG0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:27:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89003
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14007
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:27:44 GMT

GET
H3 200 Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js Show response
pagead2.googlesyndication.com/bg/ Frame B658 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 17:14:10 GMT

GET
H3 200 300x250_Calculator_v3.gif
s0.2mdn.net/sadbundle/20862571333860544/ Frame 44CA 104 KB
104 KB 20ms
20ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/20862571333860544/300x250_Calculator_v3.gif

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/20862571333860544/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3cee9422f15936bb88a311a8bf2423833a6a80dff9da0e603529a9e21a3a7a8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/20862571333860544/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 14:41:04 GMT
x-content-type-options: nosniff
age: 538203
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106883
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 16:34:10 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 14:41:04 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 9F91 87 KB
28 KB 319ms
150ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame EB9F 87 KB
28 KB 213ms
72ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 19E8 87 KB
28 KB 241ms
115ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H3 200 Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js Show response
pagead2.googlesyndication.com/bg/ Frame 6267 35 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 17:14:10 GMT

GET
H3 200 Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js Show response
pagead2.googlesyndication.com/bg/ Frame B8BD 35 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 17:14:10 GMT

GET
H3 200 Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js Show response
pagead2.googlesyndication.com/bg/ Frame 8CC0 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10617
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 17:14:10 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A70C 0
26 B 56ms
56ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssRQAqF3RxHB3chu_7vg8VOdgNEh6vZB0PbXzOze8Qke5BLTNhCIX7MyuN97MUwSPB7sORybcyXsenDufl8B9MuviZ0qUMn_gsGWfLtyeBahbKPTjzZWmz1G6OoJKYd-ZyvYSaQNeTExm3BajEddmuOTfZMR0azlv0g_LEz2GEdvlkGnXX4uMe-reRWY4mzdID8d6FnfX2-jBPRm6oO956ki2A-G3-63Jo8hIm9tfa2t8GrGoepxrStO4Jwtlz9vMASMiIjS2yA8UDv5Hr8XUIanimWAeQSJl28ytS2NHKNK3q1XgBRoXgNX6C1ZL_VggukyDaRord5mZ1dRiDCMeZ2vkGHy56vlEP-qpSWcljJDp3x48kl9_WgAOFM1TnTIaaoPAE57hZvILR-jASpra_6O91UvzNohBxcKYq1fBmuAqygW-QxmhY32N5ttByD86HDVG6nw8az7sUNZZzDVb883ukYVMfaoJLjvn8JlwM8iPGUufTOFg24qEUv-3e4IOc9ptrUq_5N18OBTtj9m_ZdvPLPBWIRY5C47quFz3Qow9sAGZ1axgookSqTiPBT-Ia7zxujr821ymxYDczO8gmnL1zG_mbZNZ1CPZiv4fEdeJVYJK63q-dzKbpWN2kl1ICGDLDgnYWLmVr8P6gMeo-_-Vp4wT2gbVNy0xREmY1tjpnc5hg2n721pn_mvBawdzHH6M4dOzE3EdYdRXJKvINkuAi9z5I3VxzTRcGrzKdsi6g_yDgtge_CgXNyG5fo8HoZpvEy6PuGBj2wFCDHkuH7G29ZwOJ6s57kbYqWt-1UL1z6LvtQ1-bwzCWGoXYj27hdCVkdlD7FnirhxY5MuLMtWuWKvB4bXIHGrbjRjgvKwNbCKv8j-5eS20g5exGtwMq89dYmvyC_bVrLWlQ3IBlfYezhue2GrDYBh_W4mv_ga1nSjUkDA6WoMBD3OSBYLdPe2BhuUhOJ_oJkKto3ieUJDfoMX8t2lBTIp8HFLAcx4MFxmjLqsZlJnbLDspPMYBjUVU_GV3r58jjNvEB2fwB7XN4l82qt4OKRQOMxHisScKGarQqrTUgMPezFQY8ESSdqqO8YONPhtj6LNs7Eg7LOhN0apr07_9mTcFielNFIBF4IomXAmi17hb_VrSf2798RPmj0t85X-deDxotJX2X4fJi3JIpwc8LywKLsUDpBkmthoyoWtcnyZxeGWTl_VzQTnbX-T3kLejoqjvl2bMRPYnvmsx8A0oLE0LKCzdBDTHiAy8NHZRzx1Y2FxVlR5uu6tj_tQNZoFWFGlus&sai=AMfl-YTiHcfdjdNX63-MM3lOxevQWeucDoKO_VONi-aDWthTuxMJApY5lSBRRQxtAOcvEl65PSFihVxrA1oZpNyIkcFe3_FItTR-2qjIVlMgqCLHlXivgU9XmkgoP48BnwKuVLCmIl2TAGMrPQVqRB2bPXdENLM_bXAYaaMHqsqZaUH5H7yh_BcRlKVGzjKdAkbc1BtfKGjGPGoNYHb7XKdeHQ&sig=Cg0ArKJSzPU1aceGNTnmEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1330&vt=11&dtpt=844&dett=3&cstd=482&cisv=r20220609.70766&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame E6F0 87 KB
28 KB 119ms
77ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame A446 7 KB
6 KB 74ms
33ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f4f124964ba6a4b42cff73edba0a67a5150e42b369145395b0484206ba01cc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5619
x-xss-protection: 0

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 3552 87 KB
28 KB 178ms
144ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H2 200 B9689862.280630144;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=1832254322;ord=wktmsf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Ffornoob.com$2,https%3A%2F%2Fforno... Show response
ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/ Frame 09CC 46 KB
23 KB 117ms
55ms Script
text/javascript 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=1832254322;ord=wktmsf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Ffornoob.com$2,https%3A%2F%2Ffornoob.com%2F$0;xdt=1;crlt=ZUmIU840kH;stc=1;chaa=1;sttr=498;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v89.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

da966e1768a2a913e5fcc571ef16e0145621ffe94f01da29b42eb6cb09797234

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23076
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 63D4 0
26 B 58ms
57ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstbYxstu3cGlaxdK4J-tuSU3o420p4p5MtFiVvs0akvKuQVxBLCxATeKl1X4tOoyL_kpzL2cqHi7AqyCp-QS52UPP17aYVGhm5acknheUNdpOnISEoaj7AIyScP33rUK5t80pXGqBVwgiNoh0sadbvNo6v3OVyWXe9GBpfI6jI47r53BBdB0GC96qQXA3J8tQZYYQVl12KrIPTJFkvnCMsKK__bZ9vajmcfEWX95nJ2vZEyHDLXVlO0e0F0rMr8VnTqvSh98MQAmHa_FECjslAfJLzJij51tDK8aSk2PrtOSDprUWVEoSFJdvb58ntvCuGoX0EUIR8kabW49g4S_C9g52cClt6yv2a6qXyZQzNHtWYHT2si1o3E2C1CkBxG795i3QJAxXIPFjZHcZAFT92z4RzI6YIghT_GB299aM6XVIwQJtbpF-f5T6l7PGMtUfOW_6TOAYSIRl2gDHusuCtcqFvIAO8ScNRf_5Fz6eSZ0C0LOXpDQ_l5AgdB6CtA9flVWvNrFtc7C_8D0x64ofl9v5_CV40MSRS6aXLYoIazCsMAedUFANgjAC1ELXjuRom9S7CFosY_jlt7JGHbCfaj2nac7nDsMLSO4AqeVBDCsfGbmrLdcZ1pR-XWnW_WeY0KGi0zC4-SaZKVemQPBunAjnC0jJ_hCI-AyeA9GBRgTncamtwhboyjK5aQNv5fC--sX3LrssVozsInQ-IR26rDo7GoBO6pYCmuiCoiR9oFHpTplg8dCEZHRmwbcPlvUiXY9b_gdnxay92IT3vCbJN4nJmMHstVhLmhkG8ZCm5BAz_x3JMWMKIJvYoyRiZVVFsQqaViy2raLwK9sXkyPsl-MJ0vvHrLP39Xn7Ovl3tae-D2JiB_Br2ud96Kf_KLBfxQ7b6-nGSYCS6pNcojjjXC-lgJ6AvOB7R3a5iKdX_HewwNtfpKaWkLpSH5FPMaje-R-U2_DjiB5-IlM5cZkg4IJ7XKsgVPsMXfcWJViFhZaQxCwBoQ_mo0nL5o10TF7ro9qPgp3N21cCueUaUM_F2DufY9bVjCaePHSljaQTVC4IJX6F7uM0yfTitFYgwTWDNd4e5bS28i-mNyre3G1Tij5oXYE2SZJbhRTkDm6XsSFnJUj8ABF9aKCSQgYC70XqkT4tYI8KiYAwDbQj1w-u4ptpw5RM6IzXixYPyffB4AUhtdgFRJjCnnEGl4FnwPhfzGKUg4L5iFvEskmrXBzBqBveJq-L4OgeDAMekiSzZKAA&sai=AMfl-YS7PRVR0-M-dbKux2YRoYmJhFnTkPYtAtknpMfjxrNOfEL_mifCc8qHGNo1J68IzXD2ivhAWMdraYj__V-CQD5wAueUDgz_ERcx1Q4e_wIVedGj0kFoYlZYe3hNPpGLMa7qtXIhhddhJijkMxT4Vs6V_YVeI0K0ljPdsyFirnLT3PctebhEW4sEl7jJRlCC26BGy0t-ZiAYRPNM-FhH7w&sig=Cg0ArKJSzDecElF5CYaAEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1429&vt=11&dtpt=1218&dett=3&cstd=205&cisv=r20220609.37249&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 3D0E 0
208 B 20ms
20ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 06DD 87 KB
28 KB 172ms
163ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 3552 0
208 B 21ms
20ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 3D0E 87 KB
28 KB 157ms
157ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame 5125 87 KB
28 KB 149ms
148ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H2 200 publishertag.prebid.117.js Show response
static.criteo.net/js/ld/ Frame C7AA 87 KB
28 KB 151ms
150ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.117.js

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
last-modified: Wed, 29 Dec 2021 12:30:46 GMT
server: nginx
etag: W/"61cc54f6-15c19"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:07 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A70C 43 B
215 B 104ms
104ms Image
image/gif 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=29767ff5-dd44-eb1d-b4c2-1dbebf1d967d&tv=%7Bc:fxR6rR,pingTime:-10,time:868,type:s,mvn:ZnNjPTEyLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNS4xMnYxMjAwfHwxNjAwfHwxfHwxfHwyNHx8MTIwMHx8MHx8MHx8MXx8bGFuZHNjYXBlLXByaW1hcnl8fDI0fHw0LzN8fDQvM3x8MHx8MTYwMA--,no:MTcuNS4xMnZNb3ppbGxhfHxOZXRzY2FwZXx8bnx8bnx8MHx8bnx8V2luMzJ8fEdlY2tvfHwyMDAzMDEwN3x8MHx8TW96aWxsYS81LjAgKFdpbmRvd3MgTlQgMTAuMDsgV2luNjQ7IHg2NCkgQXBwbGVXZWJLaXQvNTM3LjM2IChLSFRNTCwgbGlrZSBHZWNrbykgQ2hyb21lLzEwMi4wLjUwMDUuMTE1IFNhZmFyaS81MzcuMzZ8fDF8fDF8fEdvb2dsZSBJbmMufHxu,ch:n,fsc:17.5.12v220002022000220000022002220000022220200000222200022220002022022022222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222202220022202200022002220222202,asp:1655237467742%7C%7Cafc3209f723fd8f5679038fa893deb9a%7C%7Cdbc3478ee785a5c8b6589acffbc3654a%7C%7C9f550d8995ff619dc3dec75226f4b567%7C%7C824bf486e1bd896b84abcd0edd01c271%7C%7C4fbc9bb801967e4ad32623939340223c%7C%7Cbd1665fd6ae8c6ff5cc81ed532b35dc8%7C%7C81b10a647ebcc419e587fdfeca883b8a%7C%7C1629390669,im:%7Bimprf:%7Bttecl:882,ecd:142,tsecr:145%7D%7D%7D
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:07 GMT
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5D4A 7 KB
6 KB 32ms
32ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_248&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3a3bf749d9fa60a74599a08576b9312c7c3f505d7d899393b3a18a49b8512f9c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5795
x-xss-protection: 0

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame E6F0 0
208 B 22ms
22ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 19E8 0
208 B 21ms
20ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame A446 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:07 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame A7B9 52 KB
17 KB 80ms
20ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56616
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 730957
X-Served-By: cache-lga21926-LGA, cache-hhn4077-HHN
X-Timer: S1655237468.872644,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 0789 0
0 23ms
22ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464670

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 8049 926 B
1 KB 122ms
45ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5259
CF-Cache-Status: HIT
CF-RAY: 71b5b69e5ed56904-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:07 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H2 204 /
onetag-sys.com/usync/ Frame FCBB 0
0 23ms
22ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464700

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 1BD8 926 B
1 KB 106ms
31ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5259
CF-Cache-Status: HIT
CF-RAY: 71b5b69e5a409b3d-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:07 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 89F0 52 KB
17 KB 79ms
25ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56616
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 731218
X-Served-By: cache-lga21926-LGA, cache-hhn4068-HHN
X-Timer: S1655237468.876681,VS0,VE0

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 791C 926 B
1 KB 103ms
30ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 3605
CF-Cache-Status: HIT
CF-RAY: 71b5b69e5ebc9042-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:07 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: TZDfxO4uwORNUA/4irnRs9qqp9lI3eH+ruz8qqqAX5jBwgQ1rzgBbhsPKs2FgAnYzrbwWSW5JnM=
x-amz-request-id: 15DYQDFYDGXZWWWF

GET
H2 204 /
onetag-sys.com/usync/ Frame 396B 0
0 23ms
22ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464676

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 18C1 52 KB
17 KB 73ms
22ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56616
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 745221
X-Served-By: cache-lga21926-LGA, cache-hhn4029-HHN
X-Timer: S1655237468.873020,VS0,VE0

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 2E0C 52 KB
17 KB 72ms
22ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56615
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 733407
X-Served-By: cache-lga21926-LGA, cache-hhn4023-HHN
X-Timer: S1655237468.874759,VS0,VE0

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 73EF 926 B
1 KB 120ms
51ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5259
CF-Cache-Status: HIT
CF-RAY: 71b5b69e5b725c56-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:07 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:07 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H2 204 /
onetag-sys.com/usync/ Frame F4CB 0
0 24ms
22ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464744

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5D4A 17 KB
6 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_248.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:07 GMT

GET
H2 204 /
onetag-sys.com/usync/ Frame 2606 0
0 23ms
23ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464730

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 3F81 52 KB
17 KB 22ms
22ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56616
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 731220
X-Served-By: cache-lga21926-LGA, cache-hhn4068-HHN
X-Timer: S1655237468.053662,VS0,VE0

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 1547 926 B
1 KB 33ms
33ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5260
CF-Cache-Status: HIT
CF-RAY: 71b5b69f5d3e5c56-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:08 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame C354 52 KB
17 KB 22ms
22ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56616
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 733410
X-Served-By: cache-lga21926-LGA, cache-hhn4023-HHN
X-Timer: S1655237468.056029,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 2BDD 0
0 23ms
23ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464826

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 3FCE 926 B
1 KB 32ms
31ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5260
CF-Cache-Status: HIT
CF-RAY: 71b5b69f68e56904-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:08 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 7727 52 KB
17 KB 24ms
24ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56616
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 745224
X-Served-By: cache-lga21926-LGA, cache-hhn4029-HHN
X-Timer: S1655237468.072667,VS0,VE0

GET
H2 204 /
onetag-sys.com/usync/ Frame 0882 0
0 23ms
23ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464679

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 3C1B 926 B
1 KB 30ms
30ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5260
CF-Cache-Status: HIT
CF-RAY: 71b5b69f7c529b3d-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:08 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H3 200 skyblue.png_1650378740125_skyblue.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/ Frame 5D4A 6 KB
6 KB 21ms
21ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5c1f92367fde122afbc/original/skyblue.png_1650378740125_skyblue.png

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f1904a820a1f4b161f319ff251a5b500ea177e6aaf15811e5ba06e4683083f20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 12:07:00 GMT
x-content-type-options: nosniff
age: 461048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5953
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 12:07:00 GMT

GET
H3 200 couplespec_684_10_1.70.jpeg_1652778014080_couplespec_684_10_1.70.jpeg
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627e3f24e6611234f467d6b6/original/ Frame 5D4A 26 KB
26 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/627e3f24e6611234f467d6b6/original/couplespec_684_10_1.70.jpeg_1652778014080_couplespec_684_10_1.70.jpeg

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1929f20d244b5cfc9eac98d0c6eeea590cb2327cd1876dac627291dcaec56d03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 08:01:39 GMT
x-content-type-options: nosniff
age: 302969
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26768
x-xss-protection: 0
last-modified: Tue, 17 May 2022 09:00:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 08:01:39 GMT

GET
H3 200 vector.png_1650378740125_vector.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/ Frame 5D4A 8 KB
8 KB 24ms
23ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d585f92367126822adf8/original/vector.png_1650378740125_vector.png

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

585aabd899edffe4cffa8c055e5b0ce9394022a443ddce7aaa29eb84a3d8a198

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 12:06:59 GMT
x-content-type-options: nosniff
age: 461049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7717
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 12:06:59 GMT

GET
H3 200 gradient.png_1650378740125_gradient.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/ Frame 5D4A 59 KB
59 KB 24ms
23ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6193d5a2f92367011222aeb0/original/gradient.png_1650378740125_gradient.png

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

034ae21739010d774ace7bbcaaf86ab1bf8c1f7af87eddb952a15345d4115154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Thu, 09 Jun 2022 12:06:59 GMT
x-content-type-options: nosniff
age: 461049
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60591
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 09 Jun 2023 12:06:59 GMT

GET
H3 200 blank.png_1650378740125_blank.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/ Frame 5D4A 91 B
120 B 23ms
23ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v3/partners/6048f7a4c18e4a000660a2ca/assets/singleFiles/6113a5288a7ab49328617a1f/original/blank.png_1650378740125_blank.png

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 08:00:02 GMT
x-content-type-options: nosniff
age: 303066
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 08:00:02 GMT

GET
H3 200 icon1.png_1650378740125_icon1.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 5D4A 7 KB
7 KB 25ms
24ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/icon1.png_1650378740125_icon1.png

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 303064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7071
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:26 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 08:00:04 GMT

GET
H3 200 icon2.png_1650378740125_icon2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 5D4A 6 KB
6 KB 26ms
24ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 303064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5901
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 08:00:04 GMT

GET
H3 200 icon3.png_1650378740125_icon3.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 5D4A 6 KB
6 KB 25ms
24ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 303064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6126
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:21 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 08:00:04 GMT

GET
H3 200 logo.png_1650378740125_logo.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 5D4A 3 KB
3 KB 26ms
25ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 303064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3423
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 08:00:04 GMT

GET
H3 200 logo2.png_1650378740125_logo2.png
s0.2mdn.net/dynamic/2/10951441/cdn.ad-lib.io/v2/partners/6048f7a4c18e4a000660a2ca/assets/concepts/6140774920f9cf1c3253f6d9/templates/616ea121d029b4639aea044d/content/ Frame 5D4A 2 KB
2 KB 26ms
25ms Image
image/png 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/index.html?e=69&leftOffset=0&topOffset=0&c=r3q9Tsmjfu&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Sat, 11 Jun 2022 08:00:04 GMT
x-content-type-options: nosniff
age: 303064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1701
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 14:32:25 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 11 Jun 2023 08:00:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220613/r20110914/elements/html/ Frame 09CC 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220613/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N1395.150740DOUBLEVERIFY/B9689862.280630144;dc_ver=89.262;sz=728x90;u_sd=1;dc_adk=1832254322;ord=wktmsf;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=2,https%3A%2F%2Ffornoob.com$2,https%3A%2F%2Ffornoob.com%2F$0;xdt=1;crlt=ZUmIU840kH;stc=1;chaa=1;sttr=498;prcl=s

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:09:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 84
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:09:44 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 09CC 0
26 B 55ms
54ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstNZFTt4ie9RVyx67qKyH7R19hHbTqETVu1OcA40kkOBUQIaPJMyS9_Q2xr34GpWMWpGHHZgngPX-7esGtHHwWoAx9d090pouf-KiIjcGzJfLf1kWaHjq_ISEfbN1u68eXeOPB9vWnmxcoUCJo&sig=Cg0ArKJSzMQbPsyaAx0xEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220613.78307&adurl=

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 09CC 41 KB
15 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376184
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H2 200 TD91cA6__77A9t0jpd5Rxq2ISgF8v7FGQ9lPZPo5XCLy20VchjQxbVgZQ-u_FnJyu6bZsvPOltNZ_1A0QNP4xlwKLo56ta1q5UvlaYyCdyzvmM5NsBFnpNl4-Q=w728-h90-n
s2.2mdn.net/proxy/ Frame 09CC 48 KB
48 KB 67ms
23ms Image
image/jpeg 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s2.2mdn.net/proxy/TD91cA6__77A9t0jpd5Rxq2ISgF8v7FGQ9lPZPo5XCLy20VchjQxbVgZQ-u_FnJyu6bZsvPOltNZ_1A0QNP4xlwKLo56ta1q5UvlaYyCdyzvmM5NsBFnpNl4-Q=w728-h90-n

