theteenworker.com Open in urlscan Pro
66.235.200.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://theteenworker.com/
Effective URL:
https://theteenworker.com/
Submission: On April 21 via api (April 21st 2023, 1:26:00 am UTC) from US — Scanned from DE

Summary HTTP 186 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 31 IPs in 10 countries across 33 domains to perform 186 HTTP transactions. The main IP is 66.235.200.146, located in United States and belongs to CLOUDFLARENET, US. The main domain is theteenworker.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on February 20th 2023. Valid for: a year.

This is the only time theteenworker.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	66.235.200.146 66.235.200.146	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
25	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2600:9000:223... 2600:9000:223f:2000:15:ed0:74c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	211.78.88.136 211.78.88.136	17416 (DWINS-TW ...) (DWINS-TW DWINS Digital Service Corp.)
1	172.104.116.119 172.104.116.119	63949 (AKAMAI-AP...) (AKAMAI-AP Akamai Technologies)
2 5	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 28	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
8	2607:f8b0:400... 2607:f8b0:4001:c5c::78	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2	74.125.133.157 74.125.133.157	15169 (GOOGLE) (GOOGLE)
2 4	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 27	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1	89.207.16.140 89.207.16.140	41041 (VCLK-EU-SE) (VCLK-EU-SE)
3 3	18.198.82.46 18.198.82.46	16509 (AMAZON-02) (AMAZON-02)
3 3	34.91.62.186 34.91.62.186	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4 4	37.157.6.254 37.157.6.254	198622 (ADFORM) (ADFORM)
1 2	2a05:d01c:1d8... 2a05:d01c:1d8:8100:85e3:b246:393:848f	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400e:15::7	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
2 2	2a05:d018:d29... 2a05:d018:d29:3601:d2c:8390:eca9:13db	16509 (AMAZON-02) (AMAZON-02)
2 2	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
2 2	18.184.93.146 18.184.93.146	16509 (AMAZON-02) (AMAZON-02)
3 3	213.155.156.168 213.155.156.168	1299 (TWELVE99 ...) (TWELVE99 Arelion)
2 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	104.111.217.42 104.111.217.42	16625 (AKAMAI-AS) (AKAMAI-AS)
186	31

18 66.235.200.146 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)
PTR: host77.ipowerweb.com

theteenworker.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:223f:2000:15:ed0:74c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.oeya.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.78.88.136 (Taiwan)

ASN17416 (DWINS-TW DWINS Digital Service Corp., TW)

adcenter.conn.tw	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.116.119 (Tokyo, Japan)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
PTR: server.25hoon.com

25hoon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2607:f8b0:4001:c5c::78 (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 74.125.133.157 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: wo-in-f157.1e100.net

bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 46.228.164.11 (United Kingdom) 2 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 172.217.18.2 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.207.16.140 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams03-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.198.82.46 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-82-46.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.91.62.186 (Groningen, Netherlands) 3 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.254 (Denmark) 4 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d01c:1d8:8100:85e3:b246:393:848f (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400e:15::7 (Ireland)

ASN15169 (GOOGLE, US)

r2---sn-5hne6nzy.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn0.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn2.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.197.193.217 (United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a05:d018:d29:3601:d2c:8390:eca9:13db (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.64.189.115 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.139 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.251 (London, United Kingdom) 1 redirects

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.184.93.146 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-93-146.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.155.156.168 (Sweden) 3 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.217.42 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 129 tpc.googlesyndication.com — Cisco Umbrella Rank: 177	443 KB
41	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 67 bid.g.doubleclick.net — Cisco Umbrella Rank: 986 cm.g.doubleclick.net — Cisco Umbrella Rank: 313	202 KB
31	gstatic.com csi.gstatic.com fonts.gstatic.com www.gstatic.com encrypted-tbn0.gstatic.com encrypted-tbn1.gstatic.com encrypted-tbn2.gstatic.com	284 KB
18	theteenworker.com 1 redirects theteenworker.com	861 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 119 imasdk.googleapis.com — Cisco Umbrella Rank: 520	269 KB
7	google.com adservice.google.com — Cisco Umbrella Rank: 130 www.google.com — Cisco Umbrella Rank: 16	1 KB
7	googleusercontent.com lh3.googleusercontent.com — Cisco Umbrella Rank: 143	616 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1407 r2---sn-5hne6nzy.c.2mdn.net — Cisco Umbrella Rank: 424669	1 KB
4	adform.net 4 redirects c1.adform.net — Cisco Umbrella Rank: 908	3 KB
4	turn.com 2 redirects ad.turn.com — Cisco Umbrella Rank: 1341 r.turn.com — Cisco Umbrella Rank: 4617	2 KB
3	de17a.com 3 redirects d5p.de17a.com — Cisco Umbrella Rank: 6958	925 B
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 238	146 KB
3	simpli.fi 3 redirects um.simpli.fi — Cisco Umbrella Rank: 1223	2 KB
3	w55c.net 3 redirects pm.w55c.net — Cisco Umbrella Rank: 1332	3 KB
2	teads.tv 1 redirects sync.teads.tv — Cisco Umbrella Rank: 1703	460 B
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 679	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 427	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 447	923 B
2	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 1037	1 KB
2	yahoo.com 2 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 689	1 KB
2	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 451	529 B
2	innovid.com 1 redirects ag.innovid.com — Cisco Umbrella Rank: 2258	686 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 5261	696 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 91	20 KB
2	oeya.com img.oeya.com	54 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 744	876 B
1	onetag-sys.com 1 redirects onetag-sys.com — Cisco Umbrella Rank: 1124	339 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4805	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1132	607 B
1	25hoon.com 25hoon.com	72 KB
1	conn.tw adcenter.conn.tw	501 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 114	44 KB
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
186	33

	Domain	Requested by
28	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net imasdk.googleapis.com tpc.googlesyndication.com pagead2.googlesyndication.com
27	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
25	pagead2.googlesyndication.com	theteenworker.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com www.googletagservices.com
18	theteenworker.com	1 redirects theteenworker.com
12	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	www.gstatic.com	googleads.g.doubleclick.net
8	fonts.gstatic.com	fonts.googleapis.com
8	csi.gstatic.com	imasdk.googleapis.com
7	lh3.googleusercontent.com	theteenworker.com
5	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
5	fonts.googleapis.com	googleads.g.doubleclick.net
4	r2---sn-5hne6nzy.c.2mdn.net	googleads.g.doubleclick.net
4	c1.adform.net	4 redirects
4	imasdk.googleapis.com	googleads.g.doubleclick.net
3	d5p.de17a.com	3 redirects
3	encrypted-tbn2.gstatic.com	googleads.g.doubleclick.net
3	www.googletagservices.com	googleads.g.doubleclick.net
3	um.simpli.fi	3 redirects
3	pm.w55c.net	3 redirects
2	sync.teads.tv	1 redirects googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	x.bidswitch.net	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	image6.pubmatic.com	2 redirects
2	pr-bh.ybp.yahoo.com	2 redirects
2	match.adsrvr.org	googleads.g.doubleclick.net
2	encrypted-tbn0.gstatic.com	googleads.g.doubleclick.net
2	gcdn.2mdn.net	2 redirects
2	ag.innovid.com	1 redirects googleads.g.doubleclick.net
2	r.turn.com	googleads.g.doubleclick.net
2	ad.turn.com	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	img.oeya.com	theteenworker.com
1	sync.mathtag.com	1 redirects
1	onetag-sys.com	1 redirects
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	25hoon.com	theteenworker.com
1	adcenter.conn.tw	theteenworker.com
1	www.googletagmanager.com	theteenworker.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
186	45

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
linktr.ee
winning-artist-3533.ck.page
forms.office.com
member.richark.com.tw
mytd.cc
www.aifian.com
easyfun.biz
ibestfun.net
25hoon.com

Subject Issuer	Validity	Valid
theteenworker.com Cloudflare Inc ECC CA-3	`2023-02-20` - `2024-02-19`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
img.oeya.com Amazon RSA 2048 M01	`2023-02-23` - `2023-04-29`	2 months	crt.sh
adcenter.conn.tw Sectigo RSA Domain Validation Secure Server CA	`2022-11-04` - `2023-12-04`	a year	crt.sh
25hoon.com R3	`2023-03-02` - `2023-05-31`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-03` - `2023-06-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-03-28` - `2023-06-20`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2023-04-11` - `2023-06-20`	2 months	crt.sh

This page contains 19 frames:

Primary Page: https://theteenworker.com/
Frame ID: 255E4CF551FB90661F9BBA026284B7B6
Requests: 44 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html
Frame ID: 6CB99F0B045F9030DC909A0729CE64DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&adk=1812271804&adf=3025194257&lmt=1682040353&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Ftheteenworker.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040353983&bpp=8&bdt=638&idt=137&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1501668524279&frm=20&pv=2&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177
Frame ID: C3229C30921A42B0AE00F3EBCE152321
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=386159007&adf=4102329752&pi=t.aa~a.4253503027~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=1200x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040353991&bpp=2&bdt=646&idt=174&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWlkMahy6x&p=https%3A//theteenworker.com&dtd=178
Frame ID: 2B63972ACCAD0DFC9C30789F035CC610
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=2143041766&adf=1639675732&pi=t.aa~a.225361642~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xD2Q3C68Wb&p=https%3A//theteenworker.com&dtd=12
Frame ID: CFA21A47A1E993F1306FCE1CD73C8E46
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25
Frame ID: 0DD081DF370CB857E351529A8779D444
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=831287430&adf=2084966385&pi=t.aa~a.1517101829~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280&nras=5&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qXXoSvY4LP&p=https%3A//theteenworker.com&dtd=45
Frame ID: D3F0E294C365404E2B4F9124D2580B85
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48
Frame ID: 5770A84B03D6C1427425155DDB1D46E5
Requests: 20 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 59B42B87E657FE08D006C4DB7C3BA0CD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80C3F5948789DA85495E4D119581D81C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 80DD2657EC411FCC76AD88C8D142310A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 6209BE4D3E86CCF04866C046B0FD7C3D
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA4189F72565166E23DB765FD131030A
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: 261F0FD29671BB640CE010FD6BF5D63A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 77B76AF17AA3CA0C5EAA11E323BC4239
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: B47873F419D1308E706C0EBE2FE75660
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js
Frame ID: 629B1F2232EE3BFD0C773549AA59F757
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1DF2CB198C9BA1FF3212F8DBB8829ECD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0914CA3FE5CBA06C9E69CEB34825C83B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

理財新手福利社 - 幫助新手學習投資理財、買房注意事項、股票投資、美股入門、賺錢方法

Page URL History Show full URLs

http://theteenworker.com/ HTTP 301
https://theteenworker.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

186
Requests

85 %
HTTPS

54 %
IPv6

33
Domains

45
Subdomains

31
IPs

10
Countries

3016 kB
Transfer

6993 kB
Size

26
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/carl1491

Search URL Search Domain Scan URL

URL: http://instagram.com/carl_ho_2.0

Search URL Search Domain Scan URL

URL: https://linktr.ee/theteenworker

Search URL Search Domain Scan URL

URL: https://winning-artist-3533.ck.page/c05598a8dd

Search URL Search Domain Scan URL

URL: https://forms.office.com/Pages/ResponsePage.aspx?id=DQSIkWdsW0yxEjajBLZtrQAAAAAAAAAAAAZ__oUycSlUNE1XT1Q4TjQzOTZGR1VSVzUzWTRYUklDMi4u

Search URL Search Domain Scan URL

URL: https://member.richark.com.tw/shop

Search URL Search Domain Scan URL

URL: https://mytd.cc/1Sq

Search URL Search Domain Scan URL

URL: https://www.aifian.com/

Search URL Search Domain Scan URL

URL: https://easyfun.biz/2oSCO

Search URL Search Domain Scan URL

URL: https://ibestfun.net/2gwRF

Search URL Search Domain Scan URL

URL: https://25hoon.com/ref/carl/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://theteenworker.com/ HTTP 301
https://theteenworker.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 61

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG95mgc9yhb0Jq5yVnprFCg&google_cver=1&google_push=Aer7DvKEYpoE9uHxJvsMRg3L52s139X7tRTSbvGbcrbw_1S9llHx4INdpNBtvAgtKghZz2kwhpxiPxjEuHF4XYLN2WML8GhDyI1CtZI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMjIxMjcyMDYxNzg2MjU2MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFiB8x1vgoX4R78huCgrnHc&google_cver=1

Request Chain 63

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&google_cver=1&google_push=Aer7DvIYu_zjjUnWb3wxyDgS_wuFdYy0D6dJFM9HSCn7a9zNdSunWZTy_HSIdY6JvNJHJGwBp63JiVjNAxJW_slV3eZE79HPqi51f2lg HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&google_cver=1&google_push=Aer7DvIYu_zjjUnWb3wxyDgS_wuFdYy0D6dJFM9HSCn7a9zNdSunWZTy_HSIdY6JvNJHJGwBp63JiVjNAxJW_slV3eZE79HPqi51f2lg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&google_cver=1&google_push=Aer7DvIYu_zjjUnWb3wxyDgS_wuFdYy0D6dJFM9HSCn7a9zNdSunWZTy_HSIdY6JvNJHJGwBp63JiVjNAxJW_slV3eZE79HPqi51f2lg

Request Chain 64

https://um.simpli.fi/gp_match?google_gid=CAESEEYmqiC1j8U7jDcFVwRGf2w&google_cver=1&google_push=Aer7DvL61pwnBmcY3yjKyRA8dMvcwvZYr-lFs9sc0vFikF_R8-vvb71P8TRttxZMSSWK06pAStMyFgzng0jHXDpp88cW3XnYKmdpHut5 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvL61pwnBmcY3yjKyRA8dMvcwvZYr-lFs9sc0vFikF_R8-vvb71P8TRttxZMSSWK06pAStMyFgzng0jHXDpp88cW3XnYKmdpHut5

Request Chain 65

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOlUVRBDV8xLm1s8dkP3tkE&google_cver=1&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQHwVyj0gYB-WyokHb-oe4coZMcMn8fi HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOlUVRBDV8xLm1s8dkP3tkE&google_cver=1&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQHwVyj0gYB-WyokHb-oe4coZMcMn8fi HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQHwVyj0gYB-WyokHb-oe4coZMcMn8fi

Request Chain 101

https://gcdn.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/73C1DF6A89358302672E4D5723FE69E4F87371AD.49118DECD11A25AA68EE3B9C42E32E815456B3CE/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4E0E96B8CA1293FF4E36375A123793D19E1B90EF.33814A9DC83D11E1D91D40C84D0EA91341B6899D/key/cms1/cms_redirect/yes/mh/sx/mip/2001:ac8:20:3a00:1012:3cf8:963d:b5e1/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1682040051/mv/m/mvi/2/pl/49/file/file.mp4

Request Chain 113

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r HTTP 301
https://tpc.googlesyndication.com/simgad/624907996767536446

Request Chain 119

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFaPXs9LhW8uuLVaZ7s6tzg&google_cver=1&google_push=Aer7DvIamW8ksZt-mycvYXUSM3QUjQ8JBeJkK3eplZvvWS3Q4YWuVZRHpNg1Iu_TbYwU8ZWBVzDy1fOdwJY51vxGShtltD1zYiDCFlU HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEFaPXs9LhW8uuLVaZ7s6tzg&google_cver=1&google_push=Aer7DvIamW8ksZt-mycvYXUSM3QUjQ8JBeJkK3eplZvvWS3Q4YWuVZRHpNg1Iu_TbYwU8ZWBVzDy1fOdwJY51vxGShtltD1zYiDCFlU

Request Chain 121

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDx12oAmjWsn9zjqrXmA08Q&google_cver=1&google_push=Aer7DvKSZGkldNouYJHgnGGRFH4cB9EpqTiK6z6pOLJwEYBO7T_4IyL4IdjOFu91nvYgdjZvHPOd5vl5lZNHpaGOsVqIZpIEYHywUg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKSZGkldNouYJHgnGGRFH4cB9EpqTiK6z6pOLJwEYBO7T_4IyL4IdjOFu91nvYgdjZvHPOd5vl5lZNHpaGOsVqIZpIEYHywUg&google_hm=eS0ySEFxaDN0RTJwRjhSNldhQjZlMGdpa3VDdW5zb0V2NX5B

Request Chain 122

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHF9LhLcLtFh9uy80x-kd1w&google_cver=1&google_push=Aer7DvIjqISaTPTObbUAA-_FQ0qWWQ4c6XOYDRGrOCbHV7hVUjjF3eeRJV38Ns7XSORDaynK-H_AXfiEVbpyfvESltVHLJ4T-lEQoA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvIjqISaTPTObbUAA-_FQ0qWWQ4c6XOYDRGrOCbHV7hVUjjF3eeRJV38Ns7XSORDaynK-H_AXfiEVbpyfvESltVHLJ4T-lEQoA

Request Chain 123

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBikl53YWpDHqi978XfwsJQ&google_cver=1&google_push=Aer7DvJUpv6wP8TfV4Kn_5AJ09-6eNFs5ZH6r26ddIO6s93_lvrxGcufuj1Qn2AEpg2jyqJw6ZqtcEbCaOTA-8JFWsgCD8pMI8Cl4Q HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBikl53YWpDHqi978XfwsJQ&google_cver=1&google_push=Aer7DvJUpv6wP8TfV4Kn_5AJ09-6eNFs5ZH6r26ddIO6s93_lvrxGcufuj1Qn2AEpg2jyqJw6ZqtcEbCaOTA-8JFWsgCD8pMI8Cl4Q&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6EBBRgGTQOmY0-rCPGxeVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJUpv6wP8TfV4Kn_5AJ09-6eNFs5ZH6r26ddIO6s93_lvrxGcufuj1Qn2AEpg2jyqJw6ZqtcEbCaOTA-8JFWsgCD8pMI8Cl4Q

Request Chain 124

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECLrrSRCpfFZP9qM6AmwMnA&google_cver=1&google_push=Aer7DvJOtXpLZiY81fdSQS3LTfNyQ5I_auaW9AlBPoEdiMD6fvBewULyGizB5zyxxqr4C2owGHkYhDlReU0UkEV_s2IpV83iykaybKQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVgtMTgtQVhRRQ==&google_push=Aer7DvJOtXpLZiY81fdSQS3LTfNyQ5I_auaW9AlBPoEdiMD6fvBewULyGizB5zyxxqr4C2owGHkYhDlReU0UkEV_s2IpV83iykaybKQ

Request Chain 125

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJzZCCUkSKU7mr3NHjNBYMI&google_cver=1&google_push=Aer7DvKGctaxBZyAFotgkhkCOqr623oCtlW7iuKYuUBLwqthYoe4tkGFTCVV2AKVP5FYIpJ72tr0VMt0t1pyBhQUmEBpebv2Z5rjfGY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKGctaxBZyAFotgkhkCOqr623oCtlW7iuKYuUBLwqthYoe4tkGFTCVV2AKVP5FYIpJ72tr0VMt0t1pyBhQUmEBpebv2Z5rjfGY

Request Chain 127

https://um.simpli.fi/gp_match?google_gid=CAESELSRI-e_JDeyCCSjTGsfNEE&google_cver=1&google_push=Aer7DvJEF0DEd34GkpHgsqNkQF1TkADKZSsPRCK8qfBodwbq93c_yB0EfCwrfosoTOjtiU0YbkZpDgNTFmAo9p11oFnmQ85sW8kiNnA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvJEF0DEd34GkpHgsqNkQF1TkADKZSsPRCK8qfBodwbq93c_yB0EfCwrfosoTOjtiU0YbkZpDgNTFmAo9p11oFnmQ85sW8kiNnA

Request Chain 129

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECkDRv3qW5G-uIo5xMgA478&google_cver=1&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsabLrihh1t4elQ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECkDRv3qW5G-uIo5xMgA478&google_cver=1&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsabLrihh1t4elQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsabLrihh1t4elQ&google_hm=JBniuVy6Rce1EEjQ3s1YRg==

Request Chain 130

https://d5p.de17a.com/cookies/google?google_gid=CAESEKWArXVFbfciNNSKPg3iBXY&google_cver=1&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5VdioCNDz2rsE HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKWArXVFbfciNNSKPg3iBXY&google_cver=1&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5VdioCNDz2rsE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5VdioCNDz2rsE

Request Chain 131

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELP4IQDIIECMkTVPmVfu8eY&google_cver=1&google_push=Aer7DvLUDBQAjDBtm1tkqSiz1OaHS-n4bmpDAACuSkgUo7ahabW8vGb1wT_k2IknE5pKK9auGcdIxK41S3obqYmNQXO9T1flOrcFxQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVctUy1GUlAy&google_push=Aer7DvLUDBQAjDBtm1tkqSiz1OaHS-n4bmpDAACuSkgUo7ahabW8vGb1wT_k2IknE5pKK9auGcdIxK41S3obqYmNQXO9T1flOrcFxQ

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_cver=1&google_push=Aer7DvKldKLGmIO1sagpw8UsMNyfac8SxauV9iAcKYZeUaSxnAdBzbOgtoOmnj1XNQdbZ9RlJ7QquXtlpK2rhBLsLFp4437hf0QApQo HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_push=Aer7DvKldKLGmIO1sagpw8UsMNyfac8SxauV9iAcKYZeUaSxnAdBzbOgtoOmnj1XNQdbZ9RlJ7QquXtlpK2rhBLsLFp4437hf0QApQo&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_hm=ZEHmI0akjcPvNQqzOHlo-wAAFBQAAAAB&google_nid=index&google_push=Aer7DvKldKLGmIO1sagpw8UsMNyfac8SxauV9iAcKYZeUaSxnAdBzbOgtoOmnj1XNQdbZ9RlJ7QquXtlpK2rhBLsLFp4437hf0QApQo

Request Chain 133

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGiJkzguKYF6l6nnU8oefrk&google_cver=1&google_push=Aer7DvIVEML05KnGB9pcI5E2sM6MFUr6xLqr9BvapVQzo7ahy1C9T83atC5YFUhwGrmjndop9mQVEQL7qPcpUCNDViaTTC9VRCt8bg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=Aer7DvIVEML05KnGB9pcI5E2sM6MFUr6xLqr9BvapVQzo7ahy1C9T83atC5YFUhwGrmjndop9mQVEQL7qPcpUCNDViaTTC9VRCt8bg&google_hm=HOt_Ktw8QbGfGF-M340atg

Request Chain 153

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGVAZBb-pxtC40ABFm0CCis&google_cver=1&google_push=Aer7DvK9eHYOcW8HCZ4HvMBtXlce-ZfYCbq30C4J0r7oM4d3Eeqoy7qOKMDSdTsODfFkJp_GneeMykfetP55dn_9RHSWKA0m3Eq7z4M HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMjIxMjcyMDYxNzg2MjU2MA==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGVAZBb-pxtC40ABFm0CCis&google_cver=1

Request Chain 154

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF0IVZ5JkZntiIqhhXQEscQ&google_cver=1&google_push=Aer7DvJyqZ94vv4xVCjG57iI6eZvGYmsgCPBkfbfWFzQxsg1gN_EwQYBTYj3wmkuDnupJSeCPtk_rdsSFopQ4xw4wRUqnMH30eWwL_o HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJyqZ94vv4xVCjG57iI6eZvGYmsgCPBkfbfWFzQxsg1gN_EwQYBTYj3wmkuDnupJSeCPtk_rdsSFopQ4xw4wRUqnMH30eWwL_o

Request Chain 155

https://um.simpli.fi/gp_match?google_gid=CAESEKK5yjBA__qXDzS8aND12-8&google_cver=1&google_push=Aer7DvIYaLgvAxxxuCE5Tgl-X-yWWrzkm7CS2GAOq6XmaPjJ3KEwVstIGfcYtso5VBIetkajaboJyh8XsVvkJNWGJ0bQeW5979EeuA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvIYaLgvAxxxuCE5Tgl-X-yWWrzkm7CS2GAOq6XmaPjJ3KEwVstIGfcYtso5VBIetkajaboJyh8XsVvkJNWGJ0bQeW5979EeuA

Request Chain 156

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIv8oCo28eidSqAjENoLZgA&google_cver=1&google_push=Aer7DvKyv_mKhhLSKac-4Q8AmwPBLDNBa503GdhKEc9OqQfMqrY-u3dkSqJzxHGZflX29a_wJ0jU2pkjfeW5JI6TzZoLIQYMRAYAp28 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKyv_mKhhLSKac-4Q8AmwPBLDNBa503GdhKEc9OqQfMqrY-u3dkSqJzxHGZflX29a_wJ0jU2pkjfeW5JI6TzZoLIQYMRAYAp28&google_hm=eS0ySEFxaDN0RTJwRjhSNldhQjZlMGdpa3VDdW5zb0V2NX5B

Request Chain 157

https://d5p.de17a.com/cookies/google?google_gid=CAESEHEnX6OjbvILUjgNWy3X39s&google_cver=1&google_push=Aer7DvKSe6bMnD5s611My_pfEFnmS9JQLznFc9FTTzQsFdZNQjyN1xhtpYD6W2ZeGOV6p9l9SrVHmIvq7mPynWgO7c_uJQlY_vw4r1I HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKSe6bMnD5s611My_pfEFnmS9JQLznFc9FTTzQsFdZNQjyN1xhtpYD6W2ZeGOV6p9l9SrVHmIvq7mPynWgO7c_uJQlY_vw4r1I

Request Chain 158

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHtKR_CDxU80rQ4hJhfmOac&google_cver=1&google_push=Aer7DvKwX07CezZND40ezUzMMM6403AfKTv3oDgAl9iqcQQ0YPDKE_kILIdkJvFghF8PXOGk3UqxuNuQ1bWqNJysdhbcXsG8ofa_p-E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvKwX07CezZND40ezUzMMM6403AfKTv3oDgAl9iqcQQ0YPDKE_kILIdkJvFghF8PXOGk3UqxuNuQ1bWqNJysdhbcXsG8ofa_p-E

Request Chain 159

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBVJQqitIovlR5j7AeZw8GU&google_cver=1&google_push=Aer7DvI4AFt0ZZTt9vBQgQ7oJHqPhl3xk0sCS4t7OlFrHtWlDb2Zui3QO8GDMYA9N6R4CaRvndfPbUzbj0E9G12DFpAiuQhNuYZBmFyL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvI4AFt0ZZTt9vBQgQ7oJHqPhl3xk0sCS4t7OlFrHtWlDb2Zui3QO8GDMYA9N6R4CaRvndfPbUzbj0E9G12DFpAiuQhNuYZBmFyL HTTP 302
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

Request Chain 164

https://gcdn.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signature/73C1DF6A89358302672E4D5723FE69E4F87371AD.49118DECD11A25AA68EE3B9C42E32E815456B3CE/key/ck2/file/file.mp4 HTTP 302
https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4EC0F3FD19D08283FF5E93AB72D86ED20F5A4ABB.841FE409BD0D090E348C1F51342248DC05C027ED/key/cms1/cms_redirect/yes/mh/sx/mip/2001:ac8:20:3a00:1012:3cf8:963d:b5e1/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1682040051/mv/m/mvi/2/pl/49/file/file.mp4

186 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
theteenworker.com/
Redirect Chain

http://theteenworker.com/
https://theteenworker.com/

161 KB
24 KB

1449ms
1409ms

Document
text/html

66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: a19fc65be57891f84626491a603bff645b9077cbddb1187a2d39f82a43b75fda

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache private, must-revalidate
cf-cache-status: MISS
cf-ray: 7bb1d5e79a220be1-AMS
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 21 Apr 2023 01:25:53 GMT
expires: Fri, 19 May 2023 01:25:52 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
last-modified: Fri, 21 Apr 2023 01:25:53 GMT
link: <https://theteenworker.com/wp-json/>; rel="https://api.w.org/"
server: cloudflare
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 0
x-nginx-cache: WordPress

Redirect headers

CF-Cache-Status: MISS
CF-RAY: 7bb1d5e63ce21c87-AMS
Cache-Control: max-age=2419200
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 21 Apr 2023 01:25:51 GMT
Expires: Fri, 19 May 2023 01:25:51 GMT
Location: https://theteenworker.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding

GET
H2 200 wpo-minify-header-d5306102.min.css
theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/ 1 MB
235 KB 235ms
234ms Stylesheet
text/css 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-header-d5306102.min.css
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: e7f940776166cf2f3d7a644b5df2a32c635a8971d0bc020eb7aed4f47494d233

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 20 Apr 2023 03:53:44 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 0
content-type: text/css
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 7bb1d5f08a5a0be1-AMS
expires: Fri, 19 May 2023 01:25:53 GMT

GET
H2 200 wpo-minify-header-f5470c18.min.js Show response
theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/ 101 KB
44 KB 218ms
218ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-header-f5470c18.min.js
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: c5b21a713e42fe15adf3bd1d388213e3529a1dd2bd24874e87c7988b52af86ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 20 Apr 2023 03:53:44 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: private
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 7bb1d5f08a5b0be1-AMS
expires: Fri, 19 May 2023 01:25:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 113 KB
44 KB 45ms
21ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-160211735-1

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4d44566e720619539e8c9c22a3c65223058c7c48f4b782a35cb4c006a49ee47c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:53 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45103
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 00:16:30 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 21 Apr 2023 01:25:53 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
47 KB 58ms
34ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6458173709205608&host=ca-host-pub-2644536267352236

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

89ddc3ad6d707e6e7bcf8f9e235c983b2f4fb9b2d1e41681a52ccef908100c0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Origin: https://theteenworker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:53 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47619
x-xss-protection: 0
server: cafe
etag: 2900955307879662980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 01:25:53 GMT

GET
H2 200 %E7%90%86%E8%B2%A1%E6%96%B0%E6%89%8B%E7%A6%8F%E5%88%A9%E7%A4%BE.jpg
theteenworker.com/wp-content/uploads/2023/02/ 25 KB
25 KB 230ms
229ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2023/02/%E7%90%86%E8%B2%A1%E6%96%B0%E6%89%8B%E7%A6%8F%E5%88%A9%E7%A4%BE.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: aa793dea7df86c78a908431a6b6b5ba0248bf8e813469db4a1e6f57c60ddaada

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Tue, 07 Feb 2023 00:34:57 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f3bddd0be1-AMS
content-length: 25737
expires: Fri, 19 May 2023 01:25:53 GMT

GET
H2 200 AM-JKLWMSgiSG69GzWHHqBcw836QOYl35x-JiXYGUb7-1lzmxAd9CXr84wtXosU54Nwpk9iZmB-UPEVH_gKF3GMWHCSVbHt3vdyZLkD4hkGDTt6HjdwdZ1HQroqk1zQGhdRNM5gui4A0SIbEY08H2jnZEPQJ=w680-h678-no
lh3.googleusercontent.com/pw/ 146 KB
146 KB 260ms
236ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AM-JKLWMSgiSG69GzWHHqBcw836QOYl35x-JiXYGUb7-1lzmxAd9CXr84wtXosU54Nwpk9iZmB-UPEVH_gKF3GMWHCSVbHt3vdyZLkD4hkGDTt6HjdwdZ1HQroqk1zQGhdRNM5gui4A0SIbEY08H2jnZEPQJ=w680-h678-no?authuser=0

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

0ea0fef9750b1529d886c6051fda3e66d3c8730429fd04f86cfcd61a7ddedf39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "vdd5"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="________.JPG";filename*=UTF-8''%E8%87%AA%E5%8B%95%E5%8C%96%E7%90%86%E8%B2%A1%E6%9B%B8%E9%80%A3%E7%B5%90.JPG
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149537
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AM-JKLUi2w9pin4UlBR0RoXhYInLyN1GOLitSQuGadEhI6ybJaZBysKJV4E6IGiw7uMwr8oEbxWhH2RUHgbL8VQ6IONmHvj5X4I7fWCayO6hQMbbZyAakymfg_nlH7l3rK7fGn44wTGgtiMy1HgXPRk9ouRF=w837-h833-no
lh3.googleusercontent.com/pw/ 73 KB
73 KB 483ms
459ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AM-JKLUi2w9pin4UlBR0RoXhYInLyN1GOLitSQuGadEhI6ybJaZBysKJV4E6IGiw7uMwr8oEbxWhH2RUHgbL8VQ6IONmHvj5X4I7fWCayO6hQMbbZyAakymfg_nlH7l3rK7fGn44wTGgtiMy1HgXPRk9ouRF=w837-h833-no?authuser=0

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

85074357cf2f6e2e622abc1417460c11609fd93f4919d3210ec103ddaea59122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "vdd5"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="______.jpg";filename*=UTF-8''%E5%AD%B8%E5%A6%B9%E7%9C%8B%E6%88%BF%E7%AD%86%E8%A8%98.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75061
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AMWts8AefdUXVq_jeRymPGRk7910GsG-7WFLQKGVk6Uzuo-dmM0vTq0eIX3gZtm-hyp2Rpsn_1MIHADzGfxJos3_dRIKmED8675o38MC4LwZEHY2lGXMCGw2WzB3oj4CSteRn91kZHoxG-hcZcdyR9bENQSG=w788-h788-s-no
lh3.googleusercontent.com/pw/ 125 KB
125 KB 476ms
452ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AMWts8AefdUXVq_jeRymPGRk7910GsG-7WFLQKGVk6Uzuo-dmM0vTq0eIX3gZtm-hyp2Rpsn_1MIHADzGfxJos3_dRIKmED8675o38MC4LwZEHY2lGXMCGw2WzB3oj4CSteRn91kZHoxG-hcZcdyR9bENQSG=w788-h788-s-no?authuser=0

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7e649e039a95aeb1ff8f322288e90e534c5072fd9d6686369e17478a6ad7bc74

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v1882"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="___________2.jpg";filename*=UTF-8''%E7%90%86%E8%B2%A1%E6%96%B0%E6%89%8B%E7%A6%8F%E5%88%A9%E7%A4%BE%E8%AE%80%E8%80%85%E7%A6%8F%E5%88%A92.jpg
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 128150
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AM-JKLVdUp3j9UpNUo4hwfKQ34r75CCYG2L_JUtrHoAjyKqviT2jaHDies2IhKBbEX88zxicpDI5QsGgzprXvqFBbEGAwNKmNOHBgP2zMi43OqKmocD5S8vliHtu2EV_au029NGCN4jC-4-cNVOdD5b8r-Jz=s788-no
lh3.googleusercontent.com/pw/ 83 KB
83 KB 474ms
450ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AM-JKLVdUp3j9UpNUo4hwfKQ34r75CCYG2L_JUtrHoAjyKqviT2jaHDies2IhKBbEX88zxicpDI5QsGgzprXvqFBbEGAwNKmNOHBgP2zMi43OqKmocD5S8vliHtu2EV_au029NGCN4jC-4-cNVOdD5b8r-Jz=s788-no?authuser=0

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

6df9974b50018a40be58d642d21ea356bac07074aa604a583ace71a1ead41023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "vdd5"
vary: Origin
content-type: image/png
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="_______ & RICHARK (1).png";filename*=UTF-8''%E7%90%86%E8%B2%A1%E6%96%B0%E6%89%8B%E7%A6%8F%E5%88%A9%E7%A4%BE%20%26%20RICHARK%20(1).png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85207
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AMWts8DKefRBV0QHbHRwUcHq1QckviwuyrmYot1jEZsvaT0VJjiyl9OUucBNqSLp33Ytyz_3VkA-G8IX_n45NrYZso69b9_QJjM5CWbQAJW-NT3GgHbw64Bixqa2QR1zsV8WhmbcZTJcXsc0J5iAo5xla_2P=w336-h280-no
lh3.googleusercontent.com/pw/ 30 KB
30 KB 483ms
459ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AMWts8DKefRBV0QHbHRwUcHq1QckviwuyrmYot1jEZsvaT0VJjiyl9OUucBNqSLp33Ytyz_3VkA-G8IX_n45NrYZso69b9_QJjM5CWbQAJW-NT3GgHbw64Bixqa2QR1zsV8WhmbcZTJcXsc0J5iAo5xla_2P=w336-h280-no?authuser=0

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

f554d16e0856cd0ae673d4d5c62d97c72c97f12d276ab9341c93bb9d0952792a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "v1766"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="Mitrade.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30772
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AM-JKLVOfWYgj6LsdbVHbypKTHzZcK7uW-0Pjr8QMEnaFqu3gnfLQw1IP2oGNKZFVVAxgzETWB-IA-vUThXrmLP1IRW_k9VWBQ4PJzvh1D2rIQTMxze7Kbalmx4nWcGVUfUlcvL9HBrJuqsS3nAY9UBrLabK=s833-no
lh3.googleusercontent.com/pw/ 99 KB
99 KB 475ms
451ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AM-JKLVOfWYgj6LsdbVHbypKTHzZcK7uW-0Pjr8QMEnaFqu3gnfLQw1IP2oGNKZFVVAxgzETWB-IA-vUThXrmLP1IRW_k9VWBQ4PJzvh1D2rIQTMxze7Kbalmx4nWcGVUfUlcvL9HBrJuqsS3nAY9UBrLabK=s833-no?authuser=0

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

10736071b6df1397bb54ea649d49aaa8b7e38f3c86716c6ec961d26b6cc6fc76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "vdd5"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="aifian.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 101730
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1573029118061041853.jpg
img.oeya.com/images/201911/ 27 KB
27 KB 164ms
20ms Image
image/jpg 2600:9000:223f:2000:15:ed0:74c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oeya.com/images/201911/1573029118061041853.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2000:15:ed0:74c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a1b1e3637f86de095e33fd0ab714a09476241dadef63a86477c040560bc56f9f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 06:57:43 GMT
x-amz-version-id: 9lfbioQ_XffjXwzFPUMg.uTkX9fG_LtB
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Wed, 06 Nov 2019 08:31:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 66492
etag: "7bcde6d5123173aad8272d7b85314df9"
x-cache: Hit from cloudfront
content-type: image/jpg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 27652
x-amz-cf-id: R1IrRroLvIjick1fDaW7wk-l7G3ZCi8dQ1bi9SeK6VtiCPtFLFxSNw==