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

33a226c90433689506d7c0fc340ff3d0ac6e87aeb19159b59151e220d733ca37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 16:58:32 GMT
x-content-type-options: nosniff
server: fife
age: 11556
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49273
x-xss-protection: 0
expires: Wed, 15 Jun 2022 16:58:32 GMT

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame FD70 52 KB
17 KB 22ms
22ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56616
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 745227
X-Served-By: cache-lga21926-LGA, cache-hhn4029-HHN
X-Timer: S1655237468.204683,VS0,VE0

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame E691 926 B
1 KB 29ms
29ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5260
CF-Cache-Status: HIT
CF-RAY: 71b5b6a04e109b3d-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:08 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H2 204 /
onetag-sys.com/usync/ Frame E41E 0
0 23ms
23ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464740

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame EB9F 87 KB
28 KB 179ms
102ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame E6F0 87 KB
28 KB 86ms
41ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C2F8 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?vZLwVQ
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3086 1 KB
749 B 20ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51444
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 09CC 137 KB
42 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43182
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1655121705858007"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F93D 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-nYiSw
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 4D74 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?kKIFiA
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 087D 35 KB
13 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 19E8 87 KB
28 KB 41ms
41ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame A60E 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uctsTw
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 9F91 87 KB
28 KB 41ms
40ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3552 87 KB
28 KB 48ms
48ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 52C7 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?7Zn20w
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 06DD 87 KB
28 KB 55ms
55ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 46C2 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?w-__LQ
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 3D0E 87 KB
28 KB 56ms
56ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame 5125 87 KB
28 KB 60ms
60ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A7B9 0
745 B 48ms
47ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 1da71a8b-acee-491c-9515-b96a4ec600f3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ Frame C7AA 87 KB
28 KB 53ms
52ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.prebid.js

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
content-encoding: gzip
last-modified: Tue, 03 May 2022 11:21:00 GMT
server: nginx
etag: W/"6271101c-15b58"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 Jun 2022 20:11:08 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 18C1 0
745 B 24ms
24ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: ec5a2fe9-e38b-4127-820f-36541f1d2bdc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2E0C 0
745 B 22ms
21ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a1df2487-2912-450b-b5cb-dd74141aa7fd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 89F0 0
745 B 23ms
23ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 98ab377e-59f9-4c80-9e47-cbe65ed1992d
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EAED 0
10 B 20ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HgQJJg
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8770 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c7NvyQ
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 819D 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 09CC 0
26 B 55ms
55ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A2B1 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss6HOAU325ESMDXrMMC16HeJwlNDnzxv672OSexaQa4eGLFGelucJ77IBeQsMwb5MW37vHz265Yw_NZMmc79AvLF0I3LJgva3NhUMlePN1mgUCemH_zxVqmldAE&sai=AMfl-YTFBDJbkioencHN6RkZ6aKlawTVjPlt_1ru2YNDy7dVN1wsLX7HHXTUNDg34CTaO_-DvaWlGeBs2qCGIC6bB_yXNs27o7U0Lt-AQH682P_BkMdLJtABjlB-OSA&sig=Cg0ArKJSzLUrjj9xCoIhEAE&cid=CAASJORoTF02ByEea8FZP93bPTCLovps52HlWr5qw-DQP4aL8dZOEA&id=lidar2&mcvt=1220&p=851,978,1101,1278&mtos=1220,1220,1220,1220,1220&tos=1220,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1875046216&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655237465853&rpt=827&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2DD9 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?HRiCLg
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3F81 0
745 B 34ms
34ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 5929e3c8-08f4-41fd-b738-43fbc29b0cd5
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C354 0
745 B 50ms
49ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 69b85f36-f21b-47f6-874b-12d00bf11c43
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7727 0
745 B 44ms
44ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3b39573e-58c7-4ab4-b675-feb9cb10bca1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C7AD 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssnZt6DKQcVtTLetsUL37Tz-tJ6VToOAXy-w5QILqcsl6MAK0n3qYhpDjaK5wDt4AuGtrh9582lnWNDbK4mvPNSFE8Ne7nJxbbO_IJhJ7DfdjZA76zt1TLIBZtZ&sai=AMfl-YQbCWxnt1ATZvarVeA9b_lneeS8pcaFhTTkK-jUyOhmvPemQv3zijUfzaUQqcER4bJDavL3fpEpEjAfRltVL4--XBtD1b9XZtvE7iTBAoo2ORqQqga17VEn1d8&sig=Cg0ArKJSzEQrYIbKd7_8EAE&cid=CAASJORohF1dtUeWOHlLc6e6G9m3ZrOvQDCj0G8ygz9LTqxRxjupNQ&id=lidar2&mcvt=1233&p=851,292,1101,592&mtos=1233,1233,1233,1233,1233&tos=1233,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2919325261&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655237465875&rpt=843&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame B9AF 106 KB
37 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
Origin: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:58:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7934
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 17:58:54 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/ Frame B9AF 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A9pOtb5jvnBQeNmeRbDQPqn7AzomxmkXgya6vHnTwm4P2ptOJunOkrGd9hyuJowdOTp8Y789XiUl4bkdoKbpLEVJuIeMl2ArohAAaHT77XFbY_3Wz_gg34YREf2221U4HuGFYHM3tb9FlVU41LgBbZzfsbZg&dbm_d=AKAmf-ANH28VxnSv-CjbTICUIF0ipJAs7JaHEGXcnPafZi_MKYtlyB3W15sem4LUohD7pUwKNnzcVjunbePzYoWdPABgjZXTIbaQxh_HnZ_a7BXd8B4u96Qo7PnybdnTOZvGPxUYHB5GIwsloFSPEhZu49HY5racOeW7FTTRTVc_w77rQvO9VJRSakh41yKhphs3lnaLPTMm4uv5Vcs3IdtnFYtFlGil-TppFMxoXC017H1veLhBa7dsqCFDXkGWfy7VTGeWOBlAzHOXVWDhUInKutycR7-Y0rKzsBCxm3X77rLr1d4sPTMGSEp0s9TcPh5nCz0MEEBminpMeHM-TDl8GmfgM2XcPA208dqYaWxL8OQVPbTtRr-bsoXmkOgSF0KaMtR8tjDkLa9edWZG_IluTg-N-qnQvZyBAfKAURWTK4nouq3G4mh0Tv2CGFGx-HF9MykUDxdr27HcZr3bBjK_k5o1Hvvw9ZZsKGJ2PVmPKxx1lOl5X9MEnIfHwyUghdEzhr1B1UPtN8wX6dR0HLFP2C5oF7R71rLVLWDN6_-9okaEPMAfOI4z4rnpjH8OkpYnKB3rfiXcWI9kirEn0a8zLPzT6yj9399wbpoQ9pR0rwkG4ngl7Igi7vDPpdSaGAo2JdeK9m20xCbPTANYjIpm7i8CQ5Q0uj2n3HB8peVFP_tL0aUhuT5ORd__7u68WvmmHbBzOSiLBelu9Jbh5qbgzoxXAgbql8OAW0hfUVxktazJsv5frbqHzjSomUJcW9alBbg-D7_XOgbBINEjdwMtWe1yh7yTv3FpIZi0hUbwl453tR759L0qDX9dtfLqJ1YfWeikA47G7e7SHY4qmm9e33MWCxAxr-X9Z9raxwQx-z36tVyjUNIjvvXAdR-y3QD7kUTTNmlpO00aUJ_dAsw8nBgsGZTa-n85M1ZEEDHlTZpS_jQq8ozIpH-M5MPBaI0WtqpodEOnKHJNfoKrKnZyJeFYzOtdY3ej1HQMXUy3UpWZ6WYQcKzimYlyaUwLOV2kWF25FsIjzozeBeIOgAk1iG40BrTSMTgAE5cneUm1qH-53zvhUj1zJGIeNwdks_w8W6_kia4xuiiqV28lEsOMrH3hP1evyPsCkv_EgEOJet_jdNAwL589x6iqo_kHbh-oL8er8YwDksfnS1NYupzTmAIONU4Tj-jbqWAwM3vKi4D1UXfh4QbZv32I3Z1P2wCoJ6-P7g1Z_7X9ZqydN0FhTQatT--2144R1Rjq59l3KyDip6T58jqvcK9DP3i8J0LxJGwf8kpvaOzApi9o30_lRFUrTQ8baL-Mp-0CMDfsUQK4CCfAPOZTd8Z88l9Axpupps7Nt2hgugh6RsWsyn5wGQCtxseRzQGNgOAi0AOncOz6HKBz8YRPG55O7iesRucFvwl088ZUaHwKjdKYr2VW34ZXDAc7b2ATHpvaAqe5Mee1dDpSsOQmphXphABHR7ItsO-uqWCAFMwgM5QtnKHfKDDE0wJG2cq_rx79HGyd1c7LMAM4TFXuExmwPi4aIA3KHRZ9x-9Pq2zMt-pdcbjZDrHB0rDdwixhlSwAHpMuV7upuAMinVT7F-MXK-MyInbU9p823Ay7OR-9jSqCBVbApFlt1lousTV2bmeFUrxaZWAq-3uwBPCuZy-HsN2Y_rOkH9mJJNjIc02rabQyxS_3-QhYGnXSUAuWBmEjWMbLzKgtzTGJJjBjE3YwAQjMnJ4mK4V5kageMhVPMAWqNbJDTIn6rLhyIA9JJVAHQY-TAY1OT6K7D5Cl0kw4EIDEtPkEYVk4jkhS6Fz2Vk6vnMY3IieHr-Jpz6GXe6Q6zRNhPrd8T_eR5xXF5NayU4X5KdEFE4LkRYzxbBD-uEtrVf8pTLLnbeSB5pl4AecOIl-5Cq93GlXvsOXNMzECJt3MXQ9P55M_VjCIBrcav1rjAtyQCU-zMj-1nGquRP1JMYbpdUab9tBuHFi5naNJ07Go-S7E-X5unBI-CFoKCjXJ0C1XJ_HmkPNgOZlOGA3bfwZst-i9E-HWQ8HB00MnyKDDB8d8zSId07L2U9cV0vxBzgfNsrDjA0i4AGvLq28swp1WOGlXKb6YYGOZvBsHB-JtbsY01x-wbXr_f2pd97UcYOQcl3Z_FNDtvmNi_kSWVmGgH44ZXOkt5Lm2ZdzhrrYKl234VeDQhHY-fdSeLUiZvAzJ7WCvXRSAbqkD6OD-4T8qXvsSptg5iuxFONeKzKFz52wrpc50soEeWXToKZPmnFhXtKJDpnlelAOG3vHw5zW8k1utyYkCxlWIX1JKRzBWiKE1rejn_itid49OnCZ2Y4YNid8TkF-uvTb3a8A-0sNEqJ7fcDSA-Iz35h9IuVAEaYkswQ34Mhqbpr6PB636IwkSJET4OZRQUic-qRz0aQW6Qd5X3Zy2s93YMbLYyc3XHFJOJpdIqweiyQ_kHCTZiRYK19p7-BJ6YE0NfUhb3yAVE_4tfHjLaLCKsSPoNiLltFO2m1MxOHsJ66N6tvmdQXwNAkVw6yrt5pBxA_fqlFjGGphsULkyqp9T3U4db5s1Hifs4wG4jgHtyMbpv7dl8EiwktFCZFXA__wML0F5ddQjQLseoJrIHMe3fK2mXAl09LL-i_lyVwwahe41jDX3I3nUo_6qHCOQige3pyI8gjcpAC8HfRCtcm22k8SYu-pWjVTp4UouRLz2M0Xfq9NRhXPSfyOS4kVwviNA_X3Y4TZNP9XeaLuKhICcolYZaoS6ZaxDFlfp1bEamdfXMGQPUv51R_TKxEhcuMj7X5VBUxwlk0PjUdCuTD3ma905DjtSmG30VazqCz1UeCbhkhOwi9aELo_9ifiHXCnk4LeMlf1K5dfcSBcM1jpTNPopce0pgYAAhzypNI9CZYDIu4769RWRK9eASOKl_LdWvSJdytonDZrr2lT95vLrFPsHo39JZX8JlZJkra87uDIWwAHRD49clkISUFJUAQOlka3QIc_qv32JyZQpYfjM-PZPE0uyeLi5qLJ58h2vlOzNYM8sk7VnwGn7lBVZkTciwF4erBehUeBCbIQ_49GWNHfIszbA7G72EmQQL0FCgueWt-WVBvAjfSpZ3AB1wlUcJJFvMh7M56VqXydOIf0PVW7-u9d2zkl_-qq3bXCS-T9NksShb7ZV0M0MKFn8t2YZH8XWbq57GUqSRa6Triez_putzLmHUS0DRGjcT7V_cUHhfyI9Q4UtnhBHTqLYLyBntpt0rI33uyiYc1EgGFDEfxFz6IDwGVkdTXcP0IfpKoG4zX1jpb9I48grFZgp_aXxJkNN1xIr_7qE9x0SgZRPAYJh_LnvfbH0PMuQ6h9qgoCyuWXEWCF1WGer2237M3neiwA1FiW85E3Pr53AcDM&cid=CAASJORokT6t-Op56SFy5O1DOOgAQ49FhXtarhYqhWkEMAL5ljRO7g&rfl=3%2Chttps%253A%252F%252Ffornoob.com%242%2C%2Chttps%253A%252F%252Ffornoob.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:10:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:10:14 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/ Frame B9AF 27 KB
10 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220609/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:07:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 190
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10548
x-xss-protection: 0
server: cafe
etag: 12800787445863738695
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 28 Jun 2022 20:07:58 GMT

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame 4FD7 926 B
1 KB 34ms
34ms Document
text/html 104.17.119.107
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Age: 5260
CF-Cache-Status: HIT
CF-RAY: 71b5b6a40cec9b3d-FRA
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Expires: Tue, 14 Jun 2022 21:11:08 GMT
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
x-amz-id-2: D8bCfiUfQmFaOPGY9GG00VqkPR8LyxoPPUMDv8kTzcs2w4+RBsqydpo2MRUbL19ONaisLRL7BCw=
x-amz-request-id: AGCHCGNC05GTWZVJ

GET
H2 204 /
onetag-sys.com/usync/ Frame D2E3 0
0 23ms
23ms Document
text/plain 51.75.86.98
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1655237464733

Requested by

Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.75.86.98 , France, ASN16276 (OVH, FR),

Reverse DNS

ip98.ip-51-75-86.eu

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame B941 52 KB
17 KB 22ms
22ms Document
text/html 151.101.65.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: stpd.cloud
URL: https://stpd.cloud/assets/postbid/stpd220112.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Age: 56617
Cache-Control: max-age=86402
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 17053
Content-Type: text/html
Date: Tue, 14 Jun 2022 20:11:08 GMT
ETag: W/"623de86a-cf34"
Expires: Mon, 13 Jun 2022 04:27:29 GMT
Last-Modified: Fri, 25 Mar 2022 16:06:02 GMT
Server: nginx/1.18.0 (Ubuntu)
Vary: Accept-Encoding
Via: 1.1 varnish, 1.1 varnish
X-Cache: HIT, HIT
X-Cache-Hits: 1, 745234
X-Served-By: cache-lga21926-LGA, cache-hhn4029-HHN
X-Timer: S1655237469.804725,VS0,VE0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FD70 0
745 B 35ms
35ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dc7ff8c3-43d6-4af4-9a9b-351fd6fcdf39
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 63D4 42 B
64 B 59ms
59ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssooiUMnsQTD82Devt3tqpCyYcZcwWGW-zhTJBrZbcek5OiaL8GkaDcSzfhEIZsOwUnzW4I2W1ZQo8T2POQfDYX-_-Nrkinwiwl9GKQfPE7HmwZg2651u77kHVB3rbpuL9YDkI&sai=AMfl-YShPFb2tUAX0e5rxoQTuO0EFBbtvQ4onD6AlKndiQxxMK01p9oNVEPID11dcdam595EfahmR8Tq7LngNtaLpVO1PY7O9yuSe0GMIfgFu19hGKv52_4NpBoxDDo&sig=Cg0ArKJSzPlCzKR3VG9HEAE&cid=CAASJORoEinwB4-tD3Bn8QBHONCb4ljqpmTQiywZBEFlhxgTcUEfMQ&id=lidar2&mcvt=1133&p=195,1220,795,1520&mtos=1133,1133,1133,1133,1133&tos=1133,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3509142760&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655237465914&rpt=820&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 9928 0
17 B 97ms
53ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l4elnf2u&c=4281417526683&slotId=2140708763341.5&qqid=CKq4nongrfgCFVaXdwodKOIB7g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=945&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame AB93 0
17 B 96ms
53ms Ping
image/gif 2001:4860:4802:32::3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~l4elnf1y&c=6907604607019&slotId=3453802303509.5&qqid=CKj2mIngrfgCFUX9uwgd8YALHg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=945&mt=video%2Fmp4&vs=640x360&ulv=1&cll=0&vast_v=2.0&vmfc=12&vhc=0&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=344&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20220525_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::3 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6E0C 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376184
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 3086 0
104 B 162ms
57ms Image
text/plain 2a02:fa8:8806:12::1370
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOfuKRT_RqMw4TWJ8J1P4nQ&google_cver=1&google_push=ARnp8GBjDh5HlXVUB0IWFQWnCjc_uz9ez00QWbY4NBT0yPFtxWcGfFD94riKLCGRB0W3IE9n325Wuj5Qr88OqsBvln8b5fI7gSI
Requested by: Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3086
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GCkZD0zWEijzN-82y0n9fzYFchjo3Vs10c1u7i0OY7...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GCkZD0zWEijzN-82y0n9fzYFchjo3Vs10c1u7i0OY7taBflObHSswtK8nTEdQ3M4whjpm5mpN98EbCCcodJ7zeGzp0Uhpo

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:08 GMT
Server: PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-03a22fdbefd04bb5e@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=aHBkZlhSTGcxTzFjU3U1&google_gid=CAESEJs9bfmwnEDKzPOTA0qSPRI&google_cver=1&google_push=ARnp8GCkZD0zWEijzN-82y0n9fzYFchjo3Vs10c1u7i0OY7taBflObHSswtK8nTEdQ3M4whjpm5mpN98EbCCcodJ7zeGzp0Uhpo
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3086
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEHpzzclNJjwDTpXwl08PNWk&google_cver=1&google_push=ARnp8GApHXpL-L-uw5uiB96HQSEPR1NeZg-K_V_AcxkzgEbNHWzdoWhZPj8y1O7pKL5IlKu0NgUMmX97PyBXWUxr7-3FjNTGxw
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GApHXpL-L-uw5uiB96HQSEPR1NeZg-K_V_AcxkzgEbNHWzdoWhZPj8y1O7pKL5IlKu0NgUMmX97PyBXWUx...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GApHXpL-L-uw5uiB96HQSEPR1NeZg-K_V_AcxkzgEbNHWzdoWhZPj8y1O7pKL5IlKu0NgUMmX97PyBXWUxr7-3FjNTGxw

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: nginx
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=E4FD088B119F4C689B729D2B4229549D&google_push=ARnp8GApHXpL-L-uw5uiB96HQSEPR1NeZg-K_V_AcxkzgEbNHWzdoWhZPj8y1O7pKL5IlKu0NgUMmX97PyBXWUxr7-3FjNTGxw
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Mon, 13 Jun 2022 20:11:09 GMT

GET
H3 200 dds
rtb.openx.net/sync/ Frame 3086 43 B
64 B 62ms
37ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEPsx9CeaHrPwoymZqGsb9Ng&google_cver=1&google_push=ARnp8GB1HERzTazwhRXO_CSBg5q6Si3L2ZlwzpYD067WDaR34INrnAmhXBCDEIbTk49YiyQF4f-Yl4jeSTuo3-fAP2GcQ4JLTQ
Requested by: Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: emlnl5cv15765eo87lq2njvm4uih6pag

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 3086 0
166 B 709ms
26ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEDZUi2oY1ibeLfyvh81nNfc&google_cver=1&google_push=ARnp8GB58rWFHMfeVG8LqvaJNL-3wwQpVmuHXMhl8I7tJSpWSDUYgQOt3sal_BXCAry-2bhMeiIr0SPn3xfJPGt2ezlUkPgv8yM
Requested by: Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:08 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK sync
dsp.adkernel.com/ Frame 3086 42 B
233 B 103ms
102ms Image
image/gif 174.137.133.49
WEBAIR-INTERNET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsp.adkernel.com/sync?exchange=11&google_gid=CAESEAC9TKuIuyaiyR_xr74fV_4&google_cver=1&google_push=ARnp8GD2iz40XFi7rz87Y-tv_9JMYBSh5ODk0LuI_Eg68_m-RDT-p5gC9Y5QovfwSsByiOW55aOhkUtLmkrBHjTnxSo8SGIm2WM
Requested by: Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 174.137.133.49 , United States, ASN27257 (WEBAIR-INTERNET, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
Server: nginx
Age: 0
Content-Type: image/gif
Cache-Control: no-store
Connection: keep-alive
Content-Length: 42