GET
H2 200 1454578883357083194.jpg
img.oeya.com/images/201602/ 26 KB
27 KB 1078ms
934ms Image
image/jpeg 2600:9000:223f:2000:15:ed0:74c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.oeya.com/images/201602/1454578883357083194.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:2000:15:ed0:74c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dc56627f1190d46a30b32d5479c1f2e2afe36b1e321728a62a130220af930a01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 4fJnHDbufvgqJVtN_cyGPf8t_.uBcao4
date: Fri, 21 Apr 2023 01:25:55 GMT
via: 1.1 b6be6ee8d445cfa291adcacd75a3fb12.cloudfront.net (CloudFront)
last-modified: Fri, 21 Jul 2017 16:52:04 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
etag: "64b4afbe871ed85cc49c606269d86d89"
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
x-amz-replication-status: COMPLETED
accept-ranges: bytes
content-length: 26731
x-amz-cf-id: aLxkl14nE8E_cnycBXeqE_foj2rer1LSHsEky2hViWQ5clHVsJ89bQ==

GET
H/1.1 200
OK oeya_url_image.php
adcenter.conn.tw/track/ 43 B
501 B 1680ms
309ms Image
image/gif 211.78.88.136
DWINS-TW DWINS Di...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adcenter.conn.tw/track/oeya_url_image.php?key=7a235d86c5099de3581d4ec4e3fbc468
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 211.78.88.136 , Taiwan, ASN17416 (DWINS-TW DWINS Digital Service Corp., TW),
Reverse DNS
Software: Apache / PHP/5.2.17
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 01:25:54 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
P3P: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Access-Control-Allow-Origin: *
Content-Type: image/gif
Cache-Control: private, no-cache, no-cache=Set-Cookie, proxy-revalidate
Connection: close
Content-Length: 43

GET
H2 200 Web-Banner-N-02-2.jpg
25hoon.com/wp-content/uploads/2023/02/ 71 KB
72 KB 1024ms
276ms Image
image/jpeg 172.104.116.119
AKAMAI-AP Akamai ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://25hoon.com/wp-content/uploads/2023/02/Web-Banner-N-02-2.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.104.116.119 Tokyo, Japan, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS: server.25hoon.com
Software: LiteSpeed /
Resource Hash: bd6924fe8df2c97b990d00d38db3052aadaa6c212c6631a30f40daeb6ed425f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
last-modified: Tue, 21 Feb 2023 14:39:17 GMT
server: LiteSpeed
vary: User-Agent,Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=10368000,public
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length: 73136
expires: Sat, 19 Aug 2023 01:25:54 GMT

GET
H2 200 email-decode.min.js Show response
theteenworker.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
836 B 15ms
15ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://theteenworker.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

host77.ipowerweb.com

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 14 Apr 2023 19:06:50 GMT
server: cloudflare
etag: W/"6439a44a-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 7bb1d5f27c7b0be1-AMS
expires: Sun, 23 Apr 2023 01:25:53 GMT

GET
H2 200 wpo-minify-footer-4db111f7.min.css
theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/ 54 KB
10 KB 206ms
206ms Stylesheet
text/css 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-footer-4db111f7.min.css
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: ee19742886613aea1197abf7241637e70dce9f4060174548f917d9ac717c4688

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 20 Apr 2023 03:53:45 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 0
content-type: text/css
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f29caa0be1-AMS
content-length: 10205
expires: Fri, 19 May 2023 01:25:53 GMT

GET
H2 200 wpo-minify-footer-a21d5de7.min.js Show response
theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/ 283 KB
106 KB 179ms
179ms Script
application/javascript 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-footer-a21d5de7.min.js
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 1f93a6740975e8627b3f8e9fdbe3ef095304ef9ec162e9610d63a3731b27bc06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:53 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Thu, 20 Apr 2023 03:56:41 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 0
content-type: application/javascript
cache-control: private
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 7bb1d5f35d7d0be1-AMS
expires: Fri, 19 May 2023 01:25:53 GMT

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6aead4b8d414f6c0d6166357f3680c0c8c8c2bab32f3e25845fc18a068a8d62a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fontawesome-webfont.woff2
theteenworker.com/wp-content/themes/soledad/fonts/ 75 KB
76 KB 329ms
328ms Font
font/woff2 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theteenworker.com/wp-content/themes/soledad/fonts/fontawesome-webfont.woff2
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-header-d5306102.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-header-d5306102.min.css
Origin: https://theteenworker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Fri, 07 Apr 2023 18:43:07 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: font/woff2
cache-control: max-age=2419200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f3ddf90be1-AMS
content-length: 77160
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 penciicon.ttf
theteenworker.com/wp-content/themes/soledad/fonts/ 33 KB
21 KB 278ms
278ms Font
font/ttf 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://theteenworker.com/wp-content/themes/soledad/fonts/penciicon.ttf
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-header-d5306102.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576

Request headers

Referer: https://theteenworker.com/wp-content/cache/wpo-minify/1681962807/assets/wpo-minify-header-d5306102.min.css
Origin: https://theteenworker.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: gzip
x-nginx-cache: WordPress
last-modified: Fri, 07 Apr 2023 18:43:07 GMT
server: cloudflare
cf-cache-status: MISS
vary: Accept-Encoding,User-Agent
x-endurance-cache-level: 0
content-type: font/ttf
cache-control: max-age=2419200
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
cf-ray: 7bb1d5f3ddfa0be1-AMS
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-160211735-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 21 Apr 2023 00:27:45 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3488
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 21 Apr 2023 02:27:45 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/ 354 KB
119 KB 66ms
51ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6458173709205608&plah=theteenworker.com&bust=31074066

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6458173709205608&host=ca-host-pub-2644536267352236

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

40fa627fc20705729cef8e28f3108b84d0f09934ac38701de07039aae3537c4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 121809
x-xss-protection: 0
server: cafe
etag: 1009158928915628154
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 21 Apr 2023 01:25:54 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/ Frame 6CB9 10 KB
5 KB 27ms
6ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230418/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-6458173709205608&host=ca-host-pub-2644536267352236

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 6308
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 23:40:46 GMT
etag: 2378337311435320485
expires: Thu, 04 May 2023 23:40:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
207 B 15ms
15ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=897482015&t=pageview&_s=1&dl=https%3A%2F%2Ftheteenworker.com%2F&ul=en-us&de=UTF-8&dt=%E7%90%86%E8%B2%A1%E6%96%B0%E6%89%8B%E7%A6%8F%E5%88%A9%E7%A4%BE%20-%20%E5%B9%AB%E5%8A%A9%E6%96%B0%E6%89%8B%E5%AD%B8%E7%BF%92%E6%8A%95%E8%B3%87%E7%90%86%E8%B2%A1%E3%80%81%E8%B2%B7%E6%88%BF%E6%B3%A8%E6%84%8F%E4%BA%8B%E9%A0%85%E3%80%81%E8%82%A1%E7%A5%A8%E6%8A%95%E8%B3%87%E3%80%81%E7%BE%8E%E8%82%A1%E5%85%A5%E9%96%80%E3%80%81%E8%B3%BA%E9%8C%A2%E6%96%B9%E6%B3%95&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACUABBAAAACAAI~&jid=156255127&gjid=19547002&cid=1307034590.1682040354&tid=UA-160211735-1&_gid=2001328230.1682040354&_r=1&gtm=457e34j0&did=dZTNiMT&gdid=dZTNiMT&jsscut=1&z=1464891679

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://theteenworker.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://theteenworker.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 %E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-%E6%BD%AE%E9%9C%96%E8%B3%87%E7%94%A2%E8%A9%95%E5%83%B9-520x390.jpg
theteenworker.com/wp-content/uploads/2023/03/ 38 KB
38 KB 231ms
230ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2023/03/%E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-%E6%BD%AE%E9%9C%96%E8%B3%87%E7%94%A2%E8%A9%95%E5%83%B9-520x390.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: b317cfdc517e1da4923ae3cf29d7428836e88103ae7ccb630fdc607cb6e9666e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Sun, 19 Mar 2023 01:35:45 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff150be1-AMS
content-length: 38953
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 %E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-mitrade%E8%A9%95%E5%83%B9-520x390.jpg
theteenworker.com/wp-content/uploads/2023/03/ 38 KB
38 KB 253ms
252ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2023/03/%E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-mitrade%E8%A9%95%E5%83%B9-520x390.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 254417fae3a277a92a1347de5ab5d4733d76ddf7912e21854b968c22bcc41b8f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Thu, 09 Mar 2023 10:46:31 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff190be1-AMS
content-length: 39244
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 %E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-%E8%A8%98%E5%B8%B3APP%E6%8E%A8%E8%96%A6-520x390.jpg
theteenworker.com/wp-content/uploads/2022/12/ 37 KB
37 KB 220ms
219ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2022/12/%E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-%E8%A8%98%E5%B8%B3APP%E6%8E%A8%E8%96%A6-520x390.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 0cbc93e43779ecb992eaa87b6c664975d44bca6a8dd93d15fd766511bed763a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Fri, 23 Dec 2022 09:14:19 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff1a0be1-AMS
content-length: 37729
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 %E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-ACE%E4%BA%A4%E6%98%93%E6%89%80-520x390.jpg
theteenworker.com/wp-content/uploads/2022/10/ 38 KB
39 KB 176ms
175ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2022/10/%E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-ACE%E4%BA%A4%E6%98%93%E6%89%80-520x390.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: a382e23d66273a21459a420d3eee061cda751552adda62f7463419a6da30ed23

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Sat, 22 Oct 2022 01:11:45 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff1c0be1-AMS
content-length: 39313
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 Wordpress%E6%96%87%E7%AB%A0%E5%B0%81%E9%9D%A2-%E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-520x390.png
theteenworker.com/wp-content/uploads/2022/06/ 52 KB
52 KB 258ms
258ms Image
image/png 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2022/06/Wordpress%E6%96%87%E7%AB%A0%E5%B0%81%E9%9D%A2-%E5%B0%8F%E8%B3%87%E7%90%86%E8%B2%A1-520x390.png
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 44d61fb5304f557bc9133d36b8405a2d0bd490f65c18151d69378a809eb401ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Tue, 28 Jun 2022 02:50:38 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/png
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff1d0be1-AMS
content-length: 53206
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 %E8%B3%BA%E9%8C%A2%E6%96%B9%E6%B3%95-%E7%8E%A9%E9%81%8A%E6%88%B2%E8%B3%BA%E9%8C%A2-520x390.jpg
theteenworker.com/wp-content/uploads/2023/03/ 37 KB
37 KB 613ms
612ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2023/03/%E8%B3%BA%E9%8C%A2%E6%96%B9%E6%B3%95-%E7%8E%A9%E9%81%8A%E6%88%B2%E8%B3%BA%E9%8C%A2-520x390.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 81b55a740c24003e8fdc348b7d2be4afefae50af171ecb8bdcc2f6876d98845a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Wed, 22 Mar 2023 10:35:10 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff1e0be1-AMS
content-length: 37443
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 %E8%B3%BA%E9%8C%A2%E6%96%B9%E6%B3%95-%E8%B3%BA%E9%8C%A2APP%E6%8E%A8%E8%96%A6-3-520x390.jpg
theteenworker.com/wp-content/uploads/2023/02/ 33 KB
33 KB 236ms
235ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2023/02/%E8%B3%BA%E9%8C%A2%E6%96%B9%E6%B3%95-%E8%B3%BA%E9%8C%A2APP%E6%8E%A8%E8%96%A6-3-520x390.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 3d409d495b6da5045e2faf09432524fc1e2b2dd66194098e981dfd2a9ad6ca10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Tue, 07 Feb 2023 03:15:27 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff200be1-AMS
content-length: 34071
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 %E8%B3%BA%E9%8C%A2%E6%96%B9%E6%B3%95-Cryptotab%E6%95%99%E5%AD%B8-520x390.jpg
theteenworker.com/wp-content/uploads/2022/10/ 44 KB
45 KB 655ms
654ms Image
image/jpeg 66.235.200.146
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://theteenworker.com/wp-content/uploads/2022/10/%E8%B3%BA%E9%8C%A2%E6%96%B9%E6%B3%95-Cryptotab%E6%95%99%E5%AD%B8-520x390.jpg
Requested by: Host: theteenworker.com
URL: https://theteenworker.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 66.235.200.146 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS: host77.ipowerweb.com
Software: cloudflare /
Resource Hash: 5859806e9ce73fc8ab94e4c1a93d5961293f4307464cf6bc0ba24f98656337f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-nginx-cache: WordPress
last-modified: Tue, 11 Oct 2022 13:08:34 GMT
server: cloudflare
cf-cache-status: MISS
vary: User-Agent, Accept-Encoding
x-endurance-cache-level: 0
content-type: image/jpeg
cache-control: public
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
accept-ranges: bytes
cf-ray: 7bb1d5f4ff210be1-AMS
content-length: 45519
expires: Fri, 19 May 2023 01:25:54 GMT

GET
H2 200 AM-JKLUfTsY9F5GdAsZNNpFIYVoZhZbNnfdaTFmHbaxbQE_ZX_peS0zYCmgEkSPctidNjG9ZdvO-DkKo41PjPVRGbr554ZUYQ_FtI5h0E6vR2vSdJ-dMXNsZvuhyWd1nJmBuHZ_o5jebzbHVc_l99g4Z_auX=s541-no
lh3.googleusercontent.com/pw/ 57 KB
57 KB 241ms
240ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/pw/AM-JKLUfTsY9F5GdAsZNNpFIYVoZhZbNnfdaTFmHbaxbQE_ZX_peS0zYCmgEkSPctidNjG9ZdvO-DkKo41PjPVRGbr554ZUYQ_FtI5h0E6vR2vSdJ-dMXNsZvuhyWd1nJmBuHZ_o5jebzbHVc_l99g4Z_auX=s541-no?authuser=0

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

515e7d08ef66a70008c3d949bc89c168ab9fb0eb763818c7cde0468c7b7e8828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: fife
etag: "vdd7"
vary: Origin
content-type: image/jpeg
access-control-expose-headers: Content-Length
cache-control: private, max-age=86400, no-transform
content-disposition: inline;filename="__.JPG";filename*=UTF-8''%E5%8D%A1%E7%88%BE.JPG
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 58252
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 401 B
607 B 36ms
16ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=theteenworker.com&callback=_gfp_s_&client=ca-pub-6458173709205608

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202304190101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6458173709205608&plah=theteenworker.com&bust=31074066

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf4b933e5cfacd7c21b277629b2bd5d8d414d4deaa3ae42f1d19d50a088743ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 255
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 38ms
16ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=theteenworker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 37ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theteenworker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C322 24 KB
2 KB 94ms
94ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&adk=1812271804&adf=3025194257&lmt=1682040353&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x540_l%7C212x540_r&format=0x0&url=https%3A%2F%2Ftheteenworker.com%2F&ea=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040353983&bpp=8&bdt=638&idt=137&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1501668524279&frm=20&pv=2&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=177

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2214c2f7a7941bc1f14f5fb3c82e7e91143fd7173a6c144c9722297b4070fef6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 1470
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 01:25:54 GMT
expires: Fri, 21 Apr 2023 01:25:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2B63 119 KB
36 KB 893ms
892ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=386159007&adf=4102329752&pi=t.aa~a.4253503027~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=1200x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040353991&bpp=2&bdt=646&idt=174&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWlkMahy6x&p=https%3A//theteenworker.com&dtd=178

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d50d6853d0253476369360f6bac9a006caa35e6a2e08f1f2838b944d79f40a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36576
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 01:25:55 GMT
expires: Fri, 21 Apr 2023 01:25:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 20ms
19ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=theteenworker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 19ms
18ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=theteenworker.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame CFA2 100 KB
36 KB 605ms
604ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=2143041766&adf=1639675732&pi=t.aa~a.225361642~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xD2Q3C68Wb&p=https%3A//theteenworker.com&dtd=12

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d2b4851fdcb163e2b9d72da09c99d5550544ad587e894031ffa5df04bff29eb4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 36711
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 01:25:54 GMT
expires: Fri, 21 Apr 2023 01:25:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0DD0 78 KB
25 KB 397ms
395ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b92d00c678821931b2a2aa14d95e7e80b0fd1faf4aba10966471e3886286a2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25816
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 01:25:54 GMT
expires: Fri, 21 Apr 2023 01:25:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D3F0 114 KB
37 KB 579ms
579ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=831287430&adf=2084966385&pi=t.aa~a.1517101829~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280&nras=5&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qXXoSvY4LP&p=https%3A//theteenworker.com&dtd=45

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a4c4f0c46ae67632c17c89cedeb8d38a2d97cf213ee5eec2662b0bef4cc9c70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 37748
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 01:25:54 GMT
expires: Fri, 21 Apr 2023 01:25:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5770 78 KB
25 KB 925ms
925ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9e57af73ed2b90fa56796c4bc7397842f93d48543334e6afc11e9b489ed1629b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 25693
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 01:25:55 GMT
expires: Fri, 21 Apr 2023 01:25:55 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=5&wpc=ca-pub-6458173709205608&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20230418_104524&sat=1681941261152&afm=0&as_count=0&d_count=0&ng_count=0&am_count=5&atf_count=1&mdns=0&alldns=0.217&allp=60&fd=(0%2C30%2C18)%2C(1%2C17%2C0)%2C(2%2C0%2C0)&pgh=6447&abl=false&rr=n&su=theteenworker.com&pvc=3520908935315721&r=0.1&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415

Requested by

Host: theteenworker.com
URL: https://theteenworker.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 0DD0 21 KB
9 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31048
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:48:26 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 0DD0 8 KB
1 KB 45ms
23ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 21 Apr 2023 01:04:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 01:25:54 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 0DD0 14 KB
3 KB 43ms
7ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2819
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 01:41:16 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 0DD0 379 KB
130 KB 44ms
8ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71148
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132560
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 05:40:06 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 0DD0 19 KB
8 KB 1092ms
1070ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 01:25:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0DD0 0
0 37ms
16ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRQQXL9akvpVQ4KZ5X73JDa4yAVfXDPR1a9ZqUQ2VA96z63QfQBRayq05f3Y66RfFRFE_8L9WA1zyTPFKyRhR7EmhVP-w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 0DD0 0
234 B 345ms
115ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lgpvec5x&c=3084645218454&slotId=1542322609227&qqid=CLDbx87ouf4CFchX4AodxdUMuQ&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DD0 15 KB
16 KB 29ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 21047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 0DD0 15 KB
15 KB 29ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 84062
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0DD0 0
20 B 41ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cah0BIuZBZLDCFsivgQfFq7PIC7CWrs5usqH00eUQ8p7coNQBEAEgzJHnemCV4pCCoAegAeH1s6MCyAEFqQIe-v0EuGeyPqgDAcgDmwSqBLYCT9DJAza7gSrYrObTMeW80hydpu4LbdgmOE4Ct8I8VeIbwn-vzzHPeBSHrBmN7JaZU96s4YS5AzKpSRsmpg7bhBO0OKF1D9LnJ7_9WJkcNJKz1kD9AOHRBBXqWfq6VXIueHMPbkcHFNS8V4V4I3S8-eK3QZn8BXE5mCi7bVqpF5dzd07UU9cvKZYfyj9rSpMZGpxH0IiNTQ4VqXtpN7-oVlBwdXXib_2a2JrLevap-9kDfwSaK8tBoryWqoMFAPG6B6KeysScENrsaoW7i6bFD_bdIpf-0wk8l07K2Bn-rpWmBbDQe0NTip54rkDttgunOoZddlnrLKcIeJ3qyWSF3mNtmO_iC3shhsNuDX5NU6OSZ6Hk-KgX3ZZmyJH0bqubWtAk3gZY1BLmGI4E1C4na0Mq9h0rwcAEoOOz85kE4AQDkAYBoAZOgAeHiszcAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAToveIE9ATANgTDYgUA9gUAdAVAfgWAYAXAQ&eventType=clickstring&clientTime=1682040354854&ai=Cah0BIuZBZLDCFsivgQfFq7PIC7CWrs5usqH00eUQ8p7coNQBEAEgzJHnemCV4pCCoAegAeH1s6MCyAEFqQIe-v0EuGeyPqgDAcgDmwSqBLYCT9DJAza7gSrYrObTMeW80hydpu4LbdgmOE4Ct8I8VeIbwn-vzzHPeBSHrBmN7JaZU96s4YS5AzKpSRsmpg7bhBO0OKF1D9LnJ7_9WJkcNJKz1kD9AOHRBBXqWfq6VXIueHMPbkcHFNS8V4V4I3S8-eK3QZn8BXE5mCi7bVqpF5dzd07UU9cvKZYfyj9rSpMZGpxH0IiNTQ4VqXtpN7-oVlBwdXXib_2a2JrLevap-9kDfwSaK8tBoryWqoMFAPG6B6KeysScENrsaoW7i6bFD_bdIpf-0wk8l07K2Bn-rpWmBbDQe0NTip54rkDttgunOoZddlnrLKcIeJ3qyWSF3mNtmO_iC3shhsNuDX5NU6OSZ6Hk-KgX3ZZmyJH0bqubWtAk3gZY1BLmGI4E1C4na0Mq9h0rwcAEoOOz85kE4AQDkAYBoAZOgAeHiszcAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB8yAqoCOgKAQIAKAZgLAcgLAYAMAbAToveIE9ATANgTDYgUA9gUAdAVAfgWAYAXAQ

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0DD0 0
54 B 330ms
115ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lgpvec6g&c=3084645218454&slotId=1542322609227&qqid=CLDbx87ouf4CFchX4AodxdUMuQ&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 0DD0 28 KB
17 KB 182ms
43ms XHR
text/xml 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-BTySptefB3CsKYC6SKvl6qLDLrR6R485EDObTM4Cs-Unfa_dkvJRn_TdTQqaIL763U9vpatBnx8YjjQqniARV_5_JL4A&cry=1&dbm_d=AKAmf-Bz_JscE8DieBDesg2_Z6T0kIrV9sYnxVIuJ9t5k3CD_a3_FqjzPoXlkDmZ232IY_4xCagkBiU-Ly2lHZkllSBSdVQyPhlOPC7arGJ5_kveQZgVyugtdOGMyLq48HzaJCfbr8ZG0lbooaoNzTW4KJOeeDa6vhF2FswNK7ykErYUIrl8b3AL5z4bnqSID2uuuve8qQZsim-1biuaETurJbaDUdzpXyd5ax9o4bwfblNIQKHf9GfJ8vyYPBZpO3_si9OzYcaSV_a8MciHqIX_ntqM7NgtwaoOuz4nrKTHuN64ZTykwLTNl6EEaHm-u8jPD1Mrzoo-1fiqPXLAy1Oo_3nHuv_LCefNcZysqm5rVWgvRo0DENM3JoLzzWmwifqOPrljYPixYPvKpWHms9Lh_TED3lH8t8tRpTspm5nB0i1o7OjMAPuSQ9vmrwCC39TlEPbZY7cqMeSpZx2j9Mfbzi3IRaQo7yayo8f143WcFkuuWjncSwfogPF-Q8z6DC60yQ5codieeh-dTtkNCZVNCFvDnEEEnNGHm3q5qk_45Ip_yGixMKMaclHKoEKi0NAGxYPe7c4-h9Eztom22ntJXGN5lj1xBxYfXgsF-eIlm9UfyunDFbuQDT2k7qALRZnK4EWrG45wGiTjl_e4z5FuCF1FtoskoE8NqC-rs2RGhUAktk4f9vTzPybgUtUSOKZLd-CifS_0Yfy7vYfSZGnbOp20548Vn0dfCtUh22uuDi5rLPsAq2tGqPcALN2iRl7UkTgUn6qdgPINboLWGqcBmdJ8VNaIOZ45rxYigCTlLkM3bCd40L2Bd0FfyyxR0GJIZuNf2sB3VwjwGnfMGRCp96_XqV-P1HxLo3MMyuDMn12rJd9ig9OyVGw3Nh1KzjiNIjTNWy5vP8Dy8H-sTdWHIqrdR1TmAL41M6DH8Zv7bzKUjU5YkqZdqYQ2VQVdpN6g_U8-HYWlyD7-OOMXxw3qAUUAh1A7JP4C1PuvuOhvj3IX5dI3cNQs5WgjPi3RIk4n5_LXS_GC_2bV1brPCejuYQVKY0b77psMRasfaH0p9uoCetBwy8s_HSiKYqKJD4h18gDYtRqgELwz_Z-doRV1uNbsxWD12TLmYR2X2hr8JhvEWn1M7GGrDQEeROjdBdtRMMsdWpDYUnyJFPS5Hx52spzTTIOdAIToRf2ZeyNS4Le3K4wwhvb6h6kzi1UdI7DbdLJyDoi9MkdkgfgaerwdiIPoN9g_y_-aNrve-dL27fS5P0hQAylRw1NEx3RbFEcY3QRbdoC2hkU39F6yaG3Dy2y69m6dWE13-qLX_UgzsIAlJ820380THLbzkUrcBCPwWuzWg_pJ6FIwnNDYOfx8Hr-X4D_QS0R4frExzQzenYz7-5PVLc8iBo-1hfPujlZPdGjNOPehM-1VQk_YIpfa0NHat-kToytHQ7ivHEtQVAX6WlYBDzN60Pmflh3ACqmzJWlkboGCvukv59smhTB-EbSNf8TnPPEFSrNQSkNP1I_GQzlS4GLa8k7cyrengB7ZIIq77VVQzHfXR5j1hdsn1KHdhugl_d3iTaWT-N4NO5Dqkb_lGqo3exsfkYlVD5BpprUj-p9zSlHBj0vzm-i_1jcxpXYThDbxE4UlGl8CWAsRpAJmIs2IRTBCPlV-3mlX285chySK7x5Y9zNBxssyCE-8Q9tJXac5jeQmyU9HLNXZOiEjXf0_myZuc9EqWCZrQHoFmSttbpmQccUQCkFowNtxw6EQr4z589WnxZ5-S4W0MFnQxfFMarLs4LCIdx39cHlNrHJZO2FEH_UllIAUnVYENgQYHh9Ka_TzpvYRyAcG7d45hW50jKmhBIKbriwIx9xquH3UX-lJgu09JBrOJidtTR_Bpvk2wD8CBrEfMHBvjLNyiH83mDgEKOQAKkOixD8UGRnJ0IbXBDILZVLLXHsR7BZp_s_beZhmDxcW-JyLjv62kUgVZr9_9rZX2UAeYUdyGDEqURg16ru-jo6Uv7Hi_8s64fmkiBcSmhOdA2Av6BVaMKL9Sol__ZjSkGQrtZ0Qr1ejAPeJ6IC97j7Uo9Fqpic6zSuI2u0_Xd5f8x1aaZbYS_sJk8dQHeO1C1Z__ViUtwzTGrS_b0pO8amA3fUS3uGzzpvx2sSucPNH3W344jw1SVlDO9Xoo_rIe8PCVHqMZrG57hXKT6QfkfdtVyEIUQwSxaXQz-ims3oLFjKR8douKQKww100yRL7yYos_qwiFfjdIaYJjTrQAuS2NNNCv4T4Do94r_9JmvsI3eaj3dNGHArCBaWwQyZnki4uHwZKcS6iK9RpHklpuwLILBKPORLNEA-ycWO3AY3Z-CKjuggypyMd_g9Tr-D4LxKiXxuleJ6s6h2y4iM-Kixj6XePAWweEwUhrAaI7G9yAjxjRJEX3AyM2onbwKFVWSVk1hrrTj-ytTqG3zcNaqxlo0o6ZQ-jcvkzuxOCN-hQmHjBZ9l-47XhoqW3BzTJIDgMs8FOz5GXWMOUtM6asIAoBqhwiu1WDDMHTfyZGxjNTB4vIYv3b5pH2a1VcrJnMq41geUFYdaegRFdWBLiaKS4PWeiX1cnSxouZ4A7eAtHx1Aes9VAGiIUX5bSgtr2TbUD0ztBk8Rwmu_9KTH5RWJ7qrf3Q_RFCx-SxJiGWAM1GnbV5fSO-JK6u7RIelrVV7lrIU26Vz-326NQoHWBz9PPAbdStGpLb6ER0BMtSdhJ1f_Oz5F3PyY66aMmISXlc-SS8n54rvHft9DQ_FPxQPstZibBIp1QiSEhBR4bor12w9YnfMQ3eC_U4rbnOUuUSeuzOeStTDGTZF9sUltfZSxbfzqNkscnyZTbigS5xSOSXRKOU-U7IUGnz8nP37TVBMJN7kmHqD_r_oC0JYBK7dsZEyLjCi5hLP4m6YMXatF0tMDtC8XGILcJmjYdR0JLcOyEfQriUv0rwOI8JfaUIeF70-_JpvwB3K-jlwG7vsgjlBVo-RI7Jq3tII31jVLS1aVQ_Oj6mcTQsfX1Kslxt_65pE0KosrIlayrA7gkjzGbQzGlJqWiJtCXck84XT_R-i8eqmFT0-o0Hgz9-pQ1uAYXslXzdtr2tvrt_fGN3DpnB32dfvg0ITUSHW32q285oY29vvrG2ubPgi3FNuXIGK4c1iiej1Jf8hkvU-0JKcopgaf_cwjDfpXcQ26cK2q0VUxEAWnF_Yvfblh6lhm9G7Jnq8h4mT6QT4qSYZbnnNyry-4sbhcXeKEaO70_c4LaizpMLK5rSqBpBkHNFkSmLamzpULl3RvzKBKg2iAgAm4EYEPTLhvNk2CWAlqTkAEQJ_mbwOKeJD1aBFuMrEeYgc-B7TM507Ul5A6YWU13nG-qeThA2_PQJNw4PFFWZGhgPKdNWrTPQzfI-kpEUM5MOiqfowiSqrLIlXURc1hwNvdHkABEc-A9mK1B4L670rTHMG23u_niSpjAjFGhA4EDjoqhg0kBXblqtr2512avOubW5koLUJdt_X6uSOf_GpoCA3i1uz1W6NUFb2ZEyDQH_gZV-A9WHqTnD2kdhIKEHlBc_TB3J1ozfozCizCgW4PNJAaquk17GtDD&cid=CAQSPABygQiDF102LBoxPz3yw2mrojRLALiAj5Gf5Tb2vblrPWNPZtmkPXeD3_s1F56deOfksHvamSUFpXTaLxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

88618e1edf40d50b52fa27482998e9560325ec8aa12941d3c059e4c6faca0eb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16491
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0DD0 0
0 45ms
45ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cd3m_IuZBZLDCFsivgQfFq7PIC7CWrs5usqH00eUQ8p7coNQBEAEgzJHnemCV4pCCoAegAeH1s6MCyAEFqQIe-v0EuGeyPqgDAaoEswJP0MkDNruBKtis5tMx5bzSHJ2m7gtt2CY4TgK3wjxV4hvCf6_PMc94FIesGY3slplT3qzhhLkDMqlJGyamDtuEE7Q4oXUP0ucnv_1YmRw0krPWQP0A4dEEFepZ-rpVci54cw9uRwcU1LxXhXgjdLz54rdBmfwFcTmYKLttWqkXl3N3TtRT1y8plh_KP2tKkxkanEfQiI1NDhWpe2k3v6hWUHB1deJv_ZrYmst69qn72QN_BJory0GivJaqgwUA8boHop7KxJwQ2uxqhbuLpsUP9t0il_7TCTyXTsrYGf6ulaYFsNB7Q1OKnniuQO22C6c6hgV3g9gk5bFKDxAJwrw6xTMKZ4iv8xs2MiG_p25yqTFtiPw3Ov6SJLVIutp2NBrKuoB083H4Ch7tMD0wffkoHwfgwASg47PzmQTgBAOIBaqcl-dEkgUGCBsQARgBkgULCCIQAxgBSPqN0gGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBk6AB4eKzNwBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwoQ09sUGJ7ZptQB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwGwE6L3iBPIE4eamuED0BMA2BMNiBQD2BQB0BUBgBcBshccChoIABIUcHViLTY0NTgxNzM3MDkyMDU2MDgYAA&sigh=BKEF94jwsGM&uach_m=[UACH]&cid=CAQSPABygQiDF102LBoxPz3yw2mrojRLALiAj5Gf5Tb2vblrPWNPZtmkPXeD3_s1F56deOfksHvamSUFpXTaLxgB&vt=10

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 01:25:54 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 59B4 1 KB
643 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23129
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 21 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 59B4
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEG95mgc9yhb0Jq5yVnprFCg&google_cver=1&google_push=Aer7DvKEYpoE9uHxJvsMRg3L52s139X7tRTSbvGbcrbw_1S9llHx4INdpNBtvAgtKghZz2kwhpxiPxjEuHF4XYLN2WML8GhDyI1CtZI
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMjIxMjcyMDYxNzg2MjU2MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFiB8x1vgoX4R78huCgrnHc&google_cver=1

43 B
398 B

16ms
16ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFiB8x1vgoX4R78huCgrnHc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 01:25:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEFiB8x1vgoX4R78huCgrnHc&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame 59B4 0
104 B 482ms
24ms Image
text/plain 89.207.16.140
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEK07Ok99L2jl7I-eXm7TrmA&google_cver=1&google_push=Aer7DvK1zOrL7O2z1klTfRuoBzwd2lvPEz0i7fUnOX-jCNhBKGoXRgLTyYoaztrE3fJU9WIRXfuLXpIKwBHUiK71WA-YbwdCS_KoAJ9k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.207.16.140 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams03-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 59B4
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&google_cver=1&google_push=Aer7DvIYu_zjjUnWb3wxyDgS_wuFdYy0D6dJFM9HSCn7a9z...

170 B
232 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&google_cver=1&google_push=Aer7DvIYu_zjjUnWb3wxyDgS_wuFdYy0D6dJFM9HSCn7a9zNdSunWZTy_HSIdY6JvNJHJGwBp63JiVjNAxJW_slV3eZE79HPqi51f2lg

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 01:25:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05e7e34dc077f730b@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEBgg19tB4lnRI4wlT0M2Pbc&google_cver=1&google_push=Aer7DvIYu_zjjUnWb3wxyDgS_wuFdYy0D6dJFM9HSCn7a9zNdSunWZTy_HSIdY6JvNJHJGwBp63JiVjNAxJW_slV3eZE79HPqi51f2lg
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 59B4
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEEYmqiC1j8U7jDcFVwRGf2w&google_cver=1&google_push=Aer7DvL61pwnBmcY3yjKyRA8dMvcwvZYr-lFs9sc0vFikF_R8-vvb71P8TRttxZMSSWK06pAStMyFgzng0jHXDpp88cW3XnYKmdpHut5
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvL61pwnBmcY3yjKyRA8dMvcwvZYr-lFs9sc0vFikF_R8-vvb71P8TRttxZMSSWK06pAStMyFgzng0jHXDp...

170 B
329 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvL61pwnBmcY3yjKyRA8dMvcwvZYr-lFs9sc0vFikF_R8-vvb71P8TRttxZMSSWK06pAStMyFgzng0jHXDpp88cW3XnYKmdpHut5

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvL61pwnBmcY3yjKyRA8dMvcwvZYr-lFs9sc0vFikF_R8-vvb71P8TRttxZMSSWK06pAStMyFgzng0jHXDpp88cW3XnYKmdpHut5
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Apr 2023 01:25:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 59B4
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEOlUVRBDV8xLm1s8dkP3tkE&google_cver=1&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQHwVyj0...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEOlUVRBDV8xLm1s8dkP3tkE&google_cver=1&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQH...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQHwVy...