GET
H3 200 dot.gif
s0.2mdn.net/ Frame 3086 43 B
72 B 28ms
28ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEDgHwde1lG10uBLox80hL2w&google_cver=1&google_push=ARnp8GCOanBfWKH0ts7rVr5v2v3EA_j1WrFo9GeJSTxn7C5_SgWepYVpv_cjD-eKInGAnnoW1knlupvaSk6PC6UiEIpU5j2lowzD

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 20:11:09 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3086 0
12 B 29ms
28ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JFw8ByTp0u7MTs_fTooWqNKnKu_h8OnW1C2yuNZoXLMN4Ba0PuIY-1Emyjj69E1plACK7cCA

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2732 0
21 B 56ms
56ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bn8WCWuuoYrGWDsjb3wOs1Lf4DQAAAAA4AeAEAg&bg=!W1ilWBzNAAaJfvByqX47ACkAdvg8WkvMMRizp9opPLaa_Ch03ADvm00kckLvtvyAlwE7_FzSrI5QYQIAAAWHUgAAAAFoAQeZAwaU2SO8sBbPtRp5-fITB7ps4ffLeoDi2N8M7WlyF7497GCNhE-COgBPk48qTOQIhLzMwcuoQJNlDb3jCAzA1cYnmSYe7tcSF9erPOh5MJXYQwr0SrArhrtIeSGgRp3ChnoxTBrZMl0RRlCTS8K28w3CxEtSIOlmvYgRX1nm92VjSr2gNhW5LaQZruCAAxcUnyuOxAe8MpOzyoCygSFLl6HbBDf1ir-kZTyUhWa3WiKNDrswT39XskLfkE5XbzWqyFV3b1Y2HWAGdaRAvc7qN7Zc-d5_AEc1FeJAx2oSn-PY_MgGDGzTfcQ3e0ZzAme7iY5KkA04dfQkxEB5B9FpJ93qquwSAvaQIW3oC6Qh_0BrnMPBs3IYmh8urWQfYg7QYhq5LoAF21SIpCLdUSK_0mXVXlbYbWc3MOWDsqeeND8_MH1sh63u4fFQw-I70EIRJfS-SrxvhZ5eld0JxKRSXh0ytooiVGHChtzRls74Dx_kxo36yGDEofZDGcpADLHzcdF7KjqdIkn7QLti0OtOEVAxl7ldvRaqE6cAA7SqYs6zFpdB2ILDsWHLAPpxXY56__pbIypXXgScMFiTbs7zyKvCOee1xcdWiw645JNtThrYVUNyIt1mPouqMoPBxAKHw_JhdRkcGpju6Wt-m4oz1KIzRq1dBOpBVcEz475-gRnm2ESpw_QYY4j-1n2I20yWBszB8TDMLXHl9e3VwUCBLxu9XUxk5SstsqJEWYlVdDr2NOp21PjcuX6KTGOFwf7dLZRjeKngadYBZljoCd3cQNhnuZnCNgQA3lhi6J1bJY2jjylIcfeliQ0fx07AUmbZ3ykb9Rk6McuRARpk9aYqFEqx4xz8LgbMdJJygLF_8XDlUE04okGw23kKfAVQvHPYAEyGYolS3k2kX6nEZsALMIGUfIT5lTpIcB57I7L8dXrQHOlfkXkeCicZL2X_rnPmzPHA1at6-q_lGpaY2QWpjVq1V8izZ4TQiqOLIa8UUF-R0xNtTgs3ShygSN8ktau42pC2fGF3Uwo

Requested by

Host: 22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
URL: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B941 0
745 B 35ms
34ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 9dc38799-4814-472b-bab1-23330418a975
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/2733685237513348699/ Frame E13B 112 KB
28 KB 21ms
21ms Document
text/html 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/2733685237513348699/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fdb10a74b844e762844aa7935be62c27458dc3de7909d109e722dcf5d8e25ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 537328
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 28156
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 08 Jun 2022 14:55:41 GMT
expires: Thu, 08 Jun 2023 14:55:41 GMT
last-modified: Fri, 20 Aug 2021 16:35:43 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9AF 0
27 B 66ms
66ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdxeq2CSXUmYGng3-eCZ_ouy7CyXll6KVz4_K1r3AnvOXexFTohrZbERJb_ZEbbn6fqsd98k_rsZpic140U19zk6-WdjlDouogWb7S-jFxdXzvx2DgGpjPyqWJVLKdAY2f-BJBpuKZ3F866rrJTs7rh-tvgibFJ_ehLcIAcAmMWt5RmBdPjMtEMrCJZGLAWwlRLM7bCegtlweTH9wvCZ6ar7XVvNeNilQjXn-jIwLnI6Aih-y1X0AUd1pVviTuRCfAjoNDcquYoAmPhiQrzvsYJcmrDSEc59Do8MyMsv6hiPsfiJrA-osauo8NTRfv27FoBmgmxM0XjnzuzKvwTNd5QQslYUX7HsgFPr0KfKWTHvPrBqCjVCJ9r7fI3oO9_eWjzg8ar6_L9oku1gShJ2p1jfhitV2qrLTP-ZRQyxhkmts_QuGZTcKq7h2smsEqcPXmk5ZkhS82oKa2e6adbMOUVIuim5DVNw_ERm5w4YN7IIDefnjqpKc5wUmcgNKSV2zi90wv1_RXVBDRFqABwrGNElBGs7ZNLw83darea0G9G6l2nPTES_CuxxnID9Djhx7jhIbbFH8qX3WEtS_BDJNFRfNf9NBtRVLvLBOlwBHZ2vYxdn3n_4mXmCSMOcrHu2gsnyROiyLAYTzdlhAkvdlGXVVT7sXz5CX2E183R5o8DBe1A6NvVEOJ10csdLsU0CKE5DktsyupUcf6qw9H3SNfACQizHiSdhj3IG3OBMM5QQg0V6YnS6Lb8Kr7ffS-uhppx1es9YbikPrmFkfB0lj2FnBCQW2OoKyoctnbCNblChosz7gs9mm3voLw8fo-HgWeZYQ_lBiX9tpMmOU1m1-Nzq2aZrlqUET828dFdpHxQCSzcLyKnUttKZ-U9zvOnAObCj5vJnldqfe1ueUKKHR5uONbu57fsJ5dYU3A9J9hl32Hxwfv6u5Mx01z4bSMLAveuf5waWfPqwelWTCxPySomc48sOLtmm8Ja7LBDtuSxsb_Exd_2RkKgqCztzshmifefO6v3phJQjzcfKsr-ynypn7C560qj4ZPe_pJjnySona3lvJlMdAKOgiimAVTZzCtJQrPB6GNc3qVyDwJM_NjsprT2bkcEOFtqE0jWd9eP0ChnLWV2JLtbu0PxNRxw7bNR9X_5GKhJaAv1R11oPkpDfek15fZzVU9eVuchL5hvMgz045Ypl4wcWjgTiP3qbxpKJ3zchgmmDebiq7WJipMxBzijmW2bEye7GmpOA720eR_l2JVMRvxmIqPkIYVaJg21ejIohKxzW3c9OBsrkHRO1BN&sai=AMfl-YR66fruD4clAJHhZu1wVDFCP5SyMu9JHdxQOg6-2q6RjhNJWdtlFlvhxzBQUoNjw5M_gMx6zymkIO0maxSRMfdAqiqDUI3HYcVgUkKpv163SkFbp7njQg54YUD8qOuTdjLaGT3b7Og7_vbeSv66Y0uaVVeFPZxdMVfTpqFoQ8XRgjtZdcSGwF0HZeRqdyLzD3zuOSkPdxvHEPZOICY5NA&sig=Cg0ArKJSzN5KAluwAncGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=325&cbvp=1&cstd=321&cisv=r20220609.33483&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Tue, 14 Jun 2022 20:11:09 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 09CC 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6ff8f674709a0523dec281d5c9f3310358c06d1bf330a8217702fc60bd22fbca

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B9AF 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Fri, 10 Jun 2022 11:41:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 376185
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Jun 2023 11:41:24 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 3BDC 1 KB
751 B 20ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 51445
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 05:53:44 GMT
etag: 48472445140208031
expires: Wed, 15 Jun 2022 05:53:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 DcmEnabler_01_246.js Show response
s0.2mdn.net/879366/ Frame E13B 28 KB
10 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/DcmEnabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/2733685237513348699/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2733685237513348699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 16:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 12778
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10121
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 15 Jun 2022 16:38:11 GMT

GET
DATA 200
OK truncated
/ Frame B9AF 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 431d06070783a97a08243629338bb933db505f90dfcedd9db932f4f5dbec2284

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame C7AA 0
208 B 21ms
20ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:09 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AD01 0
21 B 56ms
56ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BltGZWuuoYu6sHYSlrASV65_QBwAAAAA4AeAEAg&bg=!ERKlElbNAAbASn8N4Eo7ACkAdvg8WtlEnk_Wem0oH-YscLX9AV_-TjQVU2oXpJJlJq7AQKNhd16hfwIAAAVHUgAAAARoAQeZAxf5bMB0FIbsrNwhhWSp7SDSUeS4zmKY-RMnzCHgu7cSa0TNnbrVEtEyjL9bR1UY6MdXON3vJnEa0P-NX2MPMcuvQ2A83dx2FNSx8Fr2Mf76AMIx_lNQdpMd5oSeW8UbvdPxmP7KOZDuQxMikP5WGWOp4vpBDCK0cjmoz6zvr2mqCcC9KR0d3iFnT5LzHZpUDThOyMttoKCc5LJ08l04ZjLmULi5qFkDn0-WPNyDcz-SDbNEebM2F6rDyoWqO9Hkkd2I7VkU9E5O8tReJkb2OjCyW73hpCjhyAz-ptLdS1-R69UCKm58e7VL4g-mC0-LeZ2_G69xJqK2Lgja0Ti---O0t5y1OcYkEhwrZzM341R-p-EYlQ-oNOTH3rvjPz7X37Nw4ZkqjN4l8LuU24jyw5QcuerCT0Wv0mTeiNwob4ysQyZtkn6WqmaT40yszpVRibogAv-Qb90V4aSxRpxG38WtPehWvx92ANKXQbjqokyvL6t5U-uqm_1Q1nvHP2vTy29YM0-dEw9oS-K3mF-I539BTO4JeSdLrw7nmReit6dWfWncx9A5jrEDcN54Um0ot5IE2pkeguhxtwQ8rdquQeqWR5nOkLlA0d-jVLIZNvV4UlaKs-BbVF81m8lJMAKxSJXbBUlyjFzLkbm4gYfegH0Pdog0HpicfBmk-sJtZxRyzV0wlDJrEhLJ4jySoG3iDL5-keF9L6nVfZhyeuT8tqODiJnjTg88xTaLuXCAX0O13bFMdUxqsPPEsH-CQ3w8MYrPggXl3jP3qJFEcrBPP_i3KNYvJf6V8Kwaw4l6EeDQc3hdEpXxvwWg3L27jppWVo_UyqmBmI1guRxFqNs5POX1HL0Bx_7FFUNBd5J7rCn30BfXMGnS_rb85XzoN6VzRpH6pxZx-ezXZRIe5X3qQm3JFBZ9wlwkRlVNnnZn3EIeZd09PTb5qWrsbDxSemwccDBRs2hgkYSAo--_yzwOTEhHLC9X_4y6P7iho01PlsKWWqOJJkfIyztJYas3CSKQSLP4Y81w_kEdqXGIkxBUujQncy0YM7noiA

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 81B7 0
21 B 56ms
56ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BQXVOWuuoYoy0HYLQ3gPStoyoBQAAAAA4AeAEAg&bg=!IyClIGTNAAbASn8N4Eo7ACkAdvg8Wjs-H1ZKXg3Y4MNQSvfDACqPazgI4u3SxKSddxvzoKlOgBJL5gIAAAU7UgAAAAJoAQeZAwi1EjDoIJ-fQFsoTeyf4b0Z4ts8SNS4SQE8mbrI70LGUKe7tQI8AOA7pb8tgMh_T08IqE1_m-tbV35djMYEPIoNPg3t0pkbfooyGp8RvTU1rIKv6k0HkGMw_rMBdOMfNJo9sXTpJRb59JKpTQKgWxc8WU2QLSKstUubkebQIgmIqbyIfCmEJDq2w0Sd2ZvVGk15ogm5CFmRoQDRHu7IuYejv7PBXjQHt3JA1DYzJhmrbfXMW461lT_MW5cRnZLRCOzwqUlMQzbGi6s5KVRpdVyJfe0ICqkEW_a1Bo1Yj7f8z1mD2tj6dw-b7PpZ3z3TidVerPvfqOvlr8N0tmVOKCSD2t7YzT67dJd09mdNyxS7MMafuUo2TqVi173T4ZC5YCT8nodUnWwqd3t_vDkpv9aosh8aVPHrOL7c6qJ8wBXzzpp5UdJRMa6IQTNVa-H0Yj9flhRuGHXzxor04r1F0cxIsrjZ4-bcgOt2lWpuLJnlPVmG1oASGBSrKpYo4YtkL_YJnfRgHh7f0EhxO0WAAdSgPeMAje7YRYjDBPVJjc5kZ0x9O2_sS5rXRjPpnW7-AcGHxMb-iRZenAw2Cw-eTJ_3D_9a6vwI0Pbd3lZagj-V_tyUsoLcLsqTkT95p7IIc7mHBaLY572tV7loVMjbsWPnBWDkE1is4wXX2OS-DUVPEqerbw3D5MTGy0Izzihk6iSIFUDs-vq2z3ieQCxNYF88zZzRibG8c9uA8RA3vaRSbajq06SYRkEBw3JK8hSwAS3WQ1YavMhRS6V0n4CJsoCr3CPyVlm6fhzNpEv3tR4SBEp_cdMqwfGdm1eOjyw3jkGhU-LeIxGoVN32cd1MM4kwl356nNWN2xBZcGgG4kC5hoUr_e6kbaA_LBxS_0N0W9kJMoj0osgQerKJ8hpqVrT5EvZifa7fh6LaAUNnUF8c5azdxfbHsdG_889PgxmwX0uqnehnp4x3UV7iN_Tzi7fHKULYc46ASoL3wZPVOfltRJ_PwFpOdKKN13jdRgfhHmuEg_CuHRMkAg

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6267 0
21 B 56ms
55ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BhHsSWuuoYu3oCv3U7_UP4b276AoAAAAAOAHgBAI&bg=!8POl87fNAAaJfvByqX47ACkAdvg8Wo7PE-QXcD_6hnFYUDZcfAWmwM8lMKJ4P0hTFYWHVGYbnbPSQwIAAATxUgAAAAJoAQeZAwUSiVlJvCotj419y2NgoxhL_-XreOlrDsVzS-PJ2K9iwS1yaFcSx74Wk0fxX4LbiFcrc6nFjEnxcTwwXvgAwIvb2U5HhhVhEfZwPqT4wQjYjrk_p_WehmnSdqi-tCayTeeR-iP0TMRA8-VbcpGDheOsjFKtMsWCQBsrvzqvJhUwCJBA6xhLuyOyjBKR2PvxK6a3yFggMYtflfb9g-B7sSfRD7Qg26lgZTs3cxiJd3ajIag7SE9BX313djFzW7bSsi-8nPkwpXdpBmqka2nLV9PRDgsdOjEFdqsP3xdWM_kIClg_7FPcpjmn3RCnuQSoyhkjiK1DTF_8QYATMdGKDdwNIVFKjQsEVb7i9kJqFuLcs7Z6KAIm8TucPrCe2BsVXAMlz-vJQ7CIFWjGhl2cN97nQRhK_7AqMj1cboJVEH7UWa90kPm-xi07KYGpniZjPAcJVSR3ytrTGL4_CP-Pf6PyF-0p3U0ARapuogS0GNjfbbfB31uQe_9sYImoH7p14OvUO6Ldtn6EFHDIQKl2QP9PA-6wnKVhcJTv4eNIS2pvabWjhLQXYseKYoyBq5cxqk5uUKWQ7iGZoPkcvigEMWf5JETa--l-p2UMD1f4GTnASpYMMArjhV52cS60O-NC4j8lZYeQ1PAptifQq5cQx2oXDdcpjqaR2FSJskhQJ41YQxrVO5GaKa_vm9bTb98R64qFWTXzpJDCqFzKdIKEG6zjagy-PHy9xwaXflLaSQjzFNfHEepj-AYEQ3oztjmuPGsQWRdFEeLzYn0_JuQdFBNjGhJ893sXX8Wa6FTI_WvYkWWorOKo8fs7RT49i9-D2sqjGUKPphqPN1oi81tcFAzw3TEuvVCJuOKORbiBB3Gwm7QArq_TyQd8Vgg0B4kwYWsxMN10KUGLePKO5bj8uLUqViV1qVxc_8c0YpYzxzdhH79DEI_y5vckxPwKld3lnLFKUu9khpcMijDFxmYloOEm8fcqZWxCgM99X0yAJm3xggA87yDYrnEgX2ZetX1cN1-fQ51jEQ

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B8BD 0
21 B 55ms
55ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPMFJWuuoYo7qBdzN7_UPtdSG0AsAAAAAOAHgBAI&bg=!UFOlUxfNAAaJfvByqX47ACkAdvg8Wvmqt16pFWWQwZ-jLmNRfOliUe-98lMtgJePIWsXszjEtYy70QIAAATpUgAAAAJoAQeZAwQ-BvKTt9j7EK4mvJo7BOrecVQE_lOL6PcKkL13E9RSMEGbwZG2u-zMsJt51o7iWJc34yE3YtKw9MFO95vYLt8V6wW8kteClO5yCIZxK2xpeyj_tGWTY0MfuoaJ0mLJ5rXLZG4kWhPeU7rtVpQxDNo7jzCZzDHw3kceSWNicT2d_e7ubJNQAbec85AJir3y8wv2QML0TVeMXqE8tCP_XganMYeGzxgDFXhnrSHbBRYsmrEoKbIZ9NmIPDTupFrIJE_5a1NG51vleeK_KnxzvVyTj2Gbk76S2qXZABI93BZTj9YgehPTZVmo3Q_U0JPu5kjRWQktd8datD6OyC7DEE9SpiofVeDYaPx1zW4iwn7ZDqEH6g5BWmA5n44Fhcmwz9FEz4izywu1qCUzAKGNs51U1aKgstYj_BpGVu05_VYiHuQHIFQJLAzVfIJvGnPa2u99u9FLmdsKVrKFGzs58OwlHP8bjUaRI9cdTX0XanhJbdcuNdR9f_Wvy5_sUXo2ptFjBpBHO3LZT0feOyqYtCMbkwy-DAeUqyK6Pz28Zo4fZjWC3i1kcbab9D_-a78kGHOqgzqjwEIbjgo2VDaZZvpG-QolICvZDBhSMq-RMHfbF5HFAp4t5uAXUtoQSH3KiAg60m5_62w0zCTnNQwVXXPnB3hVilUYy3lSHnEYAz4JK-U9xqE0_fSy_YRNmMVwLJaSzsSB7JV_Dn9cImQOD8EW2iy8QcaLUNZY62KR3zdWDtrNiw8tN-OWvozWSd-u4Y7RHp4HMU_EM10AtTql4Vl9t93jTafZooKt0UF-zRpfG9qlVsrADJYc0vb3ui0btMO5op-EimnBw1M5p_nPa1Pr5DUQr8sABkf-rvcEuANqQse5vhGGilVY4e20wxgjYPGtdTZvBYXEml95ReQj4I6xEgdIwKbSily6xvHocpdtbtQRdsD_Kouv48nNTkzj_on5FFm2317Ymck95baP_DiGDYv-TLq0LVImiZyElbTb6x1i8TDBcKp0RjdMVkpt2ngpvEEc