170 B
188 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQHwVyj0gYB-WyokHb-oe4coZMcMn8fi

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvJ0x5G0TIKyx8fpMwaddKOIMN8o6KGR_uLxJ5JDBvAtHcuoCflFUDGa-NyEqYFIF1AfFQHwVyj0gYB-WyokHb-oe4coZMcMn8fi
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame 59B4 43 B
297 B 201ms
24ms Image
image/gif 2a05:d01c:1d8:8100:85e3:b246:393:848f
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESELoUfEcvhtuICFqL6ESwUCg&google_cver=1&google_push=Aer7DvIAJ_qTZ9_SfSR4DlhKOTs6EyNTRRpzvBcIgtDepGcWnRqsYGylKhHKLb-zmKZYmPoVhJbJSyY8mlPIiFjPskuj6E49dY5sIIvg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=2763038722&pi=t.aa~a.4187551340~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=2&bdt=978&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280&nras=4&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=1729&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&cms=2&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&xpc=LgsYUTSZh0&p=https%3A//theteenworker.com&dtd=25
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:85e3:b246:393:848f London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
cache-control: no-cache
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 59B4 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 59B4 0
139 B 129ms
14ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KDXsyAIQHV_gD3sHjJXjmbq2zrHbUBlWMxs7vfRcaF92BA6zIXjbEuSy3IADESnKhqoFiUBQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame CFA2 9 KB
4 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=2143041766&adf=1639675732&pi=t.aa~a.225361642~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xD2Q3C68Wb&p=https%3A//theteenworker.com&dtd=12

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 01:41:17 GMT

GET
H2 200 error_handler.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CFA2 8 KB
3 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/error_handler.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30504
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3465
x-xss-protection: 0
server: cafe
etag: 6788195977828770272
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:57:31 GMT

GET
H2 200 21eb5d7c47bc016b9c33858ab468091e.js Show response
www.gstatic.com/mysidia/ Frame CFA2 18 KB
8 KB 33ms
10ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95616f34a1e85258e238c14c3aa1ca3fb74a35703e0e8eb2cb4c834a423ee697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7763
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 10:05:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CFA2 6 KB
765 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:59:49 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 01:25:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CFA2 2 KB
765 B 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:53:51 GMT

GET
H2 200 ee2c59080e5bf120007802dc0b017c3c.js Show response
www.gstatic.com/mysidia/ Frame CFA2 6 KB
2 KB 32ms
9ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee2c59080e5bf120007802dc0b017c3c.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b977bf6527db152aec01f17b8ccdfcb28ba1526096c1af1d784cef47eab2fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2361
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 04:02:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame CFA2 21 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:48:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CFA2 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame CFA2 19 KB
8 KB 871ms
870ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 01:25:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CFA2 0
0 16ms
14ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRbWv9A9D1D9WSOzr4OeGcqj4bafZpbgGOP9144C4pUgeKC6Jxp5O6dif-JU0iLE16E6VD2ps2QynuEXPjIcRHlpZEMhA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=2143041766&adf=1639675732&pi=t.aa~a.225361642~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xD2Q3C68Wb&p=https%3A//theteenworker.com&dtd=12
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CFA2 159 KB
49 KB 34ms
24ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 01:25:55 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame CFA2 32 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 03:40:25 GMT

GET
H2 200 8e3adedd6f76ceb5825dd9d6f211c14b.js Show response
www.gstatic.com/mysidia/ Frame D3F0 9 KB
4 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/8e3adedd6f76ceb5825dd9d6f211c14b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=831287430&adf=2084966385&pi=t.aa~a.1517101829~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280&nras=5&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qXXoSvY4LP&p=https%3A//theteenworker.com&dtd=45

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:41:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85478
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3832
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 01:41:17 GMT

GET
H2 200 21eb5d7c47bc016b9c33858ab468091e.js Show response
www.gstatic.com/mysidia/ Frame D3F0 18 KB
8 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95616f34a1e85258e238c14c3aa1ca3fb74a35703e0e8eb2cb4c834a423ee697

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 10:05:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 141608
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7763
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Tue, 18 Jul 2023 10:05:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame D3F0 4 KB
691 B 16ms
15ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:58:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 01:25:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D3F0 2 KB
765 B 9ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:53:51 GMT

GET
H2 200 ee2c59080e5bf120007802dc0b017c3c.js Show response
www.gstatic.com/mysidia/ Frame D3F0 6 KB
2 KB 23ms
10ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ee2c59080e5bf120007802dc0b017c3c.js?tag=analytics_pingback_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b977bf6527db152aec01f17b8ccdfcb28ba1526096c1af1d784cef47eab2fc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 04:02:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77028
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2361
x-xss-protection: 0
last-modified: Fri, 14 Apr 2023 00:44:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 04:02:07 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame D3F0 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:48:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D3F0 3 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:46:24 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame D3F0 19 KB
8 KB 882ms
881ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 01:25:55 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame D3F0 0
0 17ms
13ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQbGtLV3vwdR5GX0k7CKY8ZfVfLjqv2j757_zUuVEK_wVQrJqPDvTpM-xWrU61hLltLF2q6Kv30kpfqtfhQZa9-sfyzeQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=831287430&adf=2084966385&pi=t.aa~a.1517101829~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280&nras=5&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qXXoSvY4LP&p=https%3A//theteenworker.com&dtd=45
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D3F0 159 KB
49 KB 43ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 01:25:55 GMT

GET
H3 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame D3F0 32 KB
13 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 03:40:25 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2B63 2 KB
531 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=386159007&adf=4102329752&pi=t.aa~a.4253503027~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=1200x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040353991&bpp=2&bdt=646&idt=174&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWlkMahy6x&p=https%3A//theteenworker.com&dtd=178

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:55:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 01:25:55 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2B63 2 KB
765 B 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:53:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 30724
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
server: cafe
etag: 1394486882873449110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:53:51 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 2B63 21 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:48:26 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2B63 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:46:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31171
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:46:24 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 2B63 19 KB
8 KB 786ms
785ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 01:25:55 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2B63 159 KB
49 KB 36ms
15ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49672
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1681929791789681"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 21 Apr 2023 01:25:55 GMT

GET
H2 200 f8970ecc2196f374e9d99027c476dd6b.js Show response
www.gstatic.com/mysidia/ Frame 2B63 32 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/f8970ecc2196f374e9d99027c476dd6b.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 03:40:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 78330
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13747
x-xss-protection: 0
last-modified: Tue, 18 Apr 2023 02:08:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 19 Jul 2023 03:40:25 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 0DD0 0
54 B 117ms
117ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lgpvec6v&c=3084645218454&slotId=1542322609227&qqid=CLDbx87ouf4CFchX4AodxdUMuQ&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DD0 41 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 02:01:19 GMT

HEAD
H/1.1

200
OK

file.mp4
r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0DD0
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

86ms
13ms

Fetch
video/mp4

2a00:1450:400e:15::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4E0E96B8CA1293FF4E36375A123793D19E1B90EF.33814A9DC83D11E1D91D40C84D0EA91341B6899D/key/cms1/cms_redirect/yes/mh/sx/mip/2001:ac8:20:3a00:1012:3cf8:963d:b5e1/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1682040051/mv/m/mvi/2/pl/49/file/file.mp4

Requested by

Protocol

HTTP/1.1

Server

2a00:1450:400e:15::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Fri, 21 Apr 2023 01:25:55 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2888872
Last-Modified: Wed, 28 Sep 2022 05:26:37 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Fri, 21 Apr 2023 01:25:55 GMT

Redirect headers

date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4E0E96B8CA1293FF4E36375A123793D19E1B90EF.33814A9DC83D11E1D91D40C84D0EA91341B6899D/key/cms1/cms_redirect/yes/mh/sx/mip/2001:ac8:20:3a00:1012:3cf8:963d:b5e1/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1682040051/mv/m/mvi/2/pl/49/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2B63 0
0 53ms
53ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COH4AIuZBZMqvC5eG7gPTkoIo-7Dth3Dv0_nzlRHSr_j0mTEQASDMked6YJXikIKgB6ABxI7ZlgHIAQmpAh76_QS4Z7I-qAMByAPLBKoEiwJP0Key9QMtUC-3sz2RPXapreV3ZHfByuWkc62bjVOZj36jwUSS1mZglCfxsV8P9vgAVadnsHCxtZK8yPkExRZPoNU0gYkR_Fp5X2w6VCZku4p1HfaS2ohQlcjYCxXVPJAb3FefVjfi_zv3XiNgmTA2nyrLpwW4b-Z1XG8r7JJtGC_at4Xk5FMpifSGlcqvhlRzD256ryJ66cgeNs6GH9JzfEmnsoTyDGRVElkNjJdR6ymGtoG1ey9phxGp7DZG7VPv4idd5r9JVBFSpWPgZHy-eDeAXmQABKK-rRsa0t1MsHubF28ueSjP2jrHoqzHv1Wqcxtu9ldHAUh8yJhOfSoxYmUIyUfqgfK2ZULABLrkwamRBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAek8abpAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBCCtm3SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTC9AVAYAXAbIXHAoaCAASFHB1Yi02NDU4MTczNzA5MjA1NjA4GAA&sigh=4vjHx1q89VQ&uach_m=[UACH]&cid=CAQSGwBygQiDGyVl-qXWYbCE9Nr1aASGA4GITvQYxxgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=386159007&adf=4102329752&pi=t.aa~a.4253503027~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=1200x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040353991&bpp=2&bdt=646&idt=174&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=229&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=wWlkMahy6x&p=https%3A//theteenworker.com&dtd=178
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2B63 17 KB
17 KB 46ms
8ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcSsyB4vdBSIqReO8AtlQcoe9jRYNuKKpD8KYQIFKVJJ0EQZhCzkCPzoERMx6cc&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca667f167deceab3b773d4161758df493db8b0d28e9d41e4225bc2c10ea24d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 20:51:18 GMT
x-content-type-options: nosniff
age: 275677
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17027
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 10:06:11 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 Apr 2024 20:51:18 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 2B63 12 KB
12 KB 44ms
7ms Image
image/jpeg 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcTt7nRoceLpfDsAKkBD1zWaGWsZnHwVT36LSHQtAFrDE_SAL3SXwqqBtk6Zmv8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba5d13f6f6555ed3cbc0cd3a7742e67e3f9bf817bd0ca0e852133d9b7265175d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 08:53:11 GMT
x-content-type-options: nosniff
age: 232364
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12172
x-xss-protection: 0
last-modified: Mon, 27 Mar 2023 08:09:04 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 17 Apr 2024 08:53:11 GMT

GET
H2 200 shopping
encrypted-tbn0.gstatic.com/ Frame 2B63 14 KB
14 KB 44ms
7ms Image
image/jpeg 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn0.gstatic.com/shopping?q=tbn:ANd9GcTV0zmgvwAylZhcQraeqnfpS1YNVD33VWcMs9ZHxxTq3Z1aJ1VoMb4PdCZyVQ&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

677d6bb0a82c5d6fe79800c43068508653f298e0a4bda7d18f656331e706c515

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:51:54 GMT
x-content-type-options: nosniff
age: 63241
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14308
x-xss-protection: 0
last-modified: Mon, 02 Jan 2023 10:36:25 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 Apr 2024 07:51:54 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2B63 16 KB
16 KB 58ms
7ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcQcxyUwsggCYkzbZ6jEpK8fNO6WAn4nT4olKmD1IMJQ87qGJKdpaamFRUJ-cM8&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

214615e9b7bfe7befc83ff62075d8169c7663ffc9d909166de88fce264c26c17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Mon, 17 Apr 2023 20:46:22 GMT
x-content-type-options: nosniff
age: 275973
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16285
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 08:35:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Tue, 16 Apr 2024 20:46:22 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2B63 12 KB
13 KB 56ms
6ms Image
image/jpeg 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcS41KbjbYO-NKa2tpUZ8iyOnXSvbRO3hXJwJZziN67iQq2kmgykBmzoTnAsXA&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b91359944662028be21ac3714760a640c8d6b8b17fa00aded3a6dcd37506a0f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 12:08:18 GMT
x-content-type-options: nosniff
age: 47857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12528
x-xss-protection: 0
last-modified: Sun, 16 Apr 2023 08:19:03 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Fri, 19 Apr 2024 12:08:18 GMT

GET
H2 200 shopping
encrypted-tbn2.gstatic.com/ Frame 2B63 13 KB
13 KB 62ms
12ms Image
image/png 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn2.gstatic.com/shopping?q=tbn:ANd9GcSfnQpJgx17C-MHJjSDjzObF7_DUf19CI9pBaf8k1G90PwyCfI&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee2ea6a83236c438345616fbc5638dec6a952c71f5c3c93178d18f89f03da4d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 02:17:36 GMT
x-content-type-options: nosniff
age: 256099
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13524
x-xss-protection: 0
last-modified: Sat, 28 Aug 2021 01:12:06 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Wed, 17 Apr 2024 02:17:36 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/2761152141688071005/ Frame CFA2 20 KB
20 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/2761152141688071005/14763004658117789537?w=400&h=209

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb2338ddb36996a667d9684bfdf65c58817d8e80e70a1b392ef86b3cb652bd32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 07:40:24 GMT
x-content-type-options: nosniff
age: 63931
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20948
x-xss-protection: 0
last-modified: Tue, 28 Jun 2022 17:48:56 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 07:40:24 GMT

GET
H3 200 14763004658117789537
tpc.googlesyndication.com/simgad/13744638465717299749/ Frame CFA2 1 KB
1 KB 11ms
11ms Image
image/png 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13744638465717299749/14763004658117789537?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

247747c8d78cb2a32b9addf67bcb24f31efeb5a8b34cbba51e26b30a474a4b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:12:03 GMT
x-content-type-options: nosniff
age: 72832
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1298
x-xss-protection: 0
last-modified: Fri, 24 Jun 2022 05:45:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Apr 2024 05:12:03 GMT

GET
DATA 200
OK truncated
/ Frame CFA2 221 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame D3F0 287 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce

Request headers

Referer
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3

200

624907996767536446
tpc.googlesyndication.com/simgad/ Frame D3F0
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKDr3ZqF_gEQgAgYgAgyCFFyRh2Ouq9r
https://tpc.googlesyndication.com/simgad/624907996767536446

8 KB
8 KB

9ms
7ms

Image
image/png

2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/624907996767536446

Requested by

Protocol

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 14 Apr 2023 18:05:12 GMT
x-content-type-options: nosniff
age: 544843
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8502
x-xss-protection: 0
last-modified: Tue, 09 Apr 2019 09:00:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 13 Apr 2024 18:05:12 GMT

Redirect headers

date: Thu, 20 Apr 2023 04:40:59 GMT
x-content-type-options: nosniff
server: cafe
age: 74696
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://tpc.googlesyndication.com/simgad/624907996767536446
content-type: text/html; charset=UTF-8
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 20 May 2023 04:40:59 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame CFA2 0
0 54ms
54ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cv1ArIuZBZNvLFYOWgQf-0ZygD-71todwu4zwpMERjsS_krYwEAEgzJHnemCV4pCCoAegAcuLrecDyAEJqQJsJTA__t-0PqgDAcgDywSqBIYCT9ALp1cqrdf4V7Xj3vwEot8fyIdDo2v3JkSmM2LFSIzXZrAyoLaNngXhCUdbDQFN8fLoUJDtcYt3TZb2kINIhPpCbm7G0eyjVIkkJURo6wSt6QyECyDieeDKAj5g43rdVi150ZRsJs4RxMft6hhxUBStTU4ihhhRTIkH3tdCpO4Te4vAOBEO8YvMSbmRROAIzSt9sVcwrkK1BBalMsXqVRQaRk3AtmUtoh4kXGHgnYKgNM5B1BWiXteX46_vOundyP8O3lsoNQFcGHl9hEdheN_rP9bUlGnl4oTGjGkbKEQoG8CHTWYugtx9H3iIpuf8DPaFAeA5EIgcneMM3UqxdEXqQx8cUsAEgIv01r8EkgUECAQYAZIFBAgFGASgBi6AB5300hioB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAPIHBBCP-wPSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAbgT5APYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItNjQ1ODE3MzcwOTIwNTYwOBgA&sigh=UUOIl40ac6U&uach_m=[UACH]&cid=CAQSPABygQiD9TXdeKZFjfdNncapiyloAPHAZSd-Le_cfcILoLI6f1a8WOAJW47PpskAik6pZ5SIzAVzbV_2RBgB&template_id=484

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=2143041766&adf=1639675732&pi=t.aa~a.225361642~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xD2Q3C68Wb&p=https%3A//theteenworker.com&dtd=12
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 80C3 1 KB
643 B 8ms
7ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 21 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D3F0 0
0 57ms
56ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdTCNIuZBZJLAF4mcgAfsopnACL2Npq9v582vrL8OitGj7b4BEAEgzJHnemCV4pCCoAegAbC6odcDyAEJqQLIauLaZGWyPqgDAcgDywSqBIYCT9DhebSUzj6guPMuCw3CbbR8D8dCNo_ek-P48ao6CVWmQh0d44QSDY2wjb3p72hp8VxIuF1OL_zOe40lLHH7C1E0Wl5oXS0JFM7ssuXjJK0HLzEQeMUy5WDxwPFU2CJm1raZczZm-lBRJKMJhhxEm5A6K3-2L6cJRztko6qEnvvYhKMiBo1XmVyjtvHze8Vi4FMRKR0B5dAdsjQzJ9tUIqbA-EHo29PgkMdlG17er5fRSA3iX4n7e-MA0QW7zzE4dwF4vZwTSjOZI7zj_4YqaywyBighm-NPrinkOibuE2B_rwL6SPSh50rkf50BbnCCo_WPUZstOG_I4SLRjydow5mJuHPiocAE-ZypquADkgUECAQYAZIFBAgFGASgBi6AB8X3rT6oB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAemvhvYBwDyBwQQsPME0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEwyIFALQFQGAFwGyFxwKGggAEhRwdWItNjQ1ODE3MzcwOTIwNTYwOBgA&sigh=dsHSzO5jm3U&uach_m=[UACH]&cid=CAQSPABygQiDJDhi_VedSC5aGNH6NVqJvvHLHWVcBj0uEy4YlrTJe8dQqolXOjU_tdiehlUzioOTOO9SxDWsFxgB&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=831287430&adf=2084966385&pi=t.aa~a.1517101829~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280&nras=5&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qXXoSvY4LP&p=https%3A//theteenworker.com&dtd=45
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 80DD 1 KB
643 B 8ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 21 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 6209 23 KB
9 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 04:12:18 GMT
expires: Fri, 19 Apr 2024 04:12:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80C3
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEFaPXs9LhW8uuLVaZ7s6tzg&google_cve...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEFaPXs9LhW8uuLVaZ7s6tzg&google_cver=1&google_push=Aer7DvIamW8ksZt-mycvYXUSM3QUjQ8JBeJkK3eplZvvWS3...

170 B
188 B

16ms
15ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEFaPXs9LhW8uuLVaZ7s6tzg&google_cver=1&google_push=Aer7DvIamW8ksZt-mycvYXUSM3QUjQ8JBeJkK3eplZvvWS3Q4YWuVZRHpNg1Iu_TbYwU8ZWBVzDy1fOdwJY51vxGShtltD1zYiDCFlU

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 01:25:54 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/v2.0.30-775-g5f74e41#rel-ec2-master i-05bcdf9d4cddcb229@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=Ykhmd0NUSEsxUFBGeDk1&google_gid=CAESEFaPXs9LhW8uuLVaZ7s6tzg&google_cver=1&google_push=Aer7DvIamW8ksZt-mycvYXUSM3QUjQ8JBeJkK3eplZvvWS3Q4YWuVZRHpNg1Iu_TbYwU8ZWBVzDy1fOdwJY51vxGShtltD1zYiDCFlU
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 80C3 70 B
265 B 102ms
29ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEI6Ya0kOwcctpb2JmX0X_5E&google_cver=1&google_push=Aer7DvKR5NuXu0OvKhDZsXujXnJEXHgSfYSFOs5Uzkn1-ckLWc_Qn7mFz0KpX7dD-vkO4_IvqhlcEGgiMMUKNKetlTRw0rYbY3Zw4jA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=2143041766&adf=1639675732&pi=t.aa~a.225361642~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=1585&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=xD2Q3C68Wb&p=https%3A//theteenworker.com&dtd=12
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80C3
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEDx12oAmjWsn9zjqrXmA08Q&google_cver=1&google_push=Aer7DvKSZGkldNouYJHgnGGRFH4cB9EpqTiK6z6pOLJwEYBO7T_4IyL4IdjOFu91nvYgdjZvHPOd5vl5lZNHpaGOsVqIZpI...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKSZGkldNouYJHgnGGRFH4cB9EpqTiK6z6pOLJwEYBO7T_4IyL4IdjOFu91nvYgdjZvHPOd5vl5lZNHpaGOsVqIZpIEYHywUg&google_hm=eS0ySEFxaDN0RTJwRjhS...

170 B
188 B

17ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKSZGkldNouYJHgnGGRFH4cB9EpqTiK6z6pOLJwEYBO7T_4IyL4IdjOFu91nvYgdjZvHPOd5vl5lZNHpaGOsVqIZpIEYHywUg&google_hm=eS0ySEFxaDN0RTJwRjhSNldhQjZlMGdpa3VDdW5zb0V2NX5B

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKSZGkldNouYJHgnGGRFH4cB9EpqTiK6z6pOLJwEYBO7T_4IyL4IdjOFu91nvYgdjZvHPOd5vl5lZNHpaGOsVqIZpIEYHywUg&google_hm=eS0ySEFxaDN0RTJwRjhSNldhQjZlMGdpa3VDdW5zb0V2NX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80C3
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHF9LhLcLtFh9uy80x-kd1w&google_cver=1&google_push=Aer7DvIjqISaTPTObbUAA-_FQ0qWWQ4c6XOYDRGrOCbHV7hVUjjF3eeRJV38Ns7XSORDaynK-H_AXfiE...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvIjqISaTPTObbUAA-_FQ0qWWQ4c6XOYDRGrOCbHV7hVUjjF3eeRJV38Ns7XSORDaynK-H_AXf...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvIjqISaTPTObbUAA-_FQ0qWWQ4c6XOYDRGrOCbHV7hVUjjF3eeRJV38Ns7XSORDaynK-H_AXfiEVbpyfvESltVHLJ4T-lEQoA

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvIjqISaTPTObbUAA-_FQ0qWWQ4c6XOYDRGrOCbHV7hVUjjF3eeRJV38Ns7XSORDaynK-H_AXfiEVbpyfvESltVHLJ4T-lEQoA
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80C3
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6EBBRgGTQOmY0-rCPGxeVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6EBBRgGTQOmY0-rCPGxeVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJUpv6wP8TfV4Kn_5AJ09-6eNFs5ZH6r26ddIO6s93_lvrxGcufuj1Qn2AEpg2jyqJw6ZqtcEbCaOTA-8JFWsgCD8pMI8Cl4Q

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=6EBBRgGTQOmY0-rCPGxeVw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=Aer7DvJUpv6wP8TfV4Kn_5AJ09-6eNFs5ZH6r26ddIO6s93_lvrxGcufuj1Qn2AEpg2jyqJw6ZqtcEbCaOTA-8JFWsgCD8pMI8Cl4Q
date: Fri, 21 Apr 2023 01:25:54 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80C3
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECLrrSRCpfFZP9qM6AmwMnA&google_cver=1&google_push=Aer7DvJOtXpLZiY81fdSQS3LTfNyQ5I_auaW9AlBPoEdiMD6fvBewULyGizB5zyxxqr4C2owGHk...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVgtMTgtQVhRRQ==&google_push=Aer7DvJOtXpLZiY81fdSQS3LTfNyQ5I_auaW9AlBPoEdiMD6fvBewULyGizB5zyxxqr4C2owGHkYhDlReU0UkEV_s2IpV83iykaybKQ

170 B
188 B

19ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVgtMTgtQVhRRQ==&google_push=Aer7DvJOtXpLZiY81fdSQS3LTfNyQ5I_auaW9AlBPoEdiMD6fvBewULyGizB5zyxxqr4C2owGHkYhDlReU0UkEV_s2IpV83iykaybKQ

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVgtMTgtQVhRRQ==&google_push=Aer7DvJOtXpLZiY81fdSQS3LTfNyQ5I_auaW9AlBPoEdiMD6fvBewULyGizB5zyxxqr4C2owGHkYhDlReU0UkEV_s2IpV83iykaybKQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80C3
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJzZCCUkSKU7mr3NHjNBYMI&google_cver=1&google_push=Aer7DvKGctaxBZyAFotgkhkCOqr623oCtlW7iuKYuUBLwqthYoe4tkGFTCVV2AKVP5FYIpJ72tr0VMt0t1py...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKGctaxBZyAFotgkhkCOqr623oCtlW7iuKYuUBLwqthYoe4tkGFTCVV2AKVP5FYIpJ72tr0VMt0t1pyBhQUmEBpebv2Z5rjfGY

170 B
188 B

25ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKGctaxBZyAFotgkhkCOqr623oCtlW7iuKYuUBLwqthYoe4tkGFTCVV2AKVP5FYIpJ72tr0VMt0t1pyBhQUmEBpebv2Z5rjfGY

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=Aer7DvKGctaxBZyAFotgkhkCOqr623oCtlW7iuKYuUBLwqthYoe4tkGFTCVV2AKVP5FYIpJ72tr0VMt0t1pyBhQUmEBpebv2Z5rjfGY
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 80C3 0
12 B 15ms
14ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JTwEWkI5pNg-9geRgeavDGM5T97utctO6_H3J557sNyRFGG-hrtj-Ayzd3sk0WWU4Y6Mgs

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80DD
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESELSRI-e_JDeyCCSjTGsfNEE&google_cver=1&google_push=Aer7DvJEF0DEd34GkpHgsqNkQF1TkADKZSsPRCK8qfBodwbq93c_yB0EfCwrfosoTOjtiU0YbkZpDgNTFmAo9p11oFnmQ85sW8kiNnA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvJEF0DEd34GkpHgsqNkQF1TkADKZSsPRCK8qfBodwbq93c_yB0EfCwrfosoTOjtiU0YbkZpDgNTFmAo9p1...

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvJEF0DEd34GkpHgsqNkQF1TkADKZSsPRCK8qfBodwbq93c_yB0EfCwrfosoTOjtiU0YbkZpDgNTFmAo9p11oFnmQ85sW8kiNnA

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvJEF0DEd34GkpHgsqNkQF1TkADKZSsPRCK8qfBodwbq93c_yB0EfCwrfosoTOjtiU0YbkZpDgNTFmAo9p11oFnmQ85sW8kiNnA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Apr 2023 01:25:55 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 80DD 70 B
264 B 94ms
30ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEDtumSR4C4brRzbjfzWQfHw&google_cver=1&google_push=Aer7DvIlbMfakzigNNPBSrLVE7QizMjunLMZ7VXaUlLrNVUyf7yMgdhxsju10Yol7e7JcN6SiA9n9YEJybTD28F-E5bjPk1icUtMXiQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=831287430&adf=2084966385&pi=t.aa~a.1517101829~rp.4&w=340&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=340x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=977&idt=-M&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280&nras=5&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1045&ady=2873&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&xpc=qXXoSvY4LP&p=https%3A//theteenworker.com&dtd=45
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80DD
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESECkDRv3qW5G-uIo5xMgA478&google_cver=1&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsab...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESECkDRv3qW5G-uIo5xMgA478&google_cver=1&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBE...
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsabLrihh1t4elQ&google_hm=JBniuVy6Rce1EEjQ3s1Y...

170 B
188 B

26ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsabLrihh1t4elQ&google_hm=JBniuVy6Rce1EEjQ3s1YRg==

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsabLrihh1t4elQ&google_hm=JBniuVy6Rce1EEjQ3s1YRg==
date: Fri, 21 Apr 2023 01:25:55 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80DD
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEKWArXVFbfciNNSKPg3iBXY&google_cver=1&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5Vdio...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEKWArXVFbfciNNSKPg3iBXY&google_cver=1&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5Vd...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5VdioCNDz2rsE

170 B
188 B

17ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5VdioCNDz2rsE

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvI6sRZJVl3ST6PNR6o9Gay3qXue_Z1iJI8GFmBs82b3nfCYSNNN4wA1stLuZwtQIRerQmBvKbwa_C0bY08Gdc5VdioCNDz2rsE
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80DD
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELP4IQDIIECMkTVPmVfu8eY&google_cver=1&google_push=Aer7DvLUDBQAjDBtm1tkqSiz1OaHS-n4bmpDAACuSkgUo7ahabW8vGb1wT_k2IknE5pKK9auGcd...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVctUy1GUlAy&google_push=Aer7DvLUDBQAjDBtm1tkqSiz1OaHS-n4bmpDAACuSkgUo7ahabW8vGb1wT_k2IknE5pKK9auGcdIxK41S3obqYmNQXO9T1flOrcFxQ

170 B
188 B

28ms
25ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVctUy1GUlAy&google_push=Aer7DvLUDBQAjDBtm1tkqSiz1OaHS-n4bmpDAACuSkgUo7ahabW8vGb1wT_k2IknE5pKK9auGcdIxK41S3obqYmNQXO9T1flOrcFxQ

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEdQVkVDSVctUy1GUlAy&google_push=Aer7DvLUDBQAjDBtm1tkqSiz1OaHS-n4bmpDAACuSkgUo7ahabW8vGb1wT_k2IknE5pKK9auGcdIxK41S3obqYmNQXO9T1flOrcFxQ
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: e06182bf224d96e6550f4595601cdb0b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80DD
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_push=Ae...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_hm=ZEHmI0akjcPvNQqzOHlo-wAAFBQAAAAB&google_nid=index&google_push=Aer7DvKldKLGmIO1sagpw8UsMNyfac8SxauV9...

170 B
188 B

20ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_hm=ZEHmI0akjcPvNQqzOHlo-wAAFBQAAAAB&google_nid=index&google_push=Aer7DvKldKLGmIO1sagpw8UsMNyfac8SxauV9iAcKYZeUaSxnAdBzbOgtoOmnj1XNQdbZ9RlJ7QquXtlpK2rhBLsLFp4437hf0QApQo

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 21 Apr 2023 01:25:55 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEC11cvBTBERyj5cf8QUIKcY&google_hm=ZEHmI0akjcPvNQqzOHlo-wAAFBQAAAAB&google_nid=index&google_push=Aer7DvKldKLGmIO1sagpw8UsMNyfac8SxauV9iAcKYZeUaSxnAdBzbOgtoOmnj1XNQdbZ9RlJ7QquXtlpK2rhBLsLFp4437hf0QApQo
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 80DD
Redirect Chain

https://ag.innovid.com/trk?tid=11711&google_gid=CAESEGiJkzguKYF6l6nnU8oefrk&google_cver=1&google_push=Aer7DvIVEML05KnGB9pcI5E2sM6MFUr6xLqr9BvapVQzo7ahy1C9T83atC5YFUhwGrmjndop9mQVEQL7qPcpUCNDViaTTC9...
https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=Aer7DvIVEML05KnGB9pcI5E2sM6MFUr6xLqr9BvapVQzo7ahy1C9T83atC5YFUhwGrmjndop9mQVEQL7qPcpUCNDViaTTC9VRCt8bg&google_hm=HOt_Ktw8QbGfGF...

170 B
188 B

26ms
26ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=Aer7DvIVEML05KnGB9pcI5E2sM6MFUr6xLqr9BvapVQzo7ahy1C9T83atC5YFUhwGrmjndop9mQVEQL7qPcpUCNDViaTTC9VRCt8bg&google_hm=HOt_Ktw8QbGfGF-M340atg

Requested by

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=innovid_ddp&google_push=Aer7DvIVEML05KnGB9pcI5E2sM6MFUr6xLqr9BvapVQzo7ahy1C9T83atC5YFUhwGrmjndop9mQVEQL7qPcpUCNDViaTTC9VRCt8bg&google_hm=HOt_Ktw8QbGfGF-M340atg
pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
cache-control: no-cache
content-length: 0
request-time: 1
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 80DD 0
12 B 15ms
14ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JX_f0DdalS26ctJvt8BIiAW9JRxVlPHmm3-t_938Hi4LBe_pNS_KrMc4LbGwMTmZN3YKqL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CFA2 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 6209 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 02:54:51 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3F0 0
20 B 40ms
40ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 206 file.mp4
r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 0DD0 108 KB
0 38ms
13ms Media
video/mp4 2a00:1450:400e:15::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:15::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 21 Apr 2023 01:25:55 GMT
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2888871/2888872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2888872
last-modified: Wed, 28 Sep 2022 05:26:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/ Frame 5770 21 KB
8 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 16:48:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 31049
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8535
x-xss-protection: 0
server: cafe
etag: 13968503839060854674
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 04 May 2023 16:48:26 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 5770 8 KB
713 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 20 Apr 2023 23:59:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Apr 2023 01:25:55 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 5770 14 KB
3 KB 9ms
6ms Stylesheet
text/css 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.css

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 01:41:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 85479
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2819
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 01:41:16 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/ Frame 5770 379 KB
130 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:40:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 71149
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 132560
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 20:21:28 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 05:40:06 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/ Frame 5770 19 KB
8 KB 599ms
598ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230418/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
age: 0
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8104
x-xss-protection: 0
server: cafe
etag: 11444945707709536616
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 05 May 2023 01:25:55 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5770 0
0 14ms
14ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSl7WXJgpXlmh8ClKVXSOvWiHg4uIges5XmVhQ-RFqhRQ7ybGZdH3xlIjenbKkjxANQ6Zo1VPwVvZOREtXwZXVOHWbwCA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame 5770 0
45 B 117ms
117ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lgpvecka&c=1262348113595&slotId=631174056797.5&qqid=COuDyc7ouf4CFXHLEQgdWZAEpg&fb=outstream-lima&sei=44729911%2C44730425%2C44730426%2C44752538%2C75259414%2C420706098&nsei=44714510%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5770 15 KB
16 KB 12ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 21048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 5770 15 KB
15 KB 13ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 84063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5770 0
20 B 45ms
41ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CvIDFIuZBZOvqF_GWx_AP2aCSsArTlfL8bue7mqj6ELLov7DeARABIMyR53pgleKQgqAHoAHh9bOjAsgBBakCHvr9BLhnsj6oAwHIA5sEqgSwAk_Q6EFmzNpFrlF0hUYBfsGfviCBw5RS596OZk4bmqWl4wEyXjDO6YYrzYjwAxekQLAXF5JXsz8K1qYUtl_1W7-FDcEMkon8cIA6dma_3792ufZBdWOmqIjlO0l1gy3iOFpUG4zKMME_L5sTTd37J-DIMpTiIy8iWSOBxM3Zb2FRcQZRbEOqUBUIDtPhllLrCCiStGlYoTHE7NLp0tfODzijx5GcVRzANqbIM97loFl8zPwX5nupchOFO_zjWvMhatt_3yzWpHGjXkFB3Xfxj3iImb1eovKL6qpcjq0DXLu4n4yU5op1ZU_x69x50GvEr61LVa9iQDXPGE11am4a46qa8sRd0FFVYbg6zfLR0wtYcjeo4mXlJ6H2QAt0HI3gXNOlswcJQOR_mPPLHWfetxzABKLQzPOFBOAEA5AGAaAGToAHh4rM3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE6L3iBPQEwDYEw2IFAPYFAHQFQH4FgGAFwE&eventType=clickstring&clientTime=1682040355372&ai=CvIDFIuZBZOvqF_GWx_AP2aCSsArTlfL8bue7mqj6ELLov7DeARABIMyR53pgleKQgqAHoAHh9bOjAsgBBakCHvr9BLhnsj6oAwHIA5sEqgSwAk_Q6EFmzNpFrlF0hUYBfsGfviCBw5RS596OZk4bmqWl4wEyXjDO6YYrzYjwAxekQLAXF5JXsz8K1qYUtl_1W7-FDcEMkon8cIA6dma_3792ufZBdWOmqIjlO0l1gy3iOFpUG4zKMME_L5sTTd37J-DIMpTiIy8iWSOBxM3Zb2FRcQZRbEOqUBUIDtPhllLrCCiStGlYoTHE7NLp0tfODzijx5GcVRzANqbIM97loFl8zPwX5nupchOFO_zjWvMhatt_3yzWpHGjXkFB3Xfxj3iImb1eovKL6qpcjq0DXLu4n4yU5op1ZU_x69x50GvEr61LVa9iQDXPGE11am4a46qa8sRd0FFVYbg6zfLR0wtYcjeo4mXlJ6H2QAt0HI3gXNOlswcJQOR_mPPLHWfetxzABKLQzPOFBOAEA5AGAaAGToAHh4rM3AGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggRCIDhgBAQARgfMgKqAjoCgECACgGYCwHICwGADAGwE6L3iBPQEwDYEw2IFAPYFAHQFQH4FgGAFwE