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js Show response
pagead2.googlesyndication.com/bg/ Frame 6E0C 36 KB
14 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/fitY9DN5Eb8XnEderF92e3R8KkCh_qe_gU10Y1cTXMc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 15:45:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13889
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 15:45:33 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8CC0 0
21 B 56ms
55ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDOamWuuoYs2CCN2FlQeOnqL4CwAAAAA4AeAEAg&bg=!NzSlNHDNAAaJfvByqX47ACkAdvg8WlVBHY2XQmklS2YqSUoZ1QuM2FrtWmJXxEll910j_g1jd3lbVwIAAAThUgAAAAFoAQcKAEUQd8fhbWT7PD9ZwjIEzJ6gT1RRX79prufzgU6rhakV6BoVesYuC8RU3F0G7ly9Kql7Jg9ew4XPt2lVfFwWnh0jUvso0NGZAwONG0dyysNZfBp8XovoXfT-7BB4cfTahkQqnOCkjYYNj-M_6xE6DsW4VuhpycCK6k5mnJljQJohHDmRjTt3EW1OBFS9qTGAr6XbsqS2-9V-JAR2IHPV2-QOjOmwYqIQF_ZL7m064iphnrPYgPPfeTeV1ondxozjONKoVN3qaLl8r9G2sHWkHY3Ai3tVWURTVdHi1uRlV3AoNNL2fjY0O4e7ezicadNEn4ZoHb1hv9TtPAsyQ2_MqY4mPTWn4qZsYsXw_PIAPsbPISjtS8hg-7wKXEl1c0KRHBA9oF8lieuWdxi_D19Z7izrInJunuxN8ZAKa1PHfBmYnmqdKY-lPToIFleAHFxEK7jI6FVkC1AwEgOv1LBtHjymO403goFoYCyfFzTJUreJJaD4UJeXLq8SOM4bRUok6J6Dw5vOgWM8x4nLdd81aY2jvBTJ-lHud7mobaEmeY8Kwf7YU0Fcpt9WXP-ML2WrKVwbRlLjHcZt5808Gbi-tu9R3D5h67wK2Lle378K3uckh9mBC8vK1h6wjs-54awFaM3-nu8qzOed28JH296ikpcztyB0IEksLrPXpkE2lKfRL2JIcCUbsX6aYfhJY-u9n8dlebdDqxKdDmg2pDSvDwrCfDlqpVGE9Der5UOxetQFq0tuHZgwu9iGlKE3n-7A9LzEv6bg-kbwTWy33vw6gUmUDnmL4xm652234vo08hh0qJ38OVXdWr4I9G0XH2RUmYIqwNOXwvWQkIhVlf5G05_aOwuBa_mHFqAVu8tgx7yizNNxEiAGnt8Gi1CSlFM9qCWb69XhHcFBPa5lZSvCaKXu1LqrPe5Ys1LjRDXD4xzu0C0uQ7gOhhxU3EzzGtZxNSmNoP6QFCRlIZ4rFbpXnzlTgOD0HAo5qNW6-dLd6sqHkzGLEKC6Fir5XWraPSOob223bxfpC8v8fKztVFPmN0qVYOgIP3JCkhsccXL9keKI3LKdqMYopbFXcR9eh_xZpTIWf8oHS7pzC4WHQe4LV8sfgj1HKD-nKDAxVAE

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B658 0
21 B 56ms
55ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BWtNQWeuoYv_tOozW7_UPgJS0qAcAAAAAOAHgBAI&bg=!xMelx4PNAAaJfvByqX47ACkAdvg8WlOjpDPdFYweqvNOZRw13iIaaMne9dLfokcCNVWmr6m1GzkROAIAAAV1UgAAAAFoAQeZAxK7ul6WSXDqx2Z1s6ZQJU42_eKtctt_8gNd8fRpRbvTENCjYoB3Gg9p4V2jMYK6Wq19KCtrUSiCktnfuarkJg4YmwGdCy7-mwBjlPcqGxO4vCZHHUUZEk_SkKfjYToQT-MHvQF1INIQpqFXgrzCLBlKaF-TgQVcLqYgMHhTRPRj_0bjenaWmfy6iAl-c0WJ3XViWRdMlNe5peRBDHPt18dj1odbBtnKR5sVDdMq_yfN2bbvFtF864sgxbkxnTUltrHLUmPmqoPS2HgilS_FHgMBbfbSWAlpVXvr5MsqUVj34fQiNigVdItdYwXNfMpdik7z_HAYwCnSc6HmQfN8s-6H-VCZc3HzzhkREUG03ymuyxZM6aZojhAzf5eYQ0Km3eFx76lTM3mYRw022HqWmcmc7nHhAHUGgmhAJ95FeF8Dipg9wfb5dV6wB80g_zQQ-qgSUUYB1RFXCL_poQV7qS8x852OZ4AID2eKQS_jY4R55AojM_-UxlnuEAIsmW4zDk-HCnQKqxKpU1_6fyEfsMSfzssH8dJC_v2gXeSx2uk3PN2i-qwmpXCkHMLJOU5kNzEBbmlAk-v1nBcRK-AbcOCDBeH9vMAWs8L2q0LQSHnEP9mt1AsQ9L4RjIe5dDkNvGPmu5PL0TtFuPKXFgEbKMY_KQZggnpbtRKLQKZWwJpuvFWsM9BPEAvt-namOsqyzoXdnCyMUwfDUaM74QVoZjM1tOxCFnzftSQNF0G-E3_8wNSDhPdYj-O7epPn7V74qfI455PS8Brz5WiC0WJ4BDqfloxhzuP7VFb5Da6lwuBR3bXBrXhp6ywGpdoTUcR4qOQkdwaf-PPPTUswYfkmOsrLgFp2wDzS2lG4jcBfMLfp1odk2YxQrZFnS-XmrOSkil7ttmSU1gIU12lek1b6uaymPqFCWOQeA1_kt4TFKvqbhMx7sdW5DyNoexA3hWKJFg4uVzz4GqnH3KoQlaLJx4-4AyrQN5WXcTTuPuE70E6hDSIXnMGeA7D0S5m3pD-YMCWtf8YlFk0eo7L44bt9jCVgt6U

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A70C 43 B
215 B 104ms
104ms Image
image/gif 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=886862&asId=29767ff5-dd44-eb1d-b4c2-1dbebf1d967d&tv=%7Bc:fxR6RH,time:2470,type:e,im:%7Bpci:%7Btdr:1237%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:2470,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:27,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2464~0%5D,as:%5B2464~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:534,fm:t8LtIZZ+1111%7C1112%7C11131%7C1114%7C1115%7C1211%7C1212%7C12131%7C12132%7C12133%7C1214%7C1215%7C1311%7C1312%7C13131%7C13132%7C13133%7C1314%7C1315%7C1411%7C1412%7C14131%7C1414%7C1415%7C1511%7C1512%7C15131%7C1514%7C1515%7C16%7C1711%7C1712%7C17131%7C17132%7C17133%7C1714%7C1715%7C1811%7C1812%7C18131%7C1814%7C1815%7C1911%7C1912%7C1913*.886862-58750208%7C19131%7C19132%7C19133%7C1914%7C1915%7C1a%7C1b%7C1c1%7C1c2%7C1c31%7C1c32%7C1c33%7C1c4%7C1c5%7C1d1%7C1d2%7C1e%7C1f1,idMap:1913*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr%7D&br=c
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2755 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 376185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 10 Jun 2022 11:41:24 GMT
expires: Sat, 10 Jun 2023 11:41:24 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain

https://px.ads.linkedin.com/setuid?partner=googleadxdb&google_gid=CAESEGe-RlcUAXUsS2QjIwpwVa4&google_cver=1&google_push=ARnp8GCf_br9IqfBcNVo1AzwsEqYaYWJaX4q_fciUHUEjzrMJYbhTYcTlS4p4HOcWLC4kuHKq2gxS...
https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCf_br9IqfBcNVo1AzwsEqYaYWJaX4q_fciUHUEjzrMJYbhTYcTlS4p4HOcWLC4kuHKq2gxS9UdhjGghRXUOzKCJaQbicE

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCf_br9IqfBcNVo1AzwsEqYaYWJaX4q_fciUHUEjzrMJYbhTYcTlS4p4HOcWLC4kuHKq2gxS9UdhjGghRXUOzKCJaQbicE

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 14 Jun 2022 20:11:09 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: 1546FFC8D3F343598D88A77E609639F8 Ref B: FRAEDGE1207 Ref C: 2022-06-14T20:11:09Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://cm.g.doubleclick.net/pixel?google_nid=linkedin&google_push=ARnp8GCf_br9IqfBcNVo1AzwsEqYaYWJaX4q_fciUHUEjzrMJYbhTYcTlS4p4HOcWLC4kuHKq2gxS9UdhjGghRXUOzKCJaQbicE
x-li-proto: http/2
content-length: 0
x-li-uuid: AAXhbgFjAP6t0ac/hbq6JA==

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEIGxKlIwpESKQDx_Jj3A0DQ&google_cver=1&google_push=ARnp8GA5k7q_F0cQk1jB4Ub03KkJ6T_pBtC7xX31hG_8_qtoZPhaRje5OScmCRXbLd2F7AdALW_4da3pHpC...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA5k7q_F0cQk1jB4Ub03KkJ6T_pBtC7xX31hG_8_qtoZPhaRje5OScmCRXbLd2F7AdALW_4da3pHpCBDXq1g_X-PSeYJpc&google_hm=mfJw7tYcQjGZP4AtELz7nRU

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA5k7q_F0cQk1jB4Ub03KkJ6T_pBtC7xX31hG_8_qtoZPhaRje5OScmCRXbLd2F7AdALW_4da3pHpCBDXq1g_X-PSeYJpc&google_hm=mfJw7tYcQjGZP4AtELz7nRU

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
via: 1.1 google
server: Apache-Coyote/1.1
status: 302
p3p: CP="NOI DSP COR NID CUR OUR NOR"
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=ARnp8GA5k7q_F0cQk1jB4Ub03KkJ6T_pBtC7xX31hG_8_qtoZPhaRje5OScmCRXbLd2F7AdALW_4da3pHpCBDXq1g_X-PSeYJpc&google_hm=mfJw7tYcQjGZP4AtELz7nRU
cache-control: no-cache, must-revalidate
content-type: text/html;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain

https://px.adhigh.net/p/gm/rub?google_gid=CAESEIDlNN-oSUvY0DhBWF87uHM&google_cver=1&google_push=ARnp8GBDV4LpyfEgM44eFZhapdm1isN_5MXdBBo3BOL9qSRdFe7crznPUKzmraJBNPnxf5Qqt75g3Wz1_noaR1zIYqVJ4zsLTw4
https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GBDV4LpyfEgM44eFZhapdm1isN_5MXdBBo3BOL9qSRdFe7crznPUKzmraJBNPnxf5Qqt75g3Wz1_noaR1zIYqVJ4zsLTw4&google_hm=lFR-1xowgSMAAikABlGBY9dc...

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GBDV4LpyfEgM44eFZhapdm1isN_5MXdBBo3BOL9qSRdFe7crznPUKzmraJBNPnxf5Qqt75g3Wz1_noaR1zIYqVJ4zsLTw4&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f3-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=gint&google_push=ARnp8GBDV4LpyfEgM44eFZhapdm1isN_5MXdBBo3BOL9qSRdFe7crznPUKzmraJBNPnxf5Qqt75g3Wz1_noaR1zIYqVJ4zsLTw4&google_hm=lFR-1xowgSMAAikABlGBY9dcZA%3D%3D
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEPBazvNK3gTDxrfidKyDgVo&google_cver=1&google_push=ARnp8GDZ9R0NkEC8o5hUljrYFEsZQhOnYvrnFXQylmOybo53eyapjlK12vdEl4WBVyfvfxVLqkj8pBopNuxS...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDZ9R0NkEC8o5hUljrYFEsZQhOnYvrnFXQylmOybo53eyapjlK12vdEl4WBVyfvfxVLqkj8pBopNuxSPd4xTL9KaOJVQK0

170 B
188 B

30ms
30ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDZ9R0NkEC8o5hUljrYFEsZQhOnYvrnFXQylmOybo53eyapjlK12vdEl4WBVyfvfxVLqkj8pBopNuxSPd4xTL9KaOJVQK0

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=ARnp8GDZ9R0NkEC8o5hUljrYFEsZQhOnYvrnFXQylmOybo53eyapjlK12vdEl4WBVyfvfxVLqkj8pBopNuxSPd4xTL9KaOJVQK0
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOr9oyo4zYrIsNJowm6gags&google_cver=1&google_push=ARnp8GA31nhUFts-5TUqmCcqzngFgahP2RPhtFBKEVR3ECd48fno2gubWAJxNfzHfdMoVr0IA9VKLm0kJUwyqFautmfYqczN4bI
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GA31nhUFts-5TUqmCcqzngFgahP2RPhtFBKEVR3ECd48fno2gub...

170 B
188 B

29ms
28ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GA31nhUFts-5TUqmCcqzngFgahP2RPhtFBKEVR3ECd48fno2gubWAJxNfzHfdMoVr0IA9VKLm0kJUwyqFautmfYqczN4bI

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTY0OTgyNzg5ODYwNDA1NTE2NTMyOA%3D%3D&google_push=ARnp8GA31nhUFts-5TUqmCcqzngFgahP2RPhtFBKEVR3ECd48fno2gubWAJxNfzHfdMoVr0IA9VKLm0kJUwyqFautmfYqczN4bI
date: Tue, 14 Jun 2022 20:11:09 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 204 /
cc.adingo.jp/adx/push/ Frame 3BDC 0
44 B 736ms
241ms Image
text/plain 54.64.206.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cc.adingo.jp/adx/push/?google_gid=CAESEHWzoKhHHXPf-mJ8tSY_YSU&google_cver=1&google_push=ARnp8GASYtD5h9efMxk7G87biT-nxRkhVxiPqaYgbFhSGEq6t4kpX9okngbNujZpmEYBMkhxQ48FyinoE6CXJHjUwAdRDx1eTw
Requested by: Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.64.206.14 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-64-206-14.ap-northeast-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:09 GMT
server: awselb/2.0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 3BDC
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEJTlXlmtEr3d8OwNCvZEA9A&google_cver=1&google_push=ARnp8GCvtB7H2J4_5cnlbsJ5RfPCuu4L2vGQoJXiGjNeYDcHaRWU9bC4awwsbRr8zmrBoEopeu...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02UWg1RWNWRTJ1SFFFV1dwUkRfVWk3Y185LmpQZFE0ZX5B&google_push=ARnp8GCvtB7H2J4_5cnlbsJ5RfPCuu4L2vGQoJXiGjNeYDcHaRWU9bC4a...

170 B
188 B

30ms
29ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02UWg1RWNWRTJ1SFFFV1dwUkRfVWk3Y185LmpQZFE0ZX5B&google_push=ARnp8GCvtB7H2J4_5cnlbsJ5RfPCuu4L2vGQoJXiGjNeYDcHaRWU9bC4awwsbRr8zmrBoEopeuqvqLkR2gLVhIKt8viiienmvkzY

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS02UWg1RWNWRTJ1SFFFV1dwUkRfVWk3Y185LmpQZFE0ZX5B&google_push=ARnp8GCvtB7H2J4_5cnlbsJ5RfPCuu4L2vGQoJXiGjNeYDcHaRWU9bC4awwsbRr8zmrBoEopeuqvqLkR2gLVhIKt8viiienmvkzY
date: Tue, 14 Jun 2022 20:11:09 GMT
server: ATS/9.1.0.46
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 3BDC 0
12 B 29ms
28ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IDhV0I5mTq2f1wz3A7SgST3CnxI5BR_q0u5AP-1mIgDRJbMX4q3dk8CEVPt2_9TmqkSqGjdQ

Requested by

Host: a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
URL: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=2

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9AF 0
26 B 56ms
56ms Ping
image/gif 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssdxeq2CSXUmYGng3-eCZ_ouy7CyXll6KVz4_K1r3AnvOXexFTohrZbERJb_ZEbbn6fqsd98k_rsZpic140U19zk6-WdjlDouogWb7S-jFxdXzvx2DgGpjPyqWJVLKdAY2f-BJBpuKZ3F866rrJTs7rh-tvgibFJ_ehLcIAcAmMWt5RmBdPjMtEMrCJZGLAWwlRLM7bCegtlweTH9wvCZ6ar7XVvNeNilQjXn-jIwLnI6Aih-y1X0AUd1pVviTuRCfAjoNDcquYoAmPhiQrzvsYJcmrDSEc59Do8MyMsv6hiPsfiJrA-osauo8NTRfv27FoBmgmxM0XjnzuzKvwTNd5QQslYUX7HsgFPr0KfKWTHvPrBqCjVCJ9r7fI3oO9_eWjzg8ar6_L9oku1gShJ2p1jfhitV2qrLTP-ZRQyxhkmts_QuGZTcKq7h2smsEqcPXmk5ZkhS82oKa2e6adbMOUVIuim5DVNw_ERm5w4YN7IIDefnjqpKc5wUmcgNKSV2zi90wv1_RXVBDRFqABwrGNElBGs7ZNLw83darea0G9G6l2nPTES_CuxxnID9Djhx7jhIbbFH8qX3WEtS_BDJNFRfNf9NBtRVLvLBOlwBHZ2vYxdn3n_4mXmCSMOcrHu2gsnyROiyLAYTzdlhAkvdlGXVVT7sXz5CX2E183R5o8DBe1A6NvVEOJ10csdLsU0CKE5DktsyupUcf6qw9H3SNfACQizHiSdhj3IG3OBMM5QQg0V6YnS6Lb8Kr7ffS-uhppx1es9YbikPrmFkfB0lj2FnBCQW2OoKyoctnbCNblChosz7gs9mm3voLw8fo-HgWeZYQ_lBiX9tpMmOU1m1-Nzq2aZrlqUET828dFdpHxQCSzcLyKnUttKZ-U9zvOnAObCj5vJnldqfe1ueUKKHR5uONbu57fsJ5dYU3A9J9hl32Hxwfv6u5Mx01z4bSMLAveuf5waWfPqwelWTCxPySomc48sOLtmm8Ja7LBDtuSxsb_Exd_2RkKgqCztzshmifefO6v3phJQjzcfKsr-ynypn7C560qj4ZPe_pJjnySona3lvJlMdAKOgiimAVTZzCtJQrPB6GNc3qVyDwJM_NjsprT2bkcEOFtqE0jWd9eP0ChnLWV2JLtbu0PxNRxw7bNR9X_5GKhJaAv1R11oPkpDfek15fZzVU9eVuchL5hvMgz045Ypl4wcWjgTiP3qbxpKJ3zchgmmDebiq7WJipMxBzijmW2bEye7GmpOA720eR_l2JVMRvxmIqPkIYVaJg21ejIohKxzW3c9OBsrkHRO1BN&sai=AMfl-YR66fruD4clAJHhZu1wVDFCP5SyMu9JHdxQOg6-2q6RjhNJWdtlFlvhxzBQUoNjw5M_gMx6zymkIO0maxSRMfdAqiqDUI3HYcVgUkKpv163SkFbp7njQg54YUD8qOuTdjLaGT3b7Og7_vbeSv66Y0uaVVeFPZxdMVfTpqFoQ8XRgjtZdcSGwF0HZeRqdyLzD3zuOSkPdxvHEPZOICY5NA&sig=Cg0ArKJSzN5KAluwAncGEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=610&vt=11&dtpt=285&dett=3&cstd=321&cisv=r20220609.33483&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&adurl=

Requested by

Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H2 200 node.php Show response
node.setupad.com/node/ Frame 06DD 0
208 B 22ms
22ms XHR
text/html 159.89.25.223
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://node.setupad.com/node/node.php
Requested by: Host: fornoob.com
URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.89.25.223 Frankfurt am Main, Germany, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://fornoob.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: *
date: Tue, 14 Jun 2022 20:11:09 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST
content-type: text/html; charset=UTF-8

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 36ms
36ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

218ab838cafc378156fdfef62ec7c8b1518b3a6a4953b42095a636afac3cef37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 14 Jun 2022 20:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10600
x-xss-protection: 0

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame E4F0 15 KB
6 KB 32ms
32ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=fornoob.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.117.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-length: 6123
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:09 GMT
server-processing-duration-in-ticks: 2173
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 970x250_Cursor.gif
s0.2mdn.net/sadbundle/2733685237513348699/ Frame E13B 81 KB
81 KB 21ms
21ms Image
image/gif 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/2733685237513348699/970x250_Cursor.gif

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9ae36718b97bba12de9b278c77fd12b4a9db99391ffa57bafd2f31b45cb016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/2733685237513348699/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 14:55:41 GMT
x-content-type-options: nosniff
age: 537328
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 82988
x-xss-protection: 0
last-modified: Fri, 20 Aug 2021 16:35:43 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 14:55:41 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3D0E 0
0 88ms
88ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022061401&jk=17015131854404&bg=!JySlJGDNAAbASn8N4Eo7ACkAdvg8WpPI7oezr_GYqPkLPxEHFX6tAjKC8XyATC0ZVXPsFcSeL--ARAIAAAWmUgAAAAFoAQcKAIYtTPd-aJuueZWuB66-4eSnDyc2YjTglstRIRxn5pIrFHrFnBwfG7CKIwflyAZ8JZ73oxo0p9ECwMzOWNTV3Q57GCYZkKQ4asOOmCU-zW7sOJ_NdEtm-UfOgbMwSIQSrgtMo77ZkgXMPiGnuYVWPyoJpRQUVDzPZqLQW8yFrGpT7Un-oB1DTJkCvRpb2QtogMlakLBoqnxj09o7dgul1fwbQGLv2LdN5GAJeELxIxkouUjznYTccEH6NNwk_EMMuE3kOivmM2GVJGqTxtBQyH-vaLYsleOY2lpqrpTSe4FKX4GJkOHXmq9DLZrHe-GHGFRsM8tPw6jlsF4OebVS4BkDQ2jwUop7RPCz86peGQwt3arryY6ei-BHUO2hFEoKH0bdsG-itLqtj9kB2Qfx2oqbi6wJiZul8xeUY6r2RXy4Foc07LjPPCB2UyX1ut9eW00ie5Y2qtO_yjmajEhlGQzcU3GMRXTpQaaAzagWxd_THHh9vMPsR2rNtZJvfU0pfGQ0Jrjp7BtdIbF4gDo2ZWJwWwAe0iJS0YYI9z0dnuWCC3pOzF3hKpFjFavLtJBpfrdoZEqUZtqMpRgfPoBSFuO8knf1tCrWIL00RsKDK3HQW7hJ5Jbkf6yNdGJ4zMw1b_rOwrZhO2pFJmKuz849JgSt4lrKanGqZGjr4XQuqdJiXl_telAkjsrGMeb3HbaOJGodx5NAxVDBwbLwE2d0Ib05JZn8xNYm1lQ4Fpk59Wc19kZz_YnqVdhx4ckJIWDgV20O2b6Zeum4wjR1Lz4IZqTzm2Qq9VA4z7VnO8Kq9YtKyzq0FQN2sMJakRulby3PArnyJcaTQSxTCZ1lPC5CmusM5p9KzuF7OCt7Qp5o1CxOjMd_CtVzToXkRZKqdcOxBRriVtbkhnXyKNyLKfRZo8kzB86GRGPReRCyxBAy6StHXEFH_umoDaDB3B4wL0FoAQnf-mktsq9Pyk1mJZ69Iju0dW4Xm8sALmBxVixLulDpfnD8uuiZ-inr3rfPLafoQ9nfeAzn9lloetbqKa9ddmHnnvkYWNJ9tZn1jfD6aVID2C6NnBPYXkuWWS9bO5jdV0t_oSKETvS4C3CE0eg6QOmVeIZsAPKL
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2755 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Co234H0mqm-3QDa96jXfhCsIzvyuaV9uBMdU0yZJozo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 17:14:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10619
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13776
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 14 Jun 2023 17:14:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C7AA 0
0 89ms
88ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=2177734489905010&bg=!QEOlQwfNAAbASn8N4Eo7ACkAdvg8WoKEdp9D4iWU-lZa8YlK5DlZd3rOFL3ntlNIdFnjFSOGNs87DAIAAAWbUgAAAAFoAQeZAqJNcS2cC_2TlPb1V-ES6aErC8flH2SnllHUjAGKASBX1dAQYIeurs0RQ3DVO9Mx1QQZH7iqMCsQ6J23y45D3pwWGm7Mw5OhPSkGYO4gsDFXnw98-rlXF93RV8c2ntfnDTxilF_a_IBX0q_8Slokpzy6syTCdCgs-NoZ_6IcueXVcRE7tnLwtTkcjru7ogeaeCD6jAdrYw7UqadjStIiuUAMSJ15_hjX9Kt_QPyo6LzKOrY4TrFsE-SrgGJy-bygPe6kFHY30PVMSfID5ZEYaFTJyNpJVlrJoEtBleOn2ThySqXu2YLl-D5OucWfsKXZC3U1KfaxTNIMbhl9HnnjoTzZn4rEzzpuWsCfbgMPQwJmxXtPTKlfrsvTLehVFYG8neapZMfhxFWOxHDIjZWMs3t9R_sY7q0qKCK7j90m0oTy6fzIfkLiUDQ1Om5iKQ7Ojxe-qMTi6kkiqzNEAXbsw0UmWeDN5ApssNP5nftnmi87CpMILZnaYrq-sv1ZJRUX90B3C_bPbcMUbEjUviMU0MPsPPeep8etG0MW6LavCS4siHzgmkMQwDM87PgWsfnxm7MRtonI931M6n0joQAnmj5pI-f9_slikHsBru7iZRuBHixGxHljth1I3v6bAoy62Lh-obTIX4ZTg5M2ienaWbn02zwuC5PDbE0_Oj4XIg6boAupXOsJgKLmsm6yUNHzGLMqJrHOIo5of-4CxWzJXs1hiTXNiKyvduMLzSUUa5EkkNxJSTWcARylo1cfd--ga9Yge-TYkbx-T1N1IYeJEzyIepsAmTU2TTzIVy0LIJ9Mx9HEd-DdHUm8QzpgnVpGqyZn6fv0cMNncQp6FA4RZGoVpIrOkHYSuhYYYpaZJ-iogCEH3yfULQ5ypsOnXnmGM6QxnQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5125 0
0 90ms
90ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022061401&jk=2937035963368993&bg=!JySlJGDNAAbASn8N4Eo7ACkAdvg8WvAsZseFMLRkn9MdqMyraMgLythzYx8DN8Do5G2cnjmFaSBhaAIAAAWZUgAAAAFoAQcKANdsuM2Y3WUMTKX6CQAezNAmo5xR4mIY0igdHuBZlbXvc4_p70VpBC9v6Jz0k-_QR4XgzffhHZp0GVWbGjwNN-pQ6MQTMRMAM1eN6sAAXo6MlhDhxvrZmeiB7ex_slvqX7I2EUNdZjQEI-mVK6gBt21xHgEIpKFH2LeTVv1KFuIPoIB9mhY7R3rTeeS23YdTsiTmWLiEGZbF27hL5Z_ccKX5iqXIP7hDffpgU_Fzm1h2TobZeI5SvlqmIujsSh25Ph7xA1CW64ir9lCbCfdNGVxhdmw0-f1n4JkCwIabvU3ZhjAYm-TS65J6oM_Ki6RXdOp1csM-QS0EYYBVbs8V9_7-3xyrbRwLu20RDwgv36pCoVs7Mr2MojPgmiQC32egtkcaBtE_BD-rTUV0D-Mhvy_IDR8pjYB2XTEHeXbJ_MOf39_KPsKVQj7APFFFd0KKoFjyo6oGx4s6DPWCtoaVtsxQd6Im-yQ2f0NO2OSLKq_wOstCsM9JoFximpnYaFq0-0F5QA4rX68uuenBA2rbG_fqldLIeaeUlgfgcC5aYR85I-zMx5xKnrdbIk2EyVul0vLdTrb2giN4SHq77HzxJQSEdEW9xf2mWnSlOf0x_z45jjtf7WTX-yZ8Ou_Af9VdC2FysyEF5Rz4IDFy3i7vltvNCFuYdVXrNYAs7la4iWLky_OfBgNfXGpI-iFmJ7Axr8OUIuSnjOdjD7ftJ7EIpCkPk7Y8U7-s_7pDAGuWQMScuC6hzSpB0aiLAC8sBg38QFi1ngYwsuuECmA_mF8FEUlfv75WlCPUNcW2W1eWPtLt5a_brRsJEyP42NFgk95MB1Wxw-QW9vT5rCWxUf7oMn9Fh3E7uemZqiSUgbuWNDKtL81NN3yTqyWuuQS-OHfKrN9ZpsVwYkv3VHVGUYZ1zzgb_Ci9fFQSqm6SHyLEpTbBVNlrZeRDxYguL83Irb3mLTpt0sT_TCMpGvkM9gj3w5Y3HinEvEZPUbhCyUlwmTFOhI3k-LAc02IjupodKRQ54Sl-tbM0bLTtQAXwyzsNrD43e7TEmXJIriy8KbmHFb0CLBALTOhcJA5VQiOtR2EsK8Optf7-GAENF3ne5yrJYQCB9nGTDHbzKBr7GdsqPhYMq8njVume9v9safNGk3WWyi_hL84lE4KjOMKuLGQLi3mAtyT3OS6-MjGky_xNUYTr0Entj_1zpieSxrHry3Jzb_SrsJ835_as7tPp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3552 0
0 72ms
72ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022061301&jk=1029710552979205&bg=!UVKlUhbNAAbASn8N4Eo7ACkAdvg8WjbFqczG7dgr10BOmWJ5pZH_nUrX41igPn3QhV6F8Ia7eqyzJQIAAAWQUgAAAAJoAQcKACbegpnDAVBt-Pw0QB4Um0KhbXXaasUsvdQdVSN532iBub5Ujuhu_JkCwYNV6RibTxN1ZxbDzj5lH_GtweDgmnXZ57U3AkTD_FuBgkeTapwAmJpHmuNnXYi_ClHqFHxSJ1_ZdTjYRDd3sTEqRXh3NOuo_BlqOg9o2JEpAVCG9wxk7UqA9QsYgVJmdHmGAZ5v9PlCp3Avg7_Isqq78TmYZF_GJUX2uF3IvxchZPMhS_x_ViBmidCXjE__h_3DTWgy1lDKbgFji9LKvnPgn2p4hkAEWD_o4BctKZyoLBIhRq1SRNx_ahF_T8NpkcrAHeQXCCeNfFozVg5IVxbI_9J-fq-lq-UD9n9Ve3h3dtroya0YnHSKCPLX_vhwRo4_vmLQIcvBsM9N5DmPW1G1lhJzSY5rBqH-d4IgHNiKK2zuVrb-nj50A0ZARclAA28uq1hNEJugV1TwK4Ry_pO5e_YoSCd6oNusKmVKwwYoErM3tyKQmCWaVHGLvod3EbjFcakuihL8SczlR1_KRPftpLuqIWUS6Hfrx3APIzTAA_1nodt6c2D42DZh_TrJgs-uedg79I_So_VUEZu8ZMhDI2zGPaNdeP5F3k2ZXEzgzv7X8dgou23wYmVb8NSm-bzXEsuZlf25AKxGbpONaiRgRC3DDk-zJ4pxcKYUBKekSIqp2dxnPiMp_IXgLwKvYHidQ0GXXp3hFEdO9VqjOB8shsJ82MbQJUcP0PRqs39EdN67UfMJm71LDgO2muMzWsesoRvKc_hkZm_lrkV807884hFfi7jc2FWmZMRQYk_f8V0nt_tdM0aLkktvc-yzeo7dyBU-pfU2U6bJ2oLz3ov3Cznhjqw00UZ-ANSorQ69uoRRvBYetM_8KviwGPI4djcnPJLKBUlI6UBcOq7bH4Yh78HQPqjeRqldNjHVdm5v3vOpzppIsyTQy9k-JHp-b3jE7xSjVqbCLBnQBU1dmJl3dHkuKWQ3lpzHhVoSXRS9rA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame A7B9 0
745 B 36ms
36ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: a27e2107-99ff-41ef-8622-4de36cc745f2
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022060801.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 14 Jun 2022 20:11:09 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 18C1 0
745 B 24ms
23ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: adb8b116-bfd4-49bf-ae12-ddf21dd31698
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 2E0C 0
745 B 23ms
23ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 702cfe66-30f1-4f4c-9e71-db7d8f7ed3b1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 89F0 0
745 B 27ms
27ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: c9944079-0c23-4c3d-b7e1-b640aef19356
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EB9F 0
0 71ms
71ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=869890229658479&bg=!TU6lTgrNAAbASn8N4Eo7ACkAdvg8WhebxfnHfJIMqGtiPLg14JE4P5hoD1A1C4IaMksZjOxxZKazbgIAAAWiUgAAAAFoAQcKAIwzE7JW0mkoJq2Xa4FFts0OguVAWznT-OAMckaCJ0DSieavtVxGmA71SSxlNXFZcoT4OE7rDTciVu_d6XyVBdY79MmYW9h4fdmnmNzYtmF_07YL_TWpIj8Rs5uwwYTOLF8O0SuoYCaYsyhLZ3h50PRs_lXqveG-cVTx0VWYbt05WaB9Wx_2CR38WXNeXpkCuYY3gxSccc0mKmD1esnZt77G2ttw3RiVveaCx1wm_wu29flzTUHR9Rfrb8ZlwsIPPQQH0XiOfxs0U-I1Pnyn3lZdp7tnF-oXnULyYWFi2l1Rz3ZzLEejQx-pSPZonYrLaIQnaKlbCMF8D1v-4ZS5Baq7Hn_elAqdHq9Scg-YFck4f4mjse940_KtWNLaLwDu4qSBHRUS_eJ-2pnlISMNXaCWciaal9SHMRDd356MHWLOPGo3o8rdt9rHK5Vnp90YYT-9uXEa-32uJRsjxC395J71_FCACfC8B-v3r__KkGiCql9DRmNEaYpqjscABHwELt3AznkUYvheRkLToswwM4ln4epZEKEakvFArxD2ouMBZZBUQGdvh2Jqxy-p4BLztWmpmOrb7yB26Z2Zo6P5QA9PT57THmVfbtuXqz2-R1Hqeav0yi_y1Lbd1GRvMnj3zRIydRXGals_xsdmVDU53fQfBBG5m3nrF5FREdKjlZPRPQ5zgwPoQLi6dEY4fMJ49AlSgkh7TevbyNfsIK4YKXmrPsb07md05K3zmlajrzd6hbZOacN-ed3fmwuCsFzBdtqysurQrwi3ecYIj1fPsVmlwB8RSwRDNlbWhv4MScGVF6m9B8Z1-XgBIPdboZIWVaF3OrA2F7YI530oabfDZdd9RkYeefOoY1vY-dnQTCjM4oR1SQ2mp8q452kGwme4xCXIV4IIe5xAhZWnSdx0p-Xeuxgqzu5NADvV-EBPZr81snIhhMuRd5AhhzOl2GgBJEqp97Gbu1gPEiFYKQYTVv_DoOBWGTGjKgNtz_RmoN702gp2n4mqYz2gmkhVx8Zeofscu_hhhg62825GVF8MNYbyzDxJXH6Qu1jGtJGWM62KXkEpJngX1y090H6uxPX86WdQrhIN33ZEz0SwvEaJ4AW4DFkaW09FzBs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 06DD 0
0 63ms
63ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=3076159435321455&bg=!Tk2lTQnNAAbASn8N4Eo7ACkAdvg8WofAYvRvVWYlwMpOYtanHyatsCiq3OzuQYH8qhrRc8xrjc9t7AIAAAWeUgAAAAFoAQeZAsSOQgfj8Wq6C9thLO6JAii5tb6weFKppmnH1euCep4_2SYbF4E7vVghwuXji5W2AvS86pwjuGq-aD89g7BITsTQ62Oa15IUj2Sl3GyJ8DsmlKeQ3QsV7SeHwqgX6w_ZQlsIUO6rGNash3D1-bmbblENU45xPkJoqBJQVdI5Mxd1_mZEhd9ad7eS0pQ6wyDlLfnqgjqlpsNSTDMk7dranZ3YSG_aIeewoGg8yBoMPXyvQBGdRsGMXWJr1Hcv4KUrGFHoQuNhyoq_Qmx7osxOFxZr-Z_bXl9FiAMpf6ZNitqH8Ey87Cn6hSBETDE1KDJs8_weR1O9XwKgF4e_uHODHdiV6R_1T0bZd7IuDy_TFMnye_5O-VZ9Y3CqZTcDykPy5e5knLCIA1etgVfzBdftcMQlJ26LSglI-UUKrLxDLMg1xAbKeZVjie8U2XNWNtw9Fqe_zSzxQLOTbqSzMcELftTfzq32WT6iKVje6ZvB4BeBAZqFVoK3jYpnw_HxZB09vfbQwP2C3LbfUlXpMO4-SRa8LtRnrFxd4u3WRDOcJfEayaL1Ngy8F-QfE9m70yWSGraDMgn1ma8WA1nXFliaiMg0_GkJ8TOWx7vwKC2HRo0-AxJZkge3dXoymS2X0hlfYhu5B02pwxxrfw2UsQpiGUaetedNiLYrEbC6d4vFS0mxAl_x2FiiVYwYs149tdmAz64CB8WjB882gQDEjfm2yJqTh_qWv3TZILZgiNYpLBQRjhL1SBgxOpdxpo7DoU3irpmF5da78v-cCKlqbMYnVDUm6RG8Ll31zpnfcKzps2r8kN41P8ezYrLZFHNY38qGSgKypcKz93CIW49fghuWVcvawDzPUQWHsrNj0gZQqakTq22Ukpp6jIS7ZjoOLKsyT6cmpz6q9MQnXUoIrtnBD7RvsDK-OIgl2Z_2OvyqAejnzXNa8rk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E6F0 0
0 88ms
87ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=142207005426590&bg=!n5ylnNjNAAbASn8N4Eo7ACkAdvg8Wo20uRlc4ybmfe_eOFQvPrzCLiWAqyMSotGe-_yOWlO-oQSJgQIAAAV8UgAAAAFoAQcKAA7oPVkzoWs6zvkzovuNTZkCs-5PGa_Bn8_DtKy8p_IVH6NFck7RXGjyViq6iheXvSq1rZyjNCFcS4Hs14YLkzw0w9B7vO-vnwx_LCvSRIb38upqYRJVRHjmLW1y1hZFFB1KGKTLOBwfyP56FbP6id7TAk-x-hM-_8ObBQxs8FMD0MuR0FjqUQMW4-Ggt2giUtry-cApa5u1cGA9p5UPpKaUHX7byk0arNf0KtedZwwA_KYV6s9JDYwq0zXkXI8Ib5SEnaqNVE39jSelgMdBqbDrTXPLPbhJp3KTYAVr4d7qg0dYxGZI0_VAa3kFkhSjGpdyLpQrY1eQd0UYc1FEVTyGUuWoCfG8X67SAvwZw_wCT8OMmb082CBLxRkIsPTUyOjZzNvR3P6ybX1j8VNogOu51MMDrgw2QVU4JZRZQXHhgtRRag7PlL22dPgF-8J53bHFgeRCpO-z9rVin8WoANR0mD-IGE5ZdgcTV-Y4zlFbofjTyuSqS454urO3CRMEaGcU3i7r_a61TCLjNxw432bFsogn-kuw43mwxya1tIVdaW0hANvoAb-l2vHXwV2IKEAQCLrQvYB_OG8BW2egPmENpIwwCZCdN6kRifN-e31aoyXqZ33a1UacwryUz7OPe7nP44ouHdsP0LUfsumdzMHXKv7vrX9BvEWhykhGEAUGbQaqqLBG0ZdJAR1TFGAIbkoLdcfP2xlNGm8838Q-R9nDj9infAixFXqSIXTQtVMhjpaZ8zGzmfbUCy_Nfw7PlT8mm_-h_bHzIzvWcmQPTTN_jebOBuHzSJxX06hT6IB2awLK2lulWVnPb-DtLArTcmJ8z952CFwfJiFEQzbo3R7ITqVPJmSD7AQ2Ub8b29ZTfFYkAYQdGoxntc40kwp3-S5jhAsB7GfaVC1L76lxjbdC-b8MQehMhsdY-dr0goUOwGjVA8Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H2

200

sid Show response
mug.criteo.com/ Frame E4F0
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=fornoob.com&sn=ChromeSyncframe&so=3&topUrl=fornoob.com&bundle=MYUl919XJTJCVU91VHpDYVFvJTJGblpEeWFGMTM4RVlJbXUzUFFTaW4wVXRZT053dU53VGNpR1Vj...
https://mug.criteo.com/sid?cpp=VDJETnxKSmhtVUdBODl6aUkwMTBFU0VTS1pBZW0yL0NPYjlmU2V1c3o5cnhyaHNFMWhwNGdybHppU3Z6UERSckU0ZWdDV1dJZ3JlYkdTRWcvd2RETGt5MzhQM2JiQWtsL0w3WTZycEQ1ZmlNa1dJWElvZERDYXhNMHpPNW...