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5770 0
54 B 121ms
117ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lgpvecks&c=1262348113595&slotId=631174056797.5&qqid=COuDyc7ouf4CFXHLEQgdWZAEpg&fb=outstream-lima&ulv=1&cll=0&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 5770 28 KB
16 KB 46ms
43ms XHR
text/xml 74.125.133.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-AKVtzWz3DexMxEd9-TN6qub8ZbnzY6UpKGdFN4JHlHqlo2t0ty7cThMy5DHMen4_TMWy97mio5X4kLRrmvf-22r-UM3g&cry=1&dbm_d=AKAmf-AN7altdFT7HzuUbQEf0J22kKwCH2NeHINs8r4ztw95yAOvPISATaHqm4EX_26c2bnzyZHGd3-LRep_kiuM9k3ZTl9wDD_fx1u5uKVcQkgWapz-fbiglgzNwKL6m_qZmLQ_Jbr-bFpnYdYzWSXfI4BvUzYf_kLpmlq6GKYTAt3YeehOgyuBgfkS2WlKB2GZnSpw3iO43A16ICeQnl9TndUNIlwR_YkD9EThD7k0Ic1enAUqsd-BUI6EvIbip9Gml-D6LqKlvSrrMRdItP1KxA_OBsF7Hy9FeYJIiKE639ZiCbfXx8kvZh-EF3681Cjvj-0rYoV17R3z5unDPHRMVfApvGZQG4GsYXwIOz-eMaReK-K7iPwixhgu6h7QzjFTXkSJPJCAS3BhR3S6mA3zQ5KTd031LW394YV5UTgNWUti3JdIl5IE-Zu3O239eevQo4LQnAbfqkTTjDvBAhqHEsqvQ3xAa95-y5SsEZ5nl0nOzBNW-YtENw_hVRV3oiJBINVgVaMkrCnfl6Mvr9DPvhIG4ccYb4tBNhfTxAq1y_uTjwFGdMwMIU5MyKWQYw8mZ3F4QQBQTkmzowqqfCsVSujr4muxDacnx76XVzNgAv1we6fAA1bkzEQFsSMJdGYb6HTQRd05S1Aim7nwP28v21z-qqemrBZnbL_F2qh56WOEndasQAZrb4GoiHQQBZ7Z6WXJbhoQWuUibaGow9FbmzUNiu3jcGxQCA60OEwO_Dv-1MprboKwhWg0Y0Hq7lmy0impmVCHO4qkxmq2qt-c--cIFMvaN5BGrP3xr7WETtkEp70rNYO6LIdf5APMqVYHKoJpzJee0vFn3sgV0cFXOH7eBxD9GKGiPph2SauelIQqcachfZNbTNODv6AHvavvsPqqTOAOGiPQEEYEivXlawRy98G7fjfbYs8OGXv_pYzHAUm9FB6lMT5XeXDzVzhgittMALyEEdMJOMxjakmhYaJrWonE1__LjaIZOD6HU6g_SIjmvmOFPxjBJm443PFMQg3L7Pb0wnq2cBxPBdgqPAJWZYAj1cvBVp3LAD5nauUXuz0_CCJQt3L0re_-jocoCPel1cNnJ7-7Tjz-BZV0WLIb4eIqAsVPpy2hXVygYc0X4bf3hSeADtJHmYFk_f3r5U8u2XQZThj8idlb531CiA0rPpixXAqjP355fR8ajTPQXqviqqN1qDf3ILjlDZv4SJaKZaUsJDC-NgbMWoenbcGvGmDw4WvKnzsuf3aFkqYUpfJiS_4wOiRVX1ro-HpAodWsdWKTxWtFUZIGBtFKTR-cNAgB7U5VLhbncnYsGvCI4Rv1wkoZy4Jc-oJb3raGzNkhx4yc_LCCYBkuxrqpMtKzXN_Ja4duyoQQ3eqCnq2zMQbUtCPoIANxNd-9VsgwmZ4A7fvbTQ5S4AxeCxt7BYcdUY8dmGB6fSn_AVRIrj88spt_pjj6os-bAcXGGnuhYdiWVY9Bohv6YKP0arH_PiekJEX7ok4tHC9NI6WIPxRMV1NjjcfEQXFoqTEjblMUY7l-wtvjLTUTR7RbwmngwppW0XTCrkfKqXEcHSNRZRMefH8uJt4LvNaxmxyrSEX50M9Og77avVtqAAPJk4Tf-CGCUgUm-pSAb3POWKJGfYtY9ZqEYe6uAJm1A4l8mnKY2ZsqViK0GXfS9w676TWStfFMGd5lWGEcj86FwmjHXwV3bgdHhuKB-HrSJnRGiSOGegAUGIJ-0RRfzmMUkvndFjrj-dIGBLd7M4hCkiqdGUFmeLE-z1lEm85Xdj71RE9Yxq90r_vS8WGAusCakFQ6ljfWgClIOosEIqmgY9zGef8XDsehgoeVRRtKVCfaw20Va9glD3PjEaRu24UQ3IkX6oSMTXrvUFJTDh8_VLaUy_BWPfR41rBcZ4PnX3J5YG4lKYVM3mH9LkS1CpSoCXYJnGX2g1EobNr-LDjm720LI_10s_srX4mDvyE0EW41CL5Nj_nvpg0UfqfcfgjuHkB0-pptn9-HjjV1F8bvcmlSW3pBkpoK8pn1t8wU4ZW6tV3mKizwek68dBvGlHF4Gt03kyHZ-NUs2jF_rnaPobAkX3t9BCYOe13-8FJrudz5hxfTCVzcOhypQHvoinxDqTyg_OoEOtek_X52aG_-q_y64QeuS5ZV0bKnrH_bHwOnmTDU37ybONdB_0sjXUknRBDWXJvD3YqOTAl0Y5JMg4_WTLjNSfgYtDt1ZoiB3wDreltQgkUzfkTQV13Fie_h09M6t-l0gi5oAbUl3kfMDUcjIepwM9_A4z26mUPhjSOH5Ffbe6HIXSSJ1A0gAhiJm0_Lc1BQCFFMU8sc_3cFSgPvNbw1th_iSGe8snwEb5aqns_r9F7_HNSEo9fSLXpDG4gx0QWaP5ouRVjWO2by-B38GPDvNS8Y8eVShWlG_0yzaC6E7DoGpx4FZNdK_TSl-eAVF5g0W3AYPwrA-00OrgR7ZBzJVgRl0HasJf8NNUpOrVuJr-MiXCiVXYNDGGbxiXyQTw_Ieo1ClkqJSYXgvoPRIsBmcEbheaf3EyTdUzKHnALyocjJ8mws_LmQ7ljECr17RiCcJNl0iF09KBw49ITJIRr7e3Tco9ygxQmKDfXiP1qgOk0Xct1-v2PuPR1iqO-v8HbiiUBw3B3QAGUv0KH8_X9jo3CbifNgwYSlosARtRc6N4izy2PN38_QlE9Wo7Bv0NEB8C7jOkyjzAe-L16DPyWJcZ3Pyn32hRLHAQpKgG3IeJ_OFItLUXQwaiKnyCwIQgMFZE6RbwbMilmW0Zl7IwM4M-aY72gg6fMcugoiZgZT7dL51znZN1eIeE4HQWQuCPPg6NIjiUXhS_4ar3z02iJCGua57vXQMfqzYkxVI0H7caDIF_B19l7F7FHN9OqzeJy2MB4GEoNVcrgDOoZldXp67h9kXgQfUtjWQYvEzwzmsovDggqK__sz9RXaen886TK324666ZJRM9i6fK9Sbvama-UR13FYowrz33UvQdlzKMFYLdpbDeT4GckqXBetq99IDrKLnLNXOdHeYIDWnLJzs9MDUDugeG5APvu1gUMjFwl13eqloi89tyDZEVB31eWo6W16fz6DMnctv0FN7SI-fto-NEkXZpCSSo8LO-iE7mO78pYwfK6DqKCYNZ4CcLJgSuAUaTVlm3xR8J6PY1StqhqdQWPGHMRHDVQYnY87LkCDPEKH5ScCPTTV96xiP6xM5BIbNuMtIbY7M7ZCz5cbXIc_g3rJCfbVeLqhUYod4MombkWs59LYROA1jG1SXlX_KFB-ychMyjCy3WdzrMrtFQBYrSuZsk6W0L7AvConSsB2QueAclA3UuizPmiFtJ7okJ4bp92-Oui9xvuud2OnkowtZbx7a6k5KXegRjn0ULSHbruHJ69rvEPSqlFN_1LnPvLC-XGBQgflms5b-xiO8sRanIOInSDXQhjEEv80LwWm6E6m0YAp0b4w_h2pVTWSXoVOQtFL2qSFThOwjIJHw4mYtZ6GVDXCK8CRDchd_qACkEJ0STikO8VDW7M-rver3Nl1CHNh5L1Gaw5q4qS071Mhq2munX7EQ5uFl4GOF6E7jBL7&cid=CAQSPABygQiDB6bIgC_VPnz_RVJZ0w1hmsk3MSO8ibIcEWrC_0zGTy9n0y8dR2QUChaDI68J32FtUER6GHEbvxgB&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.133.157 Nashville, United States, ASN15169 (GOOGLE, US),

Reverse DNS

wo-in-f157.1e100.net

Software

cafe /

Resource Hash

1cdcff27149b7b4d3278d4548aded5d7e0e6c79afe809be973fbd4d1922d83f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16527
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5770 0
0 49ms
49ms Fetch
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Czi3hIuZBZOvqF_GWx_AP2aCSsArTlfL8bue7mqj6ELLov7DeARABIMyR53pgleKQgqAHoAHh9bOjAsgBBakCHvr9BLhnsj6oAwGqBK0CT9DoQWbM2kWuUXSFRgF-wZ--IIHDlFLn3o5mThuapaXjATJeMM7phivNiPADF6RAsBcXklezPwrWphS2X_Vbv4UNwQySifxwgDp2Zr_fv3a59kF1Y6aoiOU7SXWDLeI4WlQbjMowwT8vmxNN3fsn4MgylOIjLyJZI4HEzdlvYVFxBlFsQ6pQFQgO0-GWUusIKJK0aVihMcTs0unS184POKPHkZxVHMA2psgz3uWgWXzM_Bfme6lyE4U7_ONa8yFq23_fLNakcaNeQUHdd_GPeIiZvV6i8ovqqlyOrQNcu7ifjJTminVlT_Hr3HmIah6cpQnsnfC69WkhqdNekouFYwuud6yf44xCmTBu-PjLxMqbeBox5c4JuQOvghLVPnN2_71L8rd5ACxGsJcwccAEotDM84UE4AQDiAXWvIztRpIFBggbEAEYAZIFCwgiEAMYAUj6jdIBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZOgAeHiszcAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcA8gcKEMaJGRie2abUAdIIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsBsBOi94gTyBOHmprhA9ATANgTDYgUA9gUAdAVAYAXAbIXHAoaCAASFHB1Yi02NDU4MTczNzA5MjA1NjA4GAA&sigh=Kxl6ueIURQY&uach_m=[UACH]&cid=CAQSPABygQiDB6bIgC_VPnz_RVJZ0w1hmsk3MSO8ibIcEWrC_0zGTy9n0y8dR2QUChaDI68J32FtUER6GHEbvxgB&vt=10

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FA41 1 KB
643 B 7ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 23130
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 19:00:25 GMT
etag: 48472445140208031
expires: Fri, 21 Apr 2023 19:00:25 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame FA41
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEGVAZBb-pxtC40ABFm0CCis&google_cver=1&google_push=Aer7DvK9eHYOcW8HCZ4HvMBtXlce-ZfYCbq30C4J0r7oM4d3Eeqoy7qOKMDSdTsODfFkJp_GneeMykfetP55dn_9RHSWKA0m3Eq7z4M
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=MzEwMjIxMjcyMDYxNzg2MjU2MA==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGVAZBb-pxtC40ABFm0CCis&google_cver=1

43 B
398 B

14ms
13ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGVAZBb-pxtC40ABFm0CCis&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Fri, 21 Apr 2023 01:25:54 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEGVAZBb-pxtC40ABFm0CCis&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA41
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEF0IVZ5JkZntiIqhhXQEscQ&google_cver=1&google_push=Aer7DvJyqZ94vv4xVCjG57iI6eZvGYmsgCPBkfbfWFzQxsg1gN_EwQYBTYj3wmkuDnupJSeCPtk_rdsSFopQ4xw4...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJyqZ94vv4xVCjG57iI6eZvGYmsgCPBkfbfWFzQxsg1gN_EwQYBTYj3wmkuDnupJSeCPtk_rdsSFopQ4xw4wRUqnMH30eWwL_o

170 B
188 B

19ms
18ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJyqZ94vv4xVCjG57iI6eZvGYmsgCPBkfbfWFzQxsg1gN_EwQYBTYj3wmkuDnupJSeCPtk_rdsSFopQ4xw4wRUqnMH30eWwL_o

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Fri, 21 Apr 2023 01:25:55 GMT
Server: MT3 830 785530e master zrh-pixel-x12 config_version:"unknown"
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=Aer7DvJyqZ94vv4xVCjG57iI6eZvGYmsgCPBkfbfWFzQxsg1gN_EwQYBTYj3wmkuDnupJSeCPtk_rdsSFopQ4xw4wRUqnMH30eWwL_o
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 21 Apr 2023 01:25:54 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA41
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKK5yjBA__qXDzS8aND12-8&google_cver=1&google_push=Aer7DvIYaLgvAxxxuCE5Tgl-X-yWWrzkm7CS2GAOq6XmaPjJ3KEwVstIGfcYtso5VBIetkajaboJyh8XsVvkJNWGJ0bQeW5979EeuA
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvIYaLgvAxxxuCE5Tgl-X-yWWrzkm7CS2GAOq6XmaPjJ3KEwVstIGfcYtso5VBIetkajaboJyh8XsVvkJNW...

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvIYaLgvAxxxuCE5Tgl-X-yWWrzkm7CS2GAOq6XmaPjJ3KEwVstIGfcYtso5VBIetkajaboJyh8XsVvkJNWGJ0bQeW5979EeuA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=01C82C08BC0D450087E709E970FF11FC&google_push=Aer7DvIYaLgvAxxxuCE5Tgl-X-yWWrzkm7CS2GAOq6XmaPjJ3KEwVstIGfcYtso5VBIetkajaboJyh8XsVvkJNWGJ0bQeW5979EeuA
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Thu, 20 Apr 2023 01:25:55 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA41
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEIv8oCo28eidSqAjENoLZgA&google_cver=1&google_push=Aer7DvKyv_mKhhLSKac-4Q8AmwPBLDNBa503GdhKEc9OqQfMqrY-u3dkSqJzxHGZflX29a_wJ0jU2pkjfeW5JI6TzZoLIQY...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKyv_mKhhLSKac-4Q8AmwPBLDNBa503GdhKEc9OqQfMqrY-u3dkSqJzxHGZflX29a_wJ0jU2pkjfeW5JI6TzZoLIQYMRAYAp28&google_hm=eS0ySEFxaDN0RTJwRjh...

170 B
188 B

18ms
17ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKyv_mKhhLSKac-4Q8AmwPBLDNBa503GdhKEc9OqQfMqrY-u3dkSqJzxHGZflX29a_wJ0jU2pkjfeW5JI6TzZoLIQYMRAYAp28&google_hm=eS0ySEFxaDN0RTJwRjhSNldhQjZlMGdpa3VDdW5zb0V2NX5B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aer7DvKyv_mKhhLSKac-4Q8AmwPBLDNBa503GdhKEc9OqQfMqrY-u3dkSqJzxHGZflX29a_wJ0jU2pkjfeW5JI6TzZoLIQYMRAYAp28&google_hm=eS0ySEFxaDN0RTJwRjhSNldhQjZlMGdpa3VDdW5zb0V2NX5B
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA41
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEHEnX6OjbvILUjgNWy3X39s&google_cver=1&google_push=Aer7DvKSe6bMnD5s611My_pfEFnmS9JQLznFc9FTTzQsFdZNQjyN1xhtpYD6W2ZeGOV6p9l9SrVHmIvq7mPynWgO7c_uJQl...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKSe6bMnD5s611My_pfEFnmS9JQLznFc9FTTzQsFdZNQjyN1xhtpYD6W2ZeGOV6p9l9SrVHmIvq7mPynWgO7c_uJQlY_vw4r1I

170 B
188 B

19ms
19ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKSe6bMnD5s611My_pfEFnmS9JQLznFc9FTTzQsFdZNQjyN1xhtpYD6W2ZeGOV6p9l9SrVHmIvq7mPynWgO7c_uJQlY_vw4r1I

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aer7DvKSe6bMnD5s611My_pfEFnmS9JQLznFc9FTTzQsFdZNQjyN1xhtpYD6W2ZeGOV6p9l9SrVHmIvq7mPynWgO7c_uJQlY_vw4r1I
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA41
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEHtKR_CDxU80rQ4hJhfmOac&google_cver=1&google_push=Aer7DvKwX07CezZND40ezUzMMM6403AfKTv3oDgAl9iqcQQ0YPDKE_kILIdkJvFghF8PXOGk3UqxuNuQ...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvKwX07CezZND40ezUzMMM6403AfKTv3oDgAl9iqcQQ0YPDKE_kILIdkJvFghF8PXOGk3UqxuN...

170 B
188 B

16ms
16ms

Image
image/png

172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvKwX07CezZND40ezUzMMM6403AfKTv3oDgAl9iqcQQ0YPDKE_kILIdkJvFghF8PXOGk3UqxuNuQ1bWqNJysdhbcXsG8ofa_p-E

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MTM5MDIwMjA2MTQ0NzAyMjkyNg&google_push=Aer7DvKwX07CezZND40ezUzMMM6403AfKTv3oDgAl9iqcQQ0YPDKE_kILIdkJvFghF8PXOGk3UqxuNuQ1bWqNJysdhbcXsG8ofa_p-E
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

report
sync.teads.tv/um/ Frame FA41
Redirect Chain

https://sync.teads.tv/um?eid=3&uid=&google_nid=teadstv_ab&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_ab%26google_hm%3D%5BVID_B64%5D&google_gid=CAESEBVJQqitIovlR5j7AeZw8GU&...
https://cm.g.doubleclick.net/pixel?google_nid=teadstv_ab&google_hm=&google_push=Aer7DvI4AFt0ZZTt9vBQgQ7oJHqPhl3xk0sCS4t7OlFrHtWlDb2Zui3QO8GDMYA9N6R4CaRvndfPbUzbj0E9G12DFpAiuQhNuYZBmFyL
https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab

23 B
172 B

49ms
49ms

Image
image/gif

104.111.217.42
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48
Protocol: H2
Server: 104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-217-42.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

expires: Fri, 21 Apr 2023 01:25:55 GMT
pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://sync.teads.tv/um/report?eid=3&google_nid=teadstv_ab
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 260
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame FA41 0
12 B 18ms
16ms Image
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13Lm4ESBVwVNJQkkN_cYBfcRLICRzVF3vtrjO7JRxZGKrziBbtLC1-jdGiKYQIuSJibM-jB9xQ

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:55 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6209 0
20 B 45ms
44ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BxQerI-ZBZODMAZPYsgLS2aPICQAAAAA4AeAEAg&bg=!zs2lzZnNAAYfNdXmPzU7ADkAdvg8Wh1EAo9uWAPZ4I0S5uIhm_UWpODpltbwZaPyIl50jVnS8_CA4Zv7XiVJt1vFj11w5FoQIbMCAAAAmVIAAAADaAEHmQMAlloZoutf77Rfi2twBfFePcEc5qedI43IQklVUGY4vwrP8OVvZXmBFPukp_B4oDEecYRWP93KtzM5MUZ4uGg8cLA3vplFywc8Dc9qvlRX-D0-d8r6WfEmEJJ2mZO6Nxg7u9mQMJ0h1pGKvhIsIYU5f5szYyThr4TogOUUWzRVjH2OIKr8BOK6Ui2Bbs8-NcglRzab45VjE5HC6xgHeFbvQg3ESyMvKlpQLwaCQMSk1Lxno4eh94-V97z78OfLdxImLQkWvYkDoHJS0k_SAbAj85snJnBRx9BPAefYj6poRbzokllOqe1Mv9Gb4WSex1NUI4XyeK0E-MNqsAszvx0jfrbsQSKFjD-3Br1s6JMLajRLabQZ3BQNtHtI-p3ChB48hpKJoY0jTOsZePOBQFSow7xAoKj-BHMSGfZCYCt1l7DhAWhDzbYkaV4rkUlmtRvTH3c3Jl9QgUvEDdpEPpSsd1eA6qNLS2sCuKcMoGvD79aFLRDt2m7JxxhJjS-QCcCuJrGvNsi21Tb0zHVmIY0j9E0XT8pcxbpqXrkcc6m_atAjINX-45OaRoLtpd_YE6Ur2aKX3wmiQX1i7fwWQglY2gy29SD_K8Sy1802N2Kqrqe6MeXYH6YC2hGr5EGYM1o9nLLsm0GKuQ9Q-LpPAXf4yxDaIRCdlaJrAQhocdG0XbnQo21v6o5upg1VCAhyrDvod7jo7ATopb7veGdYshuZMhOVA1hivsHOEt6wsjmB2HGs74EuhqFvUqeZ_v7iOCHYL6ARrJG08tQ8AvAnp9NnMjcl6oj6Ybtuhda19c__-97krI8MtTebH4YV8fpepKy-mUj8JOhZvL9NtIfG5mOjZmus8aIHl4M1UYAM2Y8db8fqUjx7jqbUg2laPwjNR0QCMrosFTWRBqdDRHpinzRo_wWOo-V-F_K35VHtLPnJa29AGWfGqOhUsPE-x-NOnZoUkZW_nRr3raTjmEZL08wat5yaHabLhGRkudaseAyI-kkVHpPlp_zPagnw9uo3r1wd