433 B
630 B

30ms
30ms

Fetch
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=VDJETnxKSmhtVUdBODl6aUkwMTBFU0VTS1pBZW0yL0NPYjlmU2V1c3o5cnhyaHNFMWhwNGdybHppU3Z6UERSckU0ZWdDV1dJZ3JlYkdTRWcvd2RETGt5MzhQM2JiQWtsL0w3WTZycEQ1ZmlNa1dJWElvZERDYXhNMHpPNW9YUDZ4U1czMlBkTkNybFRsMjBxZGFyNGtFdk1zU21INDBaQTdPTUxjSkZhS1cvdWFkaTloV040MFNLRVRlb3Z1K0R2NTNmbnhycldUOXBQZnM3dGNxbDFLWk5BSllUZU1BeFE2TkZhdU03LzdTSjFNbjI3NHpCZTFBWEtsWm9va0QwOTk5aG5tV2VlT0ZLWlZDMGFJVlJkNi9Rak53cm9hUXpVb0swWmVsbHg0VDhUZllGdz18&cppv=2

Protocol

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

1b57fd4a4cfc81a53c1ac32bf3ad6ab413e7d4cceaa82cc58f775e7ea62213bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
content-encoding: gzip
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 4143
strict-transport-security: max-age=31536000; preload;
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:08 GMT
strict-transport-security: max-age=31536000; preload;
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=VDJETnxKSmhtVUdBODl6aUkwMTBFU0VTS1pBZW0yL0NPYjlmU2V1c3o5cnhyaHNFMWhwNGdybHppU3Z6UERSckU0ZWdDV1dJZ3JlYkdTRWcvd2RETGt5MzhQM2JiQWtsL0w3WTZycEQ1ZmlNa1dJWElvZERDYXhNMHpPNW9YUDZ4U1czMlBkTkNybFRsMjBxZGFyNGtFdk1zU21INDBaQTdPTUxjSkZhS1cvdWFkaTloV040MFNLRVRlb3Z1K0R2NTNmbnhycldUOXBQZnM3dGNxbDFLWk5BSllUZU1BeFE2TkZhdU03LzdTSjFNbjI3NHpCZTFBWEtsWm9va0QwOTk5aG5tV2VlT0ZLWlZDMGFJVlJkNi9Rak53cm9hUXpVb0swWmVsbHg0VDhUZllGdz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1568
content-length: 567
expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 9F91 0
0 72ms
71ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060901&jk=2501487154844104&bg=!f3ylfDjNAAbASn8N4Eo7ACkAdvg8Wjdb19zozlx2hrX4uJUGXymCZPkxF9nVEzPm-OD3Afr9SKXr-AIAAAaMUgAAAAJoAQeZAr9GHdPHriChLvN-yFShaLX_3ezkhrvO0dGnJtnT8aLzw0l-PVvG9D4nhchVDHBVTj0aBcs5zm5yiQiDSEw0h_ATtoIkLBjryfMCuHYK2d7a6fSzofPCPRVre78tAtlryHzw3bJvG99X2PVx6KTfHG5a0ftOttfxnHUzZCQcfvptALNesCaMiCpZnWutH-q3scVdveq61vHKEXzzmiU8Y0wGzXx1k0_Mro6Y1PcqNIPt719F1S5z_z7EtyQjF_ZBx7RgnkCt78Nvu8kfVNH4Igzg1kFkf0zJkbhc8gbf4ZmhYNtm85TBZEhN4o1aIgD2bF_a1FusLb8uyfYr4XFjOn0f8SHy2Qr3VpwwyBF-_J5LQ7EXAnxdr8khJDP14sH8kk6pTaw68PqyuEcfJqqiMNP6Ch86bIAKlSz-pBdfjKcF-SxgDQhBVJfPNMMCg_LYZVhpZMYrXkjN27fQ_Y3C4ZUnLzzu4RzYu5pf6Wljo1FXHx5lZElDovYXN1lkU7GYfcMWaAYyPuDsWi2baT2ryFya96g_2yy7NIwuwiRdW9cEE8iFBi7O6OGFRUy_pubKaQmE7eiepPUu-iMixhQrRz8hQE6Epcr3m0njOX2Afyl975dqqfV-prnylMnpUupN5tIfLNhQbGp7I6pnOr4WDFRjOSlSMyvvtEsnqlofC9N1r7WFvDGcUWBBVAVBdYC_5x4gRveopUjNegasCatyyYixM08DZAFHLE2WfL4k33ubfqVP-BPyLDxXLBgm7_GNpDMrod4-aXH3OXxipmBDMXz6x0RD4PAVqPfuMvmABsYVHbwR3Cifwbz6gEcMKy150STeVbXMI2Rai1gA9Rj_mt8lhUZ2fT_XAmZnjc3X2RH-O0-0tYyHve-BNuPkyZIjUIjJq2qFCB2c5DDAJ_BT7A3_PaQAb3EoJHcK2fTimfEa
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 19E8 0
0 73ms
72ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022061301&jk=1006889467867368&bg=!PD-lP3vNAAbASn8N4Eo7ACkAdvg8WvJi3I9P8HSlxf3Z_kcLGQP4ngbzmDJ3fm6V6giXGUmHr4E2oAIAAAV6UgAAAAJoAQcKABvtNsQC3nfOfJwDmo9TQeFPvAMrZ3aKQOptSJOZAtRP7zvb7bLkv4mNHx6wf6YcdvPiEUtfMSyfbQBbKtViI4cNaI_fplLcYXrVXa3BVgEppbsQuHrkwtsUawSnrg243DdtHxS_MYHHDLAuhBReyaSPp5h9a1fIpHvEYRAU2uByACMCaSlWk39xYtBpfQJT1ht8E6xFgfG1lVWpyB2kNcLlriGtkbCg9iBUusIHwS__33NMdvkF8wTzXP0DBiqrm2R7AvAqmyDJDYIj7YPdVY5XdcBsu1DPpZMd0b1zl_3K9uo4DgCjfvCTyZ_J6jkzs_BQCFQ46P0yYlXZJmZXYvOrOJS8umw2CJM0oeayvzCa2Pasp1dC00WL6DG_-XbDG0-9AXQAivrWXBfFXJt97t_IxdXf69Yt0t-VCDmX6gwFVk8nKRKwznGGzjX4zA1kYz2JPX7MTfoT7RYMumBIpGlGhWoDl3xC_WDZ2zL2QG-qLbnqyQXGXeZ8Naay2FQ-EXUA2q2sH9rqXJINtFGTlASigj-r8PHoziqx3N1qxa15nAx1I-y0Hplm-z0NEw3JuCMGVFv5ULezsC_lOVtryveqzRIFkGOtBOVqb9TTwsyZmUkP4OB7PaShaNUSO6NVwjPZM-pqJeIWwKLrkbaNE5UimpZfAx8POW7fdrh1eCU56RhZiQRVciT27MMoom-nVlewg-p_BvPMW8riOKk4vNJUPMWzDdfi-ZGYW5K7YnTAfdRWJ-6EbCXDmoB6mRz-BvZn74rnFcxpHbxXmF-41SFFiCTmRBJo4-84EjJrlvCejoxonv0B0qu-g9yE8y82zpr_k0H1pBqj6Ah70DhavUJPR09vHKCq_tiQgnIH8zPyUlc0b9jQLHx1a61N5yVh_piv_tz8TFOdxU-D42LtORAEiA8tWQrbjkHIsO0F-4YubK36aF1H2AWW59qW_N2AZSZRnfprD3n3-u-qwj2l_RNJ8seSoZT3O9ybpom6kPIFqFUX
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 24B4 13 KB
5 KB 20ms
19ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 847
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 19:57:02 GMT
expires: Wed, 14 Jun 2023 19:57:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1312 783 B
535 B 32ms
32ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

042ca8725425be3d759186aa81af20a070526a48a08e7f271f6f1ba7d3f9eba2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--Ij88A2TwMZ6VhdsqeclVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://fornoob.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce--Ij88A2TwMZ6VhdsqeclVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 14 Jun 2022 20:11:09 GMT
expires: Tue, 14 Jun 2022 20:11:09 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 3F81 0
745 B 35ms
34ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 6ff5c1e3-06ba-4b1a-b080-6489fc473edc
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame C354 0
745 B 72ms
72ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 202da1a0-934f-4b75-82f4-ef7b6fc2e01b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 7727 0
745 B 27ms
27ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 3b4f6368-9851-4b48-84ba-b9d57ac7e357
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6E0C 0
21 B 56ms
56ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBFcjW-uoYo_7LdaP3gPZzbuwDgAAAAA4AeAEAg&bg=!AgGlAUXNAAaJfvByqX47ACkAdvg8Wmj4U9G4-IqiFfWdlybXhqEy4gpS57WZSUX1noRRMFUNkXV7rwIAAAFeUgAAAAJoAQeZAwfQGI1NMKvCwOf4P5cbB2GVlXt3q5hHGjH-P960wTsz6-gIitIUzs3tTBc7zZjg4fhb3kj9SgwhsjceYCv8msi-qazwDlKAGtdaIq2GnkTbqkNHHbH9IrofOGWK5SU3_UVecvoavs8VSQ1UcRuF5mpGSvvuif6PFtDcuh-XFnArORMvVSNyJ4GgznmyVfKX9Pg_jLbnjESvyV-2Av6g7tIkybbfCUHAtt00Tkch96YSRwGrUZvHx4wxta3-ybKhEwKBf3PmVr3Jnf0ljDeeGUDgzn8GT1AWJ9FesykPU98nWcd7eRluB25PdKRaB4FCkL0QTtzuBw-nwv1CwFBJe3B39UBTKTnsTQft92ywPceDUCwaMXcdy_gM_8TwSZ_RtEB49bqg0DtowEk87rzFw4B2C0TgKlxQET1cCGYRwPuSbeFBJc8mi_fKjZPJvSvLogS87PxfnGAjhuzqtua0xa_g4uG0UjpU-0ywyBBe2dCzH3zDhjA8inlNpEhwNLxXMSt0G_MyF08rXBIQVOHJPx7A3hhZ8TPP2rJVpgZywMTqgXaNZXR5QrzCZaNDfd0Iisi7w4x3OhBgBMwivmsfFYUGivTD7N0YwikkbAZ0Xe0WIBatfjUJXvr4csu7Hva5_8IfW5TtmLbu_IzqeAEiF87m43qkVksasyEEAI05aKrgkFWnv3f-1JMH2ZX2lINXGchx-cwGgeAsyUlE0P9RQynbzXo1HpsXtj9ilAYEOijOP6-6sy4MJMh_TbLZVEIcTgMI7UsurwEZq0g5KIKIvAWeyleI2Dq7T_N5wZXoifW8qDfFlkhz0VUpBsIoJ3BmBQ1LAU1YVKvNBveroVZfUdsmlNXpMVvjSSzWC-_u3UvM8NBasG9ckr8Tlmds5wDydJx9uDQr-W8K77bR5I5jayG0kaj0eZiw9cL14iyQjm7odIhUCVKa-XXCf1mBO5lxF5_ihGm4JSntKJhvG6UwqCNk4KQp8fBPdACrgfAQ-diE7iTvKILKqSnFrRzFHYcAHJwypRYRvDkl

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1312 0
0 70ms
70ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022060801&jk=3994408074161760&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame FD70 0
745 B 28ms
28ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:09 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 0d3f8f40-cdc3-4c33-b72e-3205dad18142
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js Show response
pagead2.googlesyndication.com/bg/ Frame 24B4 35 KB
13 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4d97hOvYbNPTRads-oYzVyXo1KzAmhlYxcafsBn6tZM.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Mon, 13 Jun 2022 19:25:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 89158
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13740
x-xss-protection: 0
last-modified: Fri, 10 Jun 2022 10:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 13 Jun 2023 19:25:11 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2755 0
21 B 57ms
57ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BVpDyXOuoYtvtEsyLlQeeuprQDwAAAAA4AeAEAg&bg=!BgWlBUHNAAaJfvByqX47ACkAdvg8Wm3iJJ-ebD_iGRvvwhGcwVQXXMpeJHvGJj5ftVxYxl_wd7eUWwIAAAEIUgAAAAZoAQcKAFwqxVPp0XwplAcGJJiShWMkTVgWAo6V5d9PvzZVBx45OXZYQ2D1okevRI53r3QY5n3z9LG-pNdatTMxX-fFbGIFfuLbNTywru6ebt6RuS8AIgnUDX1_5-oyMqaX4ZkDGIzsOdF7np_FbYR0Q9sK5Q1DISNC4IjjAxvalWRz3f539QMFiV3jNEhFcq2EHAsiUOcsWmzU87mgGZsTJLL7MmxbEhtlPQ3zsCxqsRbmQIPI2NZJZTIJV01Od2C8R7UBVxuc0XPFySStMCzZ73QYJQ8zUYVQutYizXsKp7Xey3ws1wDGXefL81xp90LIbDx-j7uV7j-SDg5WmPIt5_yUCAok3KSuLDUkDB6gizx7Agls0Y9Hl-UXI5kpDU1_l-MJqCDKgeuNa4--ttFifFHOUW9Zt3z4z0cIUJMRT4xgNytrolG--WaFlLlq3JJRA8s8xjczRdPTSlYNAnUQJ02kBaIVYog1OOPmQ_KTOGUXKz8oV5ps47YCQNydclHKQqWMNMFGZRlVIv6jLKmuyejw2bSGCCBC8YlF_kPjHLD89m_P-2WaeRdZ1RXYBUcAIRNnm8Eik3El2LzQ_FkjOB3Yk7scuUxcv0M2XsEZN8IUBSZ2e8YwmI0Oft8_o3BG52eiturALlFGpcfGQHaMbS2ros0bm4jJ8pt7BzZrHu4t0MuO8SUhAvU52ahxN_WwW38rVkAl1S20CdTlZOvruHzPJVqdjP3rDW-oyjTIdiJQdc5BxbbCzVjq9FCZdRsVBtcsAAhdgvOoSPcYyrXmQ3NtdNscHmcfwnjXEsV15_kY5IVApmeQ49fmfq7vViFg2DDtG5KI-5TfGFZh009zNg98_Qtz1s43sgyPqBoe1bjTGHLEveBLlojhql2o4bdF6GQ0dyXchyxOsD-0wUvoFvirL4JwfEnozJY9jvNmFd86f99FykuSuUvLEgGlY2ulJj4KyBPQw1RBn1yHxcmcRowE7v9Q98bfweFa5mMlllukRGLA4ubAufkS7IW0mNUzuVhPnnE0njZqKs95Jnm9_8PeOLrQOBc6RtbUPDotatZ2Xmx9cxhWGLy_ADZlbLFHxMhLjmtUNSsR2QtY57TDxLgU1Zb7ipEq9hSl-MXNDTeMdcgKMETSGQpF9IFomBa0abD_M-i6L2xLxT9awHCHN0QoO7l4meSRUfo60Q

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 24B4 0
10 B 19ms
19ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?iNRK2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Tue, 14 Jun 2022 20:11:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame B941 0
745 B 52ms
52ms Script
text/html 37.252.173.27
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 14 Jun 2022 20:11:10 GMT
X-Proxy-Origin: 217.114.218.21; 217.114.218.21; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 2709f029-8e10-4e8f-8c40-3d53fd9b1b13
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 09CC 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuQsozYiT1WWBOTPXicTjX3d6D-96GN7iZtOCwcxg-IbtRyqegvifs-0loDN1e4fl7ddK5sCUg3mVKqvKhZ96KKceAkpSAeNH6jwBTDVk3CLKk&sai=AMfl-YQSzaFJPS3aizME1UoXnGu-DmlsYavdoC4D3qd5tLZ0avr6HgWHoAs1wkfwujRGRX4Vxb5mNc-iY9GDh1315CKYAxla9Ci2qSEBqLTess-zfRWrlos3J14Dp4o&sig=Cg0ArKJSzHfTSYgCmj_AEAE&cid=CAASJORo6SYfSwy-_WxXWuUxLAyjRmRqj0GNDdHGlInB_tIk-qEMGA&id=lidar2&mcvt=1016&p=4439,5,4533,733&mtos=0,1016,1016,1016,1016&tos=0,1016,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=0.96&if=1&vu=1&app=0&itpl=20&adk=364930455&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655237466060&rpt=2589&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 09CC 42 B
64 B 53ms
53ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstu6wy7FhzNpDbCbu_CBfOvhN1fwDR7IJvHCVv9hLGwRPNpSi4dp7cVMWWFM2uxyxEt69JEZA3JRhJpki5Qw7avyyp3T3lL&sig=Cg0ArKJSzMxaP6Yc_56lEAE&id=lidar2&mcvt=1018&p=0,0,90,728&mtos=1018,1018,1018,1018,1018&tos=1018,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=32&adk=1832254322&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655237466060&rpt=2592&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B9AF 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssEzYRmTq7zsNlDnjpHLeX07MWdJ5qi5RIbIa32P5u0Vf9aTv4INKaUHCEf62bOkUxIfC-olnji1raF8QBTc5DalBGz0_KcC33Ghlf-0vLSmydAsO-26ipW6IJw0P9PQCgIdFk&sai=AMfl-YSHcJgAQr8lhE8IPIJxYsf9_g6yZCqbE7JyiyCBT1IgNj_wLHZrMqR0i6CaM9I01ZP9QtfvHglyfP4dpiby3bF9lbL248CavmORc8zE5gbFAcXMbekDIJV5xaM&sig=Cg0ArKJSzKEPygvU74d-EAE&cid=CAASJORokT6t-Op56SFy5O1DOOgAQ49FhXtarhYqhWkEMAL5ljRO7g&id=lidar2&mcvt=1017&p=88,800,338,1770&mtos=1017,1017,1017,1017,1017&tos=1017,0,0,0,0&v=20220613&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1064823675&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1655237466045&rpt=3210&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 72ms
71ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022060801&jk=3994408074161760&bg=!OzilOHzNAAbASn8N4Eo7ACkAdvg8WuzQn4ibpKARUGQoSEjwTtbEz04gP9uwD6DOdn47R4rBydyr0QIAAADyUgAAAAhoAQeZApR8QSWHaEl-IvTj8tFDAfGMPt7Mi9yHL8tBEocxP6oYQ7O51lTkQI9_YpTzexdYKs6z9Wi6IiQNwzCGK_sK1zq7ZMpFS_lBZ4QrHMkGnTDpNWwHcalji3l_N6pyFBMv_SdSE_4Orry9CKgTNUqwI3fd_0_EnS5AvfqjoE7XWTNVtRS3-i7AgvgLzTwGzn_x2-K_d-sXt_I7FT1IO0FQ64lGES7JBmCsXgWurZhIvzAKhkzDBvlea2YUlnrYFi16WRTnOxQd2c89E2A2WngUkS58vxI6lRF-l8bnhyRO2LCJNQ3j0OwvUEZrtHgnlP1gsKjpVwmSBhYZ-4TQjRrNBN8I5FqRraZJymqJlE-LJC2sZUsEJlcMb5AuQG_OK_H58EGUMoMSPq1h75RmketphsCVqS_pvrX-6oxd8nNxk8xO29A-JD8uy1SjNiR2g62K8p5WPmRo5uduPnMkduSfn-q87qrAQmJqA99qCcKfOZVqSBpGMsOO6rF4bB3lWpShmbP1gcq24aM-P2znb9zyyLcoUKb7FE3MTzdRiQB46lxKedkVtsFb6PaiUXCuopoMuQJ_X4H_FTlS1IP7bKn6IljU7llwfmDkNHJkaO_QFt1hBY-mSHj_dVuQw7h1xRFHyHRCl2_iTpbIajyzjxDsotH_cXp6CY3qQx0ywz7YTkMp2vUTTupOxHl5qzHhRWeIWAK4zGlY20-Y8kss4V2glLDV0iCZfz4QWnHtxAyXVP7xGFQULV6a5Qt7ijdFJnb8R6-KWYfgF6N-EjoehbOF363KZ7pBhzPTwGYSxd9jdxBOqmVcYK4MSR_fF7wbpbJ06H_VFgPj9iIfINt346lSwfA9aGTmj6Z6FsybuOc-Smalm4v-7jo
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://fornoob.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

GET
H3 200 Tuitype-Bold.woff
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 32 KB
32 KB 21ms
20ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/Tuitype-Bold.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:27 GMT
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33164
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:27 GMT

GET
H3 200 Tuitype-Regular.woff
s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/ Frame 5D4A 32 KB
32 KB 22ms
22ms Font
font/woff 2a00:1450:4001:80f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/Tuitype-Regular.woff

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/fonts.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/4014412222028578816/300x600-Live_Happy/fonts.css
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date: Wed, 08 Jun 2022 17:32:27 GMT
x-content-type-options: nosniff
age: 527924
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32792
x-xss-protection: 0
last-modified: Tue, 10 May 2022 13:01:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 08 Jun 2023 17:32:27 GMT

GET
H2 200 dc_oe=ChMIv_61ieCt-AIVDOu7CB0ACg11EAAYACC2ysVKQhMI4MOWieCt-AIVB6Z3Ch1MswCP;met=1;&timestamp=1655237477325;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A2B1 42 B
494 B 125ms
56ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIv_61ieCt-AIVDOu7CB0ACg11EAAYACC2ysVKQhMI4MOWieCt-AIVB6Z3Ch1MswCP;met=1;&timestamp=1655237477325;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIjv-9ieCt-AIV3Oa7CB01qgG6EAAYACC2ysVKQhMI0fSaieCt-AIVUivgCh1Oag9q;met=1;&timestamp=1655237477442;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame C7AD 42 B
107 B 55ms
55ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIjv-9ieCt-AIV3Oa7CB01qgG6EAAYACC2ysVKQhMI0fSaieCt-AIVUivgCh1Oag9q;met=1;&timestamp=1655237477442;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMIzZfAieCt-AIV3ULlCh0Ojwi_EAAYACCyuYFSQhMI5-iQieCt-AIVilXgCh15lgK6;met=1;&timestamp=1655237477771;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame 63D4 42 B
63 B 99ms
58ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIzZfAieCt-AIV3ULlCh0Ojwi_EAAYACCyuYFSQhMI5-iQieCt-AIVilXgCh15lgK6;met=1;&timestamp=1655237477771;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI7f3CieCt-AIVfeq7CB3h3g6tEAAYACD769hMQhMIl9iLieCt-AIVme67CB1_QgKN;met=1;&timestamp=1655237477825;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame A70C 42 B
63 B 55ms
54ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI7f3CieCt-AIVfeq7CB3h3g6tEAAYACD769hMQhMIl9iLieCt-AIVme67CB1_QgKN;met=1;&timestamp=1655237477825;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:17 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 dc_oe=ChMI24vFiuCt-AIVzEXlCh0enQb6EAAYACDFysVKQhMI95CfieCt-AIVLeO7CB036Q4R;met=1;&timestamp=1655237479448;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame B9AF 42 B
63 B 55ms
54ms Image
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMI24vFiuCt-AIVzEXlCh0enQb6EAAYACDFysVKQhMI95CfieCt-AIVLeO7CB036Q4R;met=1;&timestamp=1655237479448;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 14 Jun 2022 20:11:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

59 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
fornoob.com/	1970-01-20 04:30:29	Name: _pbjs_userid_consent_data Value: 3524755945110770
.adnxs.com/	1970-01-20 05:56:53	Name: uuid2 Value: 6076829586760793304
.adnxs.com/	1970-01-20 05:56:53	Name: icu Value: ChgIlMV7EAoYBCAEKAQw2NajlQY4BEAESAQQ2NajlQYYAw..
prebid.a-mo.net/	1970-01-20 12:32:53	Name: __amc Value: 5_1655237464_1655237464
.fornoob.com/	1970-01-20 13:08:53	Name: cto_bidid Value: nRuCxF9YM2dweHVtR0IlMkZNMU53UEFYT1dPT1h4c05kRkRRQlpEQk1qSTFXOFN4aWYlMkJTMVNwaDJ1VUdHeXJvViUyQmxaeHNrdUFCcEphY1B2MHFJU3Y4RjY0ZW9WQSUzRCUzRA
.fornoob.com/	1970-01-20 21:18:29	Name: _ga Value: GA1.2.1485027515.1655237466
.fornoob.com/	1970-01-20 03:48:43	Name: _gid Value: GA1.2.838278976.1655237466
.fornoob.com/	1970-01-20 03:47:17	Name: _gat_onn_tracker Value: 1
.fornoob.com/	1970-01-20 13:08:53	Name: __gads Value: ID=0a62d78c1e5f7735:T=1655237463:S=ALNI_MbM3Y15re5AcKvzwsez2bF8uyZkCA
.doubleclick.net/	1970-01-20 13:08:53	Name: IDE Value: AHWqTUmRSEDmM6q5Y01eaNniJAe3h86ABdb65Idklpwv3pTnAqmMr_1TBxea9qXgdkA
.casalemedia.com/	1970-01-20 05:56:53	Name: CMPS Value: 5193
.adnxs.com/	1970-01-20 05:56:53	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GTwrMA4A!]tbPl1M>e)ZlrFUfJ+tGXxoi[d_5tK#yBp=8`V/@LvO#PV836NaaG)Qq6oT3If)y3KL9D3I?+?TsrD#
.casalemedia.com/	1970-01-20 12:32:53	Name: CMID Value: YqjrWuBsPP2TJxA5v.X9oQAA
.casalemedia.com/	1970-01-20 05:56:53	Name: CMPRO Value: 1110
.casalemedia.com/	1970-01-20 12:32:53	Name: CMRUM3 Value: 2d62a8eb5a2760
.casalemedia.com/	1970-01-20 03:48:43	Name: CMST Value: YqjrWmKo61oA
.yahoo.com/	1970-01-20 12:33:15	Name: A3 Value: d=AQABBFrrqGICEOzAlscWxR9rFiI00FhWvOcFEgEBAQE8qmKyYgAAAAAA_eMAAA&S=AQAAAtcZekmjSwgkmjVBnep2pjk
.advertising.com/	1970-01-20 12:34:19	Name: APID Value: UP1f8de6cf-ec1e-11ec-b971-06e89a0c5cb4
.spotxchange.com/	1970-01-20 12:32:57	Name: audience Value: 1fa14683-ec1e-11ec-a474-132476d60406
ads.stickyadstv.com/	1970-01-20 04:30:29	Name: UID Value: 8d9d4a176cc826df97c58f25a7567af
ads.stickyadstv.com/	1970-01-20 05:13:41	Name: uid-bp-159 Value: CAESEKvURjG1YeBRzO3F7AWvtq8
ads.stickyadstv.com/	1969-12-31 23:59:59	Name: sessionId Value: 9fc99529ae6985f97cbfe2ec4725142
.adfarm1.adition.com/	1970-01-20 05:56:53	Name: UserID1 Value: 7109190783614580890
.lijit.com/	1970-01-20 12:32:53	Name: ljt_reader Value: Ez6bpGZHZ9_Zk85JRLGhv1Mw
.adsby.bidtheatre.com/	1970-01-20 03:57:22	Name: __kuid Value: e19af94f-6321-42ab-b14f-3acdc1956e56.424451466
.simpli.fi/	1970-01-20 12:34:19	Name: suid Value: E4FD088B119F4C689B729D2B4229549D
.turn.com/	1970-01-20 08:06:29	Name: uid Value: 3046813576584382896
.w55c.net/	1970-01-20 13:16:05	Name: wfivefivec Value: hpdfXRLg1O1cSu5
.sniperlog.ru/	1970-01-20 16:44:53	Name: guid Value: 54C517CA2595F693
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dTaMyEn28TFyT_TKiQyK8vM1CfQPTwYAdwWYcB4AAAA
.rfihub.com/	1970-01-20 13:08:53	Name: rud Value: H4sIAAAAAAAAAOMSNrIwsjSwMDc3NTM2s7QwtLQ0MhTiM9R10k2yTLEMdPPMdM4BAKwNIzYlAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrIwsjSwMDc3NTM2s7QwtLQ0MhTiM9R10k2yTLEMdPPMdM4BAKwNIzYlAAAA
.rfihub.com/	1970-01-20 13:08:53	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dTaMyEn28TFyT_TKiQyK8vM1CfQPTw7iNTQzNTUyNjcxM7M0N37FiMoHAOXMjnk9AAAA
.w55c.net/	1970-01-20 04:30:29	Name: matchgoogle Value: 5
.3lift.com/	1970-01-20 05:56:53	Name: tluid Value: 1649827898604055165328
.ctnsnet.com/	1970-01-20 12:32:53	Name: gid_CAESEIGxKlIwpESKQDx_Jj3A0DQ Value: 1
.ads.avads.net/	1970-01-20 04:07:27	Name: av-tp-gadx Value: 1
.ads.avads.net/	1970-01-20 13:27:36	Name: av-mid Value: cbb0b6fd-c382-47ad-bc5a-f3e150647f2f
.rutarget.ru/	1970-01-20 08:06:29	Name: userId Value: CPdF0V1pEVLW
.everesttech.net/	1970-01-20 12:32:53	Name: everest_g_v2 Value: g_surferid~YqjrWwAI8_xsgQA2
.adhigh.net/	1970-01-20 12:32:53	Name: gi_u Value: u0ODzaPQTHYK.AikABlGBY9dcZA
.mts.ru/	1970-01-20 12:19:55	Name: dspid Value: fa1f5779-5985-4dda-9ac0-09d819f68307
sync.srv.stackadapt.com/	1970-01-20 12:32:53	Name: sa-user-id Value: s%3A0-d44a705a-f8e8-480b-6eec-3bf8041592db.LkmKJOMaz0wLYRn9myzjJlhD3dlfO%2BKXYr3lcz26IEg
.srv.stackadapt.com/	1970-01-20 12:32:53	Name: sa-user-id-v2 Value: s%3A1EpwWvjoSAtu7Dv4BBWS29ly2hU.RgvctHWDG4v8EqNnDfZqiqWiKmGbS%2F9UgjsLF%2BJjSWU
.zemanta.com/	1970-01-20 12:32:53	Name: zuid Value: E8o_MWHkJ6cwAPHPdd-U
.ads.linkedin.com/	1969-12-31 23:59:59	Name: lang Value: v=2&lang=en-us
.linkedin.com/	1970-01-20 21:19:11	Name: bcookie Value: "v=2&74186324-54e2-4c5a-8af2-bfecf1c8f5fd"
.linkedin.com/	1970-01-20 21:11:32	Name: li_gc Value: MTswOzE2NTUyMzc0Njc7MjswMjEI/uLu5KhZFHJRz00jotfaJc/exnbNCU+1svP0KP5M+Q==
.linkedin.com/	1970-01-20 03:48:43	Name: lidc Value: "b=OGST04:s=O:r=O:a=O:p=O:g=2645:u=1:x=1:i=1655237467:t=1655323867:v=2:sig=AQGDglLLcO8AcWBnuk-U10MT8eoPoLDK"
.mathtag.com/	1970-01-20 04:30:29	Name: mt_mop Value: 4:1655237467
.c.appier.net/	1970-01-20 12:32:53	Name: _auid Value: _Qju5b5tDx6G5qnBW-uoYg
.c.appier.net/	1970-01-20 04:30:29	Name: _gu Value: CAESELswxJq1uoJV9kRFOn5WgpY
.mathtag.com/	1970-01-20 13:13:12	Name: uuid Value: 0c1662a8-eb5b-4600-9b09-7702c862c9d9
.mts.ru/	1970-01-23 18:11:17	Name: mts_id Value: 1242e948-e1bf-4033-8a54-76c5c78f04f6
.mts.ru/	1970-01-23 18:11:17	Name: mts_id_last_sync Value: 1655237467
.analytics.yahoo.com/	1970-01-20 12:32:53	Name: IDSYNC Value: "18yl~25gk:18yx~25gk"
.ctnsnet.com/	1970-01-20 12:32:53	Name: cid Value: 99f270eed61c4231993f802d10bcfb9d
.criteo.com/	1970-01-20 13:08:53	Name: uid Value: 00e1924a-0cb4-46d0-98b8-be1075a194a5
.fornoob.com/	1970-01-20 13:08:53	Name: cto_bundle Value: hiOt4V9XJTJCVU91VHpDYVFvJTJGblpEeWFGMTM4RldicURnSVFGWjVSMllMUVhTMGhwWVhBJTJGbHF2eFYyQlJhek81UkZ6Q1JhRE5ycXl2Z2l0cHRSMUhjWmxISW9scGtYc29xOWNoT05wQmFVV2V0dG15YkFHUnZSTmFRZTZBRHRiODhJdVZEWE9ka1ZTa3RLa3lRVjUyTDQlMkJxZVJGZyUzRCUzRA

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/(Line 90) Message: <link rel=preload> has an invalid `href` value
javascript	warning	URL: https://fornoob.com/wp-content/cache/min/1/96c835028b99d50b722edfd686fe921f.js Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://fornoob.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686(Line 690) Message: Unrecognized feature: 'xr'.
other	warning	URL: https://video.onnetwork.tv/embed.php?mid=NTAxMDYzLDE2eDksMCw1MCwyMTI0LDkxODIsMSwwLDEsNTAsMCwwLDIsMCwxLDgsMCwwLDAsMCwwLDAsMCwwLDAsMCwwLDIwOy0xOy0xOzEwMCwwLDAsMCwwLDAsOzA7MDswOzA7MDswLDA=&iid=1655237463538&cId=pid1655237463538&widget=686(Line 690) Message: Allow attribute will take precedence over 'allowfullscreen'.
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://prebid-stag.setupad.net/setuid?bidder=adnxs&gdpr=1&gdpr_consent=&uid=6076829586760793304 Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://pixel.advertising.com/ups/55946/sync?_origin=1&redir=true&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://pixel.advertising.com/ups/55946/sync?uid=CAESEGAFYCtxVFHUTa7L_rzhHpQ&_origin=1&google_cver=1&verify=true Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://www.googletagservices.com/dcm/impl_v89.js(Line 88) Message: Unrecognized feature: 'attribution-reporting'.
network	error	URL: https://b1sync.zemanta.com/usersync/?google_gid=CAESEKVC6rPu6wNSBeKiHDEkeJU&google_cver=1&google_push=ARnp8GBnT1X358SL5h45fHmRcG_STI4FgAtu8AiAFiJc9nJrAahv2MYXpn7px41nPnpvCCiMSppAhZexd_Qmm4AZbVaNVXLUHEwm6fw Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://b1sync.zemanta.com/usersync/?google_gid=CAESEEyo2tUTe2OkkX8mYw1ohEU&google_cver=1&google_push=ARnp8GByykpZWXxnI6_PE61ll8gL4qW7mgV_DUWBKEaK_3mJdavk5Vj4G_DW7exAVlafuAn2bbTWfsb-CwPdG8Cyw7H_wmlV7B8-CQ4 Message: Failed to load resource: the server responded with a status of 404 (Not Found)
javascript	warning	URL: https://fornoob.com/what-does-win32-cabinet-self-extractor-mean/ Message: The resource https://fornoob.com/wp-content/themes/flatsome/assets/css/icons/fl-icons.woff2 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0cbf30747c1315cd999463824a55f988.safeframe.googlesyndication.com
22cb95d11ae2a4291c8e2fc6e3adf293.safeframe.googlesyndication.com
2e7b4329a89b3b1573f247433253b3d4.safeframe.googlesyndication.com
5d34a3fd816eda8e355e13635809f3b7.safeframe.googlesyndication.com
8dffaa2e3a8c1b5ce572c66ea3546340.safeframe.googlesyndication.com
a.c.appier.net
a.rfihub.com
a553b8fb6868614d8ae9fdd0aa59404c.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ad.turn.com
ade.googlesyndication.com
ads.avads.net
ads.stickyadstv.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
b1sync.zemanta.com
bf269568bbb82ff34494fe4d5e2c33d1.safeframe.googlesyndication.com
bid.g.doubleclick.net
bidder.criteo.com
biddr.brealtime.com
btlr.sharethrough.com
c.amazon-adsystem.com
cc.adingo.jp
cdn.doubleverify.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onnetwork.tv
cdnf.onnetwork.tv
cdnjs.cloudflare.com
cdnt.onnetwork.tv
cm.adform.net
cm.g.doubleclick.net
cs.chocolateplatform.com
cs.emxdgt.com
csi.gstatic.com
dclk-match.dotomi.com
dsp.adfarm1.adition.com
dsp.adkernel.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
ee4ae3fc587274d698ac253b244861ac.safeframe.googlesyndication.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
eus.rubiconproject.com
f36709b90a99988b8010b9ce1110fc06.safeframe.googlesyndication.com
f9a710bd415c7c78ccb46ba342cf1803.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
fornoob.com
fw.adsafeprotected.com
gcdn.2mdn.net
gcm.ctnsnet.com
google-sync.rutarget.ru
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
gum.criteo.com
hb.emxdgt.com
ib.adnxs.com
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
match.adsby.bidtheatre.com
mp.4dex.io
mug.criteo.com
node.setupad.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid-stag.setupad.net
prebid.a-mo.net
prg.smartadserver.com
pubads.g.doubleclick.net
px.adhigh.net
px.ads.linkedin.com
r.turn.com
r5---sn-4g5e6nz7.c.2mdn.net
rtb.openx.net
rtb0.doubleverify.com
rtb2-useast.e-volution.ai
rtbc-eu3.doubleverify.com
s.ad.smaato.net
s0.2mdn.net
s2.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sm.rtb.mts.ru
ssbsync.smartadserver.com
static.adsafeprotected.com
static.criteo.net
stpd.cloud
sync-tm.everesttech.net
sync.go.sonobi.com
sync.mathtag.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.teads.tv
sync3.sniperlog.ru
tech.rtb.mts.ru
tg.socdm.com
token.rubiconproject.com
tpc.googlesyndication.com
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
video.onnetwork.tv
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
103.229.205.243
104.17.119.107
104.92.106.130
104.92.74.8
13.248.245.213
139.162.78.222
141.95.98.66
142.250.102.157
142.250.181.226
142.250.184.194
142.250.185.194
142.250.185.70
142.250.74.194
143.204.93.3
147.75.85.234
151.101.194.49
151.101.65.108
159.203.145.121
159.65.196.12
159.89.25.223
169.50.137.184
174.137.133.49
178.162.133.149
178.250.0.165
178.250.2.146
18.156.0.31
18.195.155.181
185.86.139.101
185.86.139.96
185.94.180.125
193.0.160.129
193.232.148.142
198.47.127.19
2001:4860:4802:32::3
2001:678:cb4:bbbb::11
202.241.208.56
213.87.44.187
217.182.102.207
217.66.147.168
23.206.210.112
23.35.229.117
23.35.236.247
2600:1f18:1aca:4281:cef9:c2dd:c2d7:4055
2600:9000:2156:ba00:1b:5138:8a40:93a1
2600:9000:223f:a400:8:48e:53c0:93a1
2606:4700:20::681a:9b2
2606:4700:20::ac43:4913
2606:4700:20::ac43:4bf1
2606:4700::6810:5614
2606:4700::6811:190e
2606:4700::6812:1f31
2606:4700::6812:372
2620:1ec:21::14
2a00:1450:4001:65::a
2a00:1450:4001:800::2003
2a00:1450:4001:801::2002
2a00:1450:4001:801::200a
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80f::2006
2a00:1450:4001:810::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82b::2001
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200e
2a00:1450:4001:830::200e
2a00:1450:400e:801::200e
2a00:1450:400e:810::200e
2a02:2638:1::3
2a02:2638::1c
2a02:26f0:b600:1af::4469
2a02:fa8:8806:12::1370
2a05:d018:d29:3605:381e:fa43:f4d:caac
3.122.214.173
31.172.81.160
34.149.12.213
34.249.219.119
35.186.193.173
35.186.253.211
35.205.207.25
35.244.159.8
37.157.3.29
37.252.173.27
37.59.253.100
46.105.202.126
46.243.142.239
51.75.86.98
52.212.248.230
52.29.123.29
52.54.46.88
52.58.67.200
54.64.206.14
54.93.76.211
64.74.236.63
66.155.71.150
69.173.144.139
69.173.144.165
72.251.249.14
85.114.159.118
0311960e7f37890f21099da23a0e8d21c5090495e4a28f1037aebee2a555f7f4
03432474ec9f60ee729e17904a239e0b37cd07468e2c9809e5cc2a166e1a8e9d
034ae21739010d774ace7bbcaaf86ab1bf8c1f7af87eddb952a15345d4115154
0413c66952464f1ecd016f7bcaab521634a380fc3f9b1b907caa11cb70c2ebc5
042ca8725425be3d759186aa81af20a070526a48a08e7f271f6f1ba7d3f9eba2
069b1d320215b1b841cdd04ec7cd4d8e7406bfa804b03231244ca95877ea0dba
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07270d4ff39d60b36f95020cff9f1dd72fbff625f52567485643986f7fef573e
0836d2070d6754e9355c30c8b2c34174428c5e78e25b6668aba9d10fb7cd6d78
0a54f1024d39902bdd38bbff1c73f476a3baea6e300213718f762ce11f60b6eb
0a8db7e07d26aa6fb74036bdea35df842b08cefcae695f6e04c754d32649a33a
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0df02cfc28c5992e795f3e57c43b47e787ecf11ddf9692e42d6912ad24fd7cdc
0ea1f36a98af52dfc2a2f68ecfde3365756637b31504e401bf363482204aa190
0f57944981a8255e4ecf21b8c9458226193ef4b7d2e9760d1854221110fc8a4f
0f9014cb06b2893241d8f4fbe84c4b90160f01efbee94ce2030b7b4c960ffba4
11d02526cbaad695117721d111752936444366ac35fec7d36bf8d5fb2aab3094
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1287b4c6427119cabf899a5ea898f81e831a2742614813a3302f671690b399c2
143b6b255e7c307b868a92159b16ac97fa813c35b3f2d376b88248a9e0543936
146f9af5cd05799c57b6870d468aeaf3cf9150ac47532a17cbd9e1388b61f926
14ed99d53032c5f418a1443425505097ea5140a542287efbaa364c7b2a5f8f1b
180f72b1a462888e9c99697f73b7b547588d82d1d06ed4e06ad1d517a3d6ed90
1929f20d244b5cfc9eac98d0c6eeea590cb2327cd1876dac627291dcaec56d03
19881860bf49c85469b509eb927872d0dc05525a572c098d8fbee7860f1f64fa
1a113034bdbdeaa7add41b1d85d4ebb360ceab32740506bef533dd883ed1888c
1aada9922d43e2107b82a139dff7179ed9dddb86da040ec3e5e98e0f57e420d3
1b57fd4a4cfc81a53c1ac32bf3ad6ab413e7d4cceaa82cc58f775e7ea62213bb
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
21543c740d93eb090620e7a78b258b8cb3679c94957296f52e65bd19be2bfc85
218ab838cafc378156fdfef62ec7c8b1518b3a6a4953b42095a636afac3cef37
21dba61f0b5581ec4827be27460855fbb358a88ae28b85896aa301d6065d72b7
22ddd2ccc4a9f8a0b4980fe9568d9096b780e854c4b61c465a92cfed23803cda
233bc983d773cb9a38ca251753bd43f9a2288279fab44598b49c433b32f6d285
248c5c260b8061ece6b0d78fb45760c32e728018cd13b8e44557f9de44d3ebb0
25b52206ece095b3182673281f7b1bfc49154e59ac23bc8f8a7387514173f91c
265cd7cb57dc442fd945a344bee6305399c5ca297f7b7b438bf18eb7fd9fd93c
2744bd6f51028d1b34d6822f8002194981f1222f4542b6e7c712b26b96dc42c0
282d434381220cc38e21f556bd09359943732a38dccbea6d232cc3ae573dcb87
28b8379f5b0aba159f6156c73e6047d805269d618535d31705d0b003bf0bf513
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
2931d83a76bc561aed5cbed680d72c224028debd04a0bc58dbe87af8529e886d
2950d2d246ac11521f2077da927760806c4bf54d5bf3ba7019bfa6509e7bdd3f
2b308579bbf82676930e259fb53750a3c63d29035be5627c04f338a0a6675c49
2d4b2e31056b0ec81498f445e4be96795b909cc37830c76632ceb29281c3ed74
2e25e7126c4a804c5a841032a3c97ea2da2ca3e5bd63ac4b17cb93a3022d418f
2eefd0639df393ca14a8bc78ec8183d7c94fbb46dceebc695f2472395928dd17
2f1b0798a09e42873a9e18c87e1ee2c571b900f44bfa99f53501f9307989b2b6
2f2f425bedf2373ec9389e630ace5b186eb8f434e6db171c71855660472fdb12
3053474f92ad8e6303c18971ddc7cedf65d2d476b7596db714a02e145ab2d676
3076512682b57ce089c1782f436affd059cd4f116fba2460da5fd3fe03d1eeac
31d9cfb913e7524c1b98191f76f2e322eaf20c34a87a64b0d3ed2fa36f22524e
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33a226c90433689506d7c0fc340ff3d0ac6e87aeb19159b59151e220d733ca37
33e364012a7b1d72169cfaa7f2b3cda202b016e6e926577739b8bd9b3b61680c
34be7d769acefeed98cef4b73cf3a8f7901cb7d228c79080708fd5215a80747a
35161087449f5392585e55fb5a372467498e9f79389298a40f037be9e9b3b63e
36bd834a4b08c83d7144c0e2aa8cc107943883b85163dd2f0d5866d7bd39669c
3806e509981b6ccdb0e21c5bab692b6ef033d2084990eaff3c44dbd6ead3e552
38354e6a0119fe113356e1506a115ca148a6b9ea22cf88136baa9167d6fde794
3908470a1f6dc68cac03dd8e2c37387ecdee65517d9e179b8685d0f69d12864f
3a3bf749d9fa60a74599a08576b9312c7c3f505d7d899393b3a18a49b8512f9c
3a799d23d36de5b0ca951ffc72d7aa3d5c9a992ad9518856904cfb7519a568bb
3cee9422f15936bb88a311a8bf2423833a6a80dff9da0e603529a9e21a3a7a8f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3fc38a8032fc0feb00443801e4bee1199abeceed567ab9e81812e0a9d7194714
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
400b356ca22f3e2283d3822a337d97c84c6c03c6ce51d79dae917a50d04f982d
41be2b2a8fe96c86a281c453663efc57470202599968638f48100c2cefdc9d62
4276b7dd1652906361646152b34750c26661aee8881fc678c85aac7fedc1dbb0
431d06070783a97a08243629338bb933db505f90dfcedd9db932f4f5dbec2284
44e04e4776c58b34580006ef8e8a1e1ae336f3e9c429ae242fe9a8f090889b79
4601f041c77f81e02552a91b75ca64266c63e50ccd42962d73093fffaaea8b41
460ff0b1da5bacd95df6905ad1c8df05bdda30aa4189e2fef38b53b6318e42ff
46cf222985b833981995deb788077064ad3e6ad13afbd384be8417a6e7a3ccdd
46d1791d45e9e6840842ef90f192c2c6f1f4247baa7c1f32f2da75d3a05c0de2
4701dc5781a4f2bcdddd33cfe6b025b2e532b562faae5f3756973975556b4a38
47631a93014060d8640dcf78b9286cbbbf2408038bd4d1a97c51d356aba9d00a
476e4379a0ef1b75a78f9d8df86027b89ace5ec01d16bc3e15f7d851b362529d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48ca4c570f2d58d8ff837e1c8f7d73e418a485ae23b2c9322f2f351d71d93aa7
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4934174cd39db1f62680ac12ae44ad9aa040bd445d831ae65f79779b7f2e6e8f
4b0323f97097c4561e62bfba2e4eed39cd68a548c3c0f342f213c53bea479679
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4d5862b3daeff2a0c52d69267a1eae566463c68bea47a8071dd9655c4c7c1192
4df4f831ed5cdb639c42779819720daea3b9850e12cafe851ea4b242ccaa166e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5028004983a5d8f23c23f882ec634e2406c328d94b7931d272e63154f47037a6
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5122f811afe48aab11e5863f1fe95e5bd14d918c69fcb94c0e824d47e155e271
52345a5218b66dddc973e775bf3aa17ec16099469f01ae23ad2fe668ba4428f9
52c7bb550ac34a5c39fde8043f5d1d1fb8a06d9204d523a3224588c42e7a4176
5554d984db74508e641c61a11f56a876354f04fb600abd500c73c87f22dd5318
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ba12b47b52c21d5d80f68e449c36ac92dc565796679a44cf84c6a274f592b8
568e2dffd430cd9eff7f8e370295ce039fd5867d274d1cf3a8f7538c605bb61e
5822ff661d2b5f16e4efad01dcff2ac5eb31deeb2cb4dbae4ff9095bb68d1c29
582c2586c49819d9dfe5cb88653679a40bf930ca86f1dc01a4afd821a9eab97e
585aabd899edffe4cffa8c055e5b0ce9394022a443ddce7aaa29eb84a3d8a198
592a588b519b72fbab39bfde9bf9b12fc6a59a380a221578d87c9492e7b16f12
5a0273a4fff7d84e274862157b609ce0f1748a6c0c5a20fb89f90820e17f7292
5a548b6eda1b3f677fa06a48f7f9072af550bfbdc1d1027d5f665298319fe6c6
5bbcbc3e59924206530df9d2b2f180e9063d2c91a66e6036fc62761f462bc790
5c38eb89834279bd1bb42d2478ef7297a7a7cea0b8ca6ec8952f29e5c3cf51bb
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5d329044fcbe20459b0dccc6cdd27fe31046f89b5ce8897e555878ea3889285b
5d6b864869c19ea1f500174a8dc3f327fd5fdc7e8f92f569788a6744341e4f27
5d7c976aba9aee65aa3a55d7ada3cccb6872557c42a810cdde2b8673bd747977
5f853d75b876e0d9df285486500daeb5a35f838b6b04be4c3a7063e3ebb836ce
6036ab12ff0bcad2531aee6dab758082a9d15265c5105f12b55d3065931bfdec
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
656cc0630c712d8529b289a899d657ed64427e73b4d8d35cb535d32e0188c077
65d1bd38d3d8b053b64f6f8df39ea5edd5c1e673d19700bf5e7843d6537b1a8f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
667dcdbe6deb01cfe2efc6f8560f53adf1b4b7e5180f04650358f7807fa7c12b
66e7fea44f72271e4712d515ad2b03f60ceb13c59d586950775b379c29fbd8ad
674629bc63f0f47b5e119d1b57d792d6120af0fe7e8589a9c89aa1b7c1cff8e5
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
68b5549d16e6187b914af65ece77610b3ffb47d61339183b7a082affdf4a5317
6aed3a238eccdba51ccad99da44ae89e563a5e561cff593bdaa35982b8cc16f5
6b26c9e246c52dc75024069661bc73482df6cca583141eb3633a6b57aecf7fa1
6e68531cfa332cf10eaf34dc082f812c041c767c38dd7da38b541f4c7e83e26c
6ff8f674709a0523dec281d5c9f3310358c06d1bf330a8217702fc60bd22fbca
70fe7cbc3b1e26442bff822cbc36420c0a9e634bdac2eab31d8535659310a152
72ac9945714b5daef7842be8a7245a5dab9a30392a342935f0c4d81643635206
73f10318e0e003f649379675211850f06dbde6fa8907ecc938dab9e651ed4f4d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
79a4dcccb7123bdad0763c6dfff95db363b3d1b6c3b5958756a4b0a04e1805da
7ade0d63de839a8d599ec7c7b550dbd83589a2cf1a02126080953b046e24467c
7d0e1fa5cd1fdae253f1b77c35a1dc4daa6b9ab0652cebce8c16ed49848ebb6f
7d4994d845cd36b42d82fd29074e901745dae8a4560e44b98ba87681a08a52d8
7e2b58f4337911bf179c475eac5f767b747c2a40a1fea7bf814d746357135cc7
7f4f124964ba6a4b42cff73edba0a67a5150e42b369145395b0484206ba01cc5
7fc2e01e875a4c8523e07ead8807d7cb72d785eed655789df5f368b55debcfdf
81e143d4d375eefeef1a8c13de6623c02ce1f58c58b802a762392a38c4cdddc0
829faafbb39055b06c83f4b6b208d52dc50e0119499f827d573888f5846d3a15
84c8c73872a6400ed7405cbdf56d937a64d1451bc855b22a69aced165547701f
868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
880168392143215f08060fa0b955fb150e7db46baf8915c059861402ca8e457c
89f3af167e42aec60b13d62c29cb3824dec64077af943cfb69fc53b2daeb1a85
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8e36050b3d955a749259f62d6472e17d21f1f92e8248aa28089549f22baaa4a6
8f9ae36718b97bba12de9b278c77fd12b4a9db99391ffa57bafd2f31b45cb016
901d17d42540b1e280068ab9019bb0b5fa4ea31a2711a9a4ce89756d78a5f55a
90c9017a8a6447588520f38cd94ba14cdb9839c92626aa06bb8a4a1052c2ab7e
90ffe9c3c7fc061d72993059a62d15675b509f98a1da6dd20794d067bf482b81
915c38fa86c19ca2aa57dfbea45266fe1443272aa597e397ee858fa8a2f8ae8d
916f91458a3f95eaec269b30fd277d4bd5ccfe319f1999493c9f392c374019e8
920230cba1a6e09330a6cc76c634c78e547fcf67b7a9cc03213dde43ceea0baa
92245b71c3514c75e468315016a811a400a9ba3a5232a50ec17c87eb0488ce08
93130fd9f51a7f30f95b7da69a5dea71938e408fc806a3606bb3ca19d81a7719
9378219c4a2aa5e196c1123768dcd2ff0082c6fddf1794b94d92baffe4d3bc3d
939919488f3ad816cb78b5d032ae673c1c02c88b238cfdb6e1328cd5d04d7947
9425597740686f23e0f3327713fe8efc78362dd6dc20ba88eb125177d71e77d2
94ae8e248d081ccb4096fb784379fac2dc61da4bba62eee5d920b5c89a142215
95c86c0247d7f48406af716b340b9822c6dfaa8eeb320f2ad2297a1f8cee0604
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
981aa1188d4ff0c8370b2ed7c99e45c5caab354303cf0196770c12315b837e97
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
98838b900c5ec363b2e3118cb2a86dd88d0752c409e153ed98f2a4392ec7bdce
989a8a378f3931a3e6460cddb10546a0620653e68ae8c17ac3ac12d40606f801
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9c7e76ee07bade3cb9e08b7b403376125027809613c351e84d546fc60d0b7e3c
9d51c6bbb549efe56f1c77914c7dd0b49f4ad7e23a5d68d6d0f43be67c788e9c
9ddc14d2bf861fce028506087fa64c31045712254bb719941fd4c84921b9f7ec
9f1e85b652a4d6b4b42132934a25260a8146162c28262bfd2a5bbf7447638874
9f89b224cc40bc2b75f400bf2b21049fe5bb0f0053853976b1a7f22d652cb836
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0c6ea1aba989ae9348726d603dd0fc2420ce7029872dc437c6100a0e3737b16
a11168cac878a91196690a53577328d4c0fc4696af82ec994c5073f443433602
a1467c6ed682df808cf830c429ebaec42c32c2033369aa48446fb9e7f592769d
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1e3858ebf6d99958530b056301eee6aecaa2f0d733dd14c3f5484acafc3f35d
a2329e37b1432b95003bffaf3928a19b7c6ca5fc62806f582ce7f91502dc4d90
a3af17298b972ad28243be32d403416961521f49e7609b5404b25363b4e81458
a4173c56c14dcb29524c9b72a851c3d939a69d979ea07f6a1cad622f580983cf
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4425024bbe1de347df32a7b0a09a50b3c5f1ed0ea1ae0112d676890a852c219
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a607b3c3e0d09d7f339e0035f16f99bf93637dee0eb27b2b9c447701fefa2ace
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8b140064d6ddb3746fda2cd6719d1403e0a48ab74c565c3fdc44efecc847231
a9c20e5086d03a51bf6c2bbff2467d82398aa2b636c7c26dd560ac1594a67f8e
ab80f6b30cfebd7f4f7e46c7c716e87fefc0b9778364f0b25975fbc032af5b3a
aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
acdd9b4c65ba5299d5bcd170cd394901ae5fd1df030f96edbb8d4bbb7427fdd2
adb64011ff77eb84019aba3647332c825b30ae17e9d1a256eb94e01d79af2e94
adbfb81b30ab97000b12811fcc2d4821b2e11bcc6a8a0b6b1aaf97c8dbe7d1ee
ae2a1bbda04f9b257ef589529c22e5b524c054b4ec9b69c7cc0c33d5292e2fb6
ae45a82c8465439bbce0246ace4b443cb6c09463e902d92249c2e4dbaa1be5dc
aedd1b112e247314f7e990485858511f15d21e57885ee131e9e1a3fec0173d61
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0993db6476ecf1f3f29f8b1b4483ac33e814a918145b682736a39c8523e4138
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1fbf1df681e20b8e52867b4ec3504b6bf9c5a1c7af6fe38c80f67e2f693de4a
b353afb6f7bd6272b20ceb3dbd81f7c953b5f76a61411b4a7e004a2bd17dd7c6
b485985f387b24ee543b32ce7eba11a121922c21a117fd6d1ff2597d64041fac
b52c741e6461f67588dbc22ef3a9d6fe6f4f25f73415f95b8a294ad3364823ee
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b6cd51771366bda4668ab4bd1c3a0c0e6e589f0cad4ae5060ab1af06d99b1e16
b71c2b64cecdc2df7ace9917d247a704b1c95bc7816c7da079b533a0ba211c50
b8396e32f176e55cf7e3da0db94471c3f6830865b9c19ed479fba7c96feb697d
b8eaa29a8ad7652fd0c5fa402501d953be3ccf84d0acaa91f50a875725271ec0
b951113b0c58981d9bf48f91e3d16d38541a2dd4a210c4ac563e3b1323893bd4
bb9db485216f124d7c0e9f03367653abf87d68417d62555a46849111a6a94d48
bc772a3f6f0d098ce060ac8643282f165f8236ab4ba43d8c8fa68157f3c167c9
c0bc3be07587388188143cb937f57c41c1921c60d0ad0c1a278c9099b6fc26a6
c2777526a216d9692dd29697ebee7836fe8ae65f3a290faa20b75b64c0625205
c2b1348622fc97e3f0f6e0272b5707fd75af7bd22e5996b6337c233b94cca504
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118
c8ac5c29dc8e63a7c56da7c23f91eba0cc07c26db67ced53b1ae3b36da9ff85b
c96dda85f1fe2c1b6b3ce8e5f4b3365f4fe5cf575b37707099f4dea61c8ec49b
c9f63e924d317f2a02250206b91191ec97c20f8e83c99c9e6c6ed345056baf2d
ca222a4f47fdb4d40f0b19ceb81e62020ea978da3bf76d3d1ed525a739d11ddb
cb6fb79174c01e3b61a094b4c77cbaa637a0aa5e3cc397e69f6755f619cebb62
cd6c2ca83751acda61421dae14795103331a90ca080d2510d79fc48135e74e0d
ce6cdd2fb17e0cbb86967779402f147873cd52dce90f628189fb048d8a31127e
cf016295997068c6cd58f52c4fca8fdec2806b76e09b12521fcf734e0fcbf5f5
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa767d0b2b065f8d164513fa6bc9b809ee5421fe459aa0924a45bdfe3f3ce77
d0254fe2d6efa511f613052db2f49b9571cd84e6a47c066c4d906856ce265ec9
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d3cf3387684841d812d58964b4a81c701f4b93d564aa09b7a25c71cccce77f7e
d3d6498e9829a788ca3d572159ca1a9f9941d4d3287cbe1cfc79186cdc90565f
d5a175492ad431e1aa9279cb438c016b1d7fb06f081672a51df3bd0204185f9e
d94a863408580067694ac4321741d054476232de68c0e2f7a67ffeea1a38087b
da966e1768a2a913e5fcc571ef16e0145621ffe94f01da29b42eb6cb09797234
dd39c12fe55c899372fd041f0e8ef2c0d65845a7c1897b7a7c5727a9e6b89ad5
dec95680f73067754eebd0d510ac28c1167102c8131282c47f920d919382767e
e0be1d222e2e367ac5106f4aee4830c3de18af1d266f8cde53915e11e8b01bfd
e1182a94011b2c6c6af53ec1d82b5ebef7ae69d253f7b400d83315620927a21f
e1626bbda4f21f67073e21aa2ccae36e12bce3d825e2bec5f9a1d7a3bd9ddcd6
e1ce3dfed839234137715d666f51303258f2b14d76bacd12e1b550247b6463fe
e1df7b84ebd86cd3d345a76cfa86335725e8d4acc09a1958c5c69fb019fab593
e253de8ee866ab68f8892eabb08886aab14abbb7c3626bf13129ea736ef5109a
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e2f1d6c82d89c9a6c1faf7a2e83e00645a2fa1291756de19c937f275bb285090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4eb4713da5fa7f680360728ab61bbf31314d36eea27df685b4c8a00a2032a95
e4fd699d785da5ba9b6cc4de5686c4c2220fb0dcb726cd80c879aa3798b5e888
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e649771a948cafdacf833f38c173e39ba9ff081c1e337d06644982dc66af2e15
e690a8e7022a292b43eb1444309acc4f055763a2447e09ea79027940b391cb6f
e6eef2168d529d99e761504bdf1067099a5a408c40b18bbb62627de5383daea5
e73d4231ace858748cc9124595ab0bf1467a32293fdb0a25a375021a02fc5549
e8403779d45a9590b43c0ecf984ebe11e75fd2982630d658390a6001a6768770
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ea05b25ef6e853af918f08e2a9e204ec210b85cb70495af30c25a311848bb7ea
ec3516ef45e173122744794d177313b4ff33a740df5b8c0f8229b0f39d138f59
ece50b61d5509fdd249dfda21d00b271ef9f47b1c141fe8f0fcabd354866d7ca
ed99828fb66c854a31efaf80a6b7a2c6364720d517f180a7b2921e83c309b97f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efec2578abc0ee7a655ce3ff2cbdb033e0fa575274a6ae036bce38b41ade5537
f11b06b8a5fcb7bc7aea36a89cefabcbcf5ef16f878043d16fcbf95ff44973a9
f12c6133a12eead81c368fe146cb489bdb7331b5e3b5ceb9ea52eac1e3feb815
f1904a820a1f4b161f319ff251a5b500ea177e6aaf15811e5ba06e4683083f20
f318b4ae69011889c6b7c8e0457f1f8c377e738766b0816f8389e691041c7cb8
f3e211b911fd15183c0d417fc4ca7dd7251295f8c5781c883a49af2e907fd7a7
f4b2bb52207f7c0f256d646185d980436e5c9494cbf35df324558c854bd9acae
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c074fe7caed85285ceec6f5a877867b78a4af8f1ef0b0adc9a2200da2112d1
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f74b76ef5a7d65085499aed3e6271042335abec900f5dd9ab0822fa584bcf981
f89f865ab7fc1203808e8f1e82fcbfa59ac9897f11aa404c2801582ed677c14b
fabb2b4f7fd020fdccecc7bd492879b085952b9cb5d8b5a495ecb89ce9412320
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08
fd49219477a365773f010355db7e75d2430693594965a28d835d7c579536948f
fdb10a74b844e762844aa7935be62c27458dc3de7909d109e722dcf5d8e25ee1
ff28592ae2b0572a76b11239cd63a9c88412201a72ea0e994894f4bcd6d9d4bd
ff6db6c1dd0910b5619dafb5284abf59aa7bb8c6d3d0122c1ba5983cddaaa2a3

fornoob.com Open in urlscan Pro 2606:4700:20::ac43:4913 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

908 Requests

90 %HTTPS

35 %IPv6

71 Domains

121 Subdomains

79 IPs

14 Countries

9746 kBTransfer

28358 kBSize

59 Cookies

8 Outgoing links

Redirected requests

908 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

fornoob.com Open in urlscan Pro
2606:4700:20::ac43:4913 Public Scan

Screenshot
Live screenshot

Full Image

908
Requests

90 %
HTTPS

35 %
IPv6

71
Domains

121
Subdomains

79
IPs

14
Countries

9746 kB
Transfer

28358 kB
Size

59
Cookies

908 HTTP transactions
11 data transactions