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5770 0
45 B 118ms
115ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lgpveckz&c=1262348113595&slotId=631174056797.5&qqid=COuDyc7ouf4CFXHLEQgdWZAEpg&fb=outstream-lima&vast_v=2.0&vmfc=12&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 5770 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 19 Apr 2023 02:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 170676
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 18 Apr 2024 02:01:19 GMT

HEAD
H3

200

https://gcdn.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/id,itag,source,ctier,acao,ip,ipbits,expire/signa...
https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

13ms
13ms

Fetch
video/mp4

2a00:1450:400e:15::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4EC0F3FD19D08283FF5E93AB72D86ED20F5A4ABB.841FE409BD0D090E348C1F51342248DC05C027ED/key/cms1/cms_redirect/yes/mh/sx/mip/2001:ac8:20:3a00:1012:3cf8:963d:b5e1/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1682040051/mv/m/mvi/2/pl/49/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Server

2a00:1450:400e:15::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

client-protocol: quic
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2888872
last-modified: Wed, 28 Sep 2022 05:26:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: null
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: null
expires: Fri, 21 Apr 2023 01:25:55 GMT

Redirect headers

date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 666
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4EC0F3FD19D08283FF5E93AB72D86ED20F5A4ABB.841FE409BD0D090E348C1F51342248DC05C027ED/key/cms1/cms_redirect/yes/mh/sx/mip/2001:ac8:20:3a00:1012:3cf8:963d:b5e1/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1682040051/mv/m/mvi/2/pl/49/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame 261F 23 KB
9 KB 11ms
11ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8727
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 04:12:18 GMT
expires: Fri, 19 Apr 2024 04:12:18 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 206 file.mp4
r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 5770 457 KB
0 14ms
13ms Media
video/mp4 2a00:1450:400e:15::7
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r2---sn-5hne6nzy.c.2mdn.net/videoplayback/id/522329d348ef59f8/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/3808790988/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/4EC0F3FD19D08283FF5E93AB72D86ED20F5A4ABB.841FE409BD0D090E348C1F51342248DC05C027ED/key/cms1/cms_redirect/yes/mh/sx/mip/2001:ac8:20:3a00:1012:3cf8:963d:b5e1/mm/42/mn/sn-5hne6nzy/ms/onc/mt/1682040051/mv/m/mvi/2/pl/49/file/file.mp4

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:15::7 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
Range: bytes=0-

Response headers

expires: Fri, 21 Apr 2023 01:25:55 GMT
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
Content-Range: bytes 0-2888871/2888872
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 2888872
last-modified: Wed, 28 Sep 2022 05:26:37 GMT
server: gvs 1.0
vary: Origin
content-type: video/mp4
access-control-allow-origin: https://googleads.g.doubleclick.net
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: private, max-age=86400
access-control-allow-credentials: true
accept-ranges: bytes
timing-allow-origin: https://googleads.g.doubleclick.net
client-protocol: quic

GET
H3 200 CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js Show response
pagead2.googlesyndication.com/bg/ Frame 261F 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/CJVz-q1y4QcI86kHGme05ne9YeJsi3pnNRBXtIEru_s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:54:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14219
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 19 Apr 2024 02:54:51 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 261F 0
20 B 43ms
43ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BT4MHI-ZBZKabGP-wnsEPiNWuuA8AAAAAOAHgBAI&bg=!GhmlGU3NAAYfNdXmPzU7ADkAdvg8WpLeZILB47qEJN-AgMBKsjAdZ213NeSjZcMyJ8npnve7ewt8iLnMa4agZ6seBy0nZrllNyQCAAAAZlIAAAACaAEHmQL3tHb0tWnvFxEY8oFs2SulXuOXHZJoiJgRVUF_atfPzjOHAIgvLocn4x6bqsl8IfK2Ae43sKDn7Jhjp0OokwKuoHaBbQGMQ2SalU0GMulOFi0_x9HEngf-O-oDfFk6LQ8iOEo1CAGXtsRBWL8PmkWIc5qz64I1S3RXOx99b9w-5A3C9BdRpNVFiOaHQO_WfEHW5k5EqXmea9hA5aONXMOlgewKQ7Tb_PFjgEabKRuvzUL6z09hKoFjU6nhO0KFoWt6F_fYREnDNOYbo3BSEhwHQ3Ip_nQQ8dkkkDUsiGchgE0wxD8KMq9FCtfjk5Y0Kw29BTPSuG7Ldo_i-odqTaQzFg3qFpJqJIx-dU02sH_RpsX1ydIZa8clbaBK5M5bbnotOPszCZvX7yJ7K9SyJlN3faYSFVMaX709YlYpdC4JPh-CHR9oXdONBshLtOFYrvmyrgTqOasGkGTqcjgBJuu5KCeZATOAg7tNE8Y9yOez5uOucV2H_qrcZNawvFHU2rdv_vBVkn0uWFvyaegj0sKRKcJZoJOKqacWDMubXbgY5mACNKpiiuOaDa62hGOGRa4lUzPaHCntYvDD4ms4lr1jc5wE9sHG22YxOnM0UY0cj2iN8wcwEUTAuPnT0Fm-bWCL0k8fnfJgo0-L2VYeoov2_CMTPCPkHJk753qKyJ9eMuLQQ1M8QN_tLOlDhKHexKAzGKjHTky_JRJ5hVNlXW6QbnxrOsuww8febcPV_EW4kHft0Mj1RfdYxqKWKlCn2UlIUHj8CAK6Pr-ixf7nz6kEYrwzDKbFKphQMgZ-IoIXjvyw4aa-caRfuPjC-1TaY6vGA8af4TVtrzxcy9fGX9mykikr85xl06Wo7lOsJwwvyFUI4YKiUz0Uz4ll8sVJ5rGss9PIvSblDDnq3-8P-nMRpKlG8JcN98dQIgE4VSIyfD0XeG4PQK3KHhbFbE12nsfFaE2maWqv-dd_jTTQ5Wo0XkSj6CzAQQrezF-F-QWj0HTicfyOze-K

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6458173709205608&output=html&h=280&adk=4237757314&adf=3420110664&pi=t.aa~a.4187532894~rp.3&w=375&fwrn=4&fwrnh=100&lmt=1682040353&rafmt=1&to=qs&pwprc=4004507088&format=375x280&url=https%3A%2F%2Ftheteenworker.com%2F&host=ca-host-pub-2644536267352236&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1682040354322&bpp=1&bdt=978&idt=1&shv=r20230418&mjsv=m202304190101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D9405e43968f527e2-2244763452df0085%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g&gpic=UID%3D00000bedefff4235%3AT%3D1682040354%3ART%3D1682040354%3AS%3DALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg&prev_fmts=0x0%2C1200x280%2C340x280%2C375x280%2C340x280&nras=6&correlator=1501668524279&frm=20&pv=1&ga_vid=1307034590.1682040354&ga_sid=1682040354&ga_hid=897482015&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=620&ady=3771&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31071755%2C31073967%2C31074066%2C42531706%2C44776415&oid=2&pvsid=3520908935315721&tmod=295655231&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=4&fsb=1&xpc=J4R8pRHfBU&p=https%3A//theteenworker.com&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:55 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 0DD0 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0fd0cf9dac5b5e494314b263cd8704a9102efd1f92e14cc8b30c8fceda916621

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 2B63 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3bb07f9da1b8eaacac2b92c984465fe84afb1ca6f722e30df18b834afa2533bb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame CFA2 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9d25b93e0f09ba75fae766ebb322398d6c3525edd2d97a8178c5713e26fb835f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2B63 20 KB
20 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 84063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CFA2 15 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 19:35:07 GMT
x-content-type-options: nosniff
age: 21048
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 19:35:07 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame CFA2 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 02:04:52 GMT
x-content-type-options: nosniff
age: 84063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 02:04:52 GMT

GET
DATA 200
OK truncated
/ Frame D3F0 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 75627329c3bcca31e255b3055405cf05e45e4f5cb84588c0c27a2bb393afbfdd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5770 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3526e13c93d7457f1c10b15c466d96f2e219e35de92695952c83a2810d2c6ec8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 77B7 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame B478 36 KB
14 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame D3F0 16 KB
16 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Thu, 20 Apr 2023 05:17:37 GMT
x-content-type-options: nosniff
age: 72499
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Apr 2024 05:17:37 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 62ms
61ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230418&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

48671c8860fef84077ee17a4391732c1bf6cc4c48f7c854f88ac0267b7bf3067

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11323
x-xss-protection: 0

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 629B 36 KB
14 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CFA2 0
20 B 42ms
41ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoNCAEqCXNxdWFyZTE5MQoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDIsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEBAhAAAAAGAS4kAwBAoNEBEhAAAAAOD08UAwBAoNEBIhAAAAAAAAIkAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAZmYemUAwBAoNEBQhAAAAALAP-EAwBAoNEBUhAAAAAAAAMEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAZmaimUAwBAoNEDIhAAAAADAz0z8wBAoNEDMhAAAAANDM7D8wBAoNEDQhAAAAANDM7D8wBAoNEDUhAAAAANDM7D8wBAoNEDYhAAAAANDM7D8wBAoNEDchAAAAANDM7D8wBAoNEDghAAAAAJiZ8T8wBAoNEDkhAAAAAADsgkAwBAoNEDohAAAAZmb-gkAwBAoNEDshAAAAzcwamUAwBAoNEDwhAAAAzcwamUAwBAoNED0hAAAAZmYemUAwBAoNED4hAAAAMzN_mUAwBAoNED8hAAAAmpl_mUAwBAoNEEAhAAAAMzOrmUAwBBIaQ052a3hzN291ZjRDRlFOTDRBb2RfaWdIOUEiH3NjcmVhbS90aHJvbmVfaW1hZ2VfbG9nb19vY2hfdjIoEQ==

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D3F0 0
20 B 41ms
41ms Ping
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=Cg4IByoKd2ViX2Jhbm5lcgoHCAgqA2x0cgoQCAEqDHRvd2VyLWxheW91dAoKCAIqBnNlcnZlcgoxCAQqLW15c2lkaWFfYW5hbHl0aWNzX2V4cDIsbXlzaWRpYV9yZWxlYXNlX2NhbmFyeQoNEBAhAAAAAACU4kAwBAoNEBEhAAAAAJAJ8UAwBAoNEBIhAAAAAAAAIEAwBAoNEBMhAAAAAAAACEAwBAoNEBchAAAAAABwmUAwBAoNEBQhAAAAAHCz80AwBAoNEBUhAAAAAAAALEAwBAoNEBYhAAAAAAAAFEAwBAoNEBghAAAAzcxCmkAwBAoNEDIhAAAAAKCZyT8wBAoNEDMhAAAAAKCZyT8wBAoNEDQhAAAAAKCZyT8wBAoNEDUhAAAAAKCZyT8wBAoNEDYhAAAAAKCZyT8wBAoNEDchAAAAAKCZyT8wBAoNEDghAAAAANDM7D8wBAoNEDkhAAAAAAAggkAwBAoNEDohAAAAZmY6gkAwBAoNEDshAAAAmplrmUAwBAoNEDwhAAAAmplrmUAwBAoNED0hAAAAAABwmUAwBAoNED4hAAAAmpklmkAwBAoNED8hAAAAmpklmkAwBAoNEEAhAAAAMzNLmkAwBBIaQ0pMWnlNN291ZjRDRlFrTzRBb2RiRkVHaUEiC2dwYS9mbGlnaHRzKAw=

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/21eb5d7c47bc016b9c33858ab468091e.js?tag=pingback

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 21 Apr 2023 01:25:56 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1DF2 13 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 20 Apr 2023 19:25:48 GMT
expires: Fri, 19 Apr 2024 19:25:48 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0914 783 B
536 B 17ms
17ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

94191abeefb62d5a1eefdfea1c1c0d158ff07a376aaf0ec96c1d264ef2812c44

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C6fx3bl6Maraj83GZuWDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://theteenworker.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-C6fx3bl6Maraj83GZuWDGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 21 Apr 2023 01:25:56 GMT
expires: Fri, 21 Apr 2023 01:25:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js Show response
pagead2.googlesyndication.com/bg/ Frame 1DF2 36 KB
14 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sDk8HNS7Z0RFr_a1HEq16xb31lXHXE3gw1Jn0fPfAo8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 18 Apr 2023 06:47:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 239898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14209
x-xss-protection: 0
last-modified: Mon, 17 Apr 2023 14:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 17 Apr 2024 06:47:38 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0914 0
0 40ms
40ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230418&jk=3520908935315721&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1DF2 0
11 B 6ms
6ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?c3lCLA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Fri, 21 Apr 2023 01:25:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
42ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230418&jk=3520908935315721&bg=!GhmlGU3NAAYfNdXmPzU7ADkAdvg8WlvAKhCPftaeugJjU-tIvIf_JAimIIp2Jvc1XLPcoFdL5PI2LPu96sm7qN9gDzfZe-qd6W4CAAAAVVIAAAACaAEHCgBg08ZQbGRr8QhwWNpp6yFOmNAMA8j2xNrObMiPcQg9yKe675dGHMOR9hrZ5N1hGCpRItLkRWQ7HrSSCE1jW3XuwBA5CjDALqiXqZTNuQ4ZmEvtNQEQQ0I-sFWVtfWRViBemQLtQyNuGDpzC_m6Z4iDnZF75N5GxoaXaOrwXL-JRAcgcPC3h2PGQjfXj1FnDbH520gJoiDJJwWgbW-gzgixJ5T27vRmuXSiS0PbWkdK6sP0G17vWORtgJBQBv327ArRrmMhfFvJvCDIgxjdHPR2NSTgM5fORGU4R-mzqNbbqmwykmPZxa9CFX8CCdEaFCTL8iNctxkARvpR8waRoJfOxAQH1CTzOXGFsRk4KFPOVcGV18eHDGJnfjsAOe8rgBPhX7ep8wo_1ihHqnVF2prXDHwm6H_Z25MIkuFiOQFSIWayHjMX5bAitF4fcFaWd1vOoWlQkjcsdqtlEJEOH7QDhabDCepAZA68_I9dHIlCaDJot31dr1guA8EBGlp2DMXdRTZqKu__b85fNFeADKsqCQmyAi1c3IKsKZNrRd2lT0ZrJB_zDSPk8eQTgvm6W2Xhk23tH3CxAAHq2pDB_HOcQUWUIRWmKsPs35th5CyZIUTKVi8-Gmas91aGnrT2URC6pPxknPPqJ8vm-8m1XZS__HFQ1YgpJiXqyTQuMFYxrvCZ5z-yeXxTJMYmxY4Se12Yyeti2wnT3j2rHCZZaHl3-EdvoNaudKeTk4o3hsT_dwgBDs1eVK1CsQUXKYQw5a8nvawjKR6DF8pDEdHAcdl6Wc3anngOu0fDA-FEo6qP2FWdf7YT_FfgW5UzXD5YuhWKki4sUfy-TL5XEJGgAl0KNrVxYOojUFono9kf1E3WUhKCtnPxO5BbQa33kWo3Y3KS-QWrVWcOjdAFcpu1R5bKsjejQ81DKHqtxLMlANSLGaUEakk4f1V0topvtZIhOqXz3zadQtv1bpmclTZ3IwO8gVrAA2Sa4s9bzOWuLFaDwxaCkWfMGZEFfinqN1GjAhNazpuWBNrC5FBrHAbxcJfvvOVKmUCnUINzf-Le5w01F8fMP2i1XHoBzjXUyry3lMjsFPv97_g71DdEWPrYbJDUmJMijpFY8RgtbBlVGQCslVw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://theteenworker.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

POST
H3 204 csi
csi.gstatic.com/ Frame 0DD0 0
17 B 116ms
116ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lgpvecd9&c=3084645218454&slotId=1542322609227&qqid=CLDbx87ouf4CFchX4AodxdUMuQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=799&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2B63 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssbyP4eFF4K6Sfu4FXyXrpmMBQ1yZAvw-BrL4GRX85YHHmmRPIQcD7pv5snJVynrwfmJHBwFK__FYBtlkIq00ggY2c6N5fY2R6wMMv_wcdh8QJfwvdOuYFozTu1au7efcgCFyuQuQ&sai=AMfl-YR-VJeOk_CmCUX28ffAFUbpCC1WAxBT7rTvMbeIXf3NZf3enhb1a0WV7O-3J45_XXZG_NmyvwdjDygl&sig=Cg0ArKJSzJZlLx3ua1xCEAE&cid=CAQSGwBygQiDGyVl-qXWYbCE9Nr1aASGA4GITvQYxxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230419&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=386159007&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1682040354170&rpt=1780&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 csi
csi.gstatic.com/ Frame 5770 0
17 B 118ms
118ms Ping
image/gif 2607:f8b0:4001:c5c::78
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lgpvecml&c=1262348113595&slotId=631174056797.5&qqid=COuDyc7ouf4CFXHLEQgdWZAEpg&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=1000&br=799&mt=video%2Fmp4&vs=1024x576&msm=1&aits=0%2C18%2C22%2C37%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20230417_RC00/outstream.min.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c5c::78 Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 21 Apr 2023 01:25:57 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAqt3m2vrDiDqptXZbC5IEc&google_cver=1&google_push=Aer7DvK8kaHg1NtZ1nRrght2v1542BnvsRqBJtc7_JCPWqqxPCHPrmXsEbz9UO1SwMD6Dq_quJj65hBXHRzB057cCPyklG2_uWtldEAM7Q

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.theteenworker.com/	1970-01-20 20:50:00	Name: _ga Value: GA1.2.1307034590.1682040354
.theteenworker.com/	1970-01-20 11:15:26	Name: _gid Value: GA1.2.2001328230.1682040354
.theteenworker.com/	1970-01-20 11:14:00	Name: _gat_gtag_UA_160211735_1 Value: 1
.theteenworker.com/	1970-01-20 20:35:36	Name: __gads Value: ID=9405e43968f527e2-2244763452df0085:T=1682040354:RT=1682040354:S=ALNI_Mbnn9IJTQso6hhSkJLxuRUipLYn_g
.theteenworker.com/	1970-01-20 20:35:36	Name: __gpi Value: UID=00000bedefff4235:T=1682040354:RT=1682040354:S=ALNI_MbRTKSrp6_X8kV-WHxSE4IyikYIeg
.w55c.net/	1970-01-20 20:44:14	Name: wfivefivec Value: bHfwCTHK1PPFx95
.simpli.fi/	1970-01-20 20:01:02	Name: suid Value: 01C82C08BC0D450087E709E970FF11FC
.w55c.net/	1970-01-20 11:57:12	Name: matchgoogle Value: 5
.adform.net/	1970-01-20 11:57:12	Name: C Value: 1
.adform.net/	1970-01-20 12:40:24	Name: uid Value: 1390202061447022926
.innovid.com/	1970-01-20 13:23:36	Name: uuid Value: 1ceb7f2a-dc3c-41b1-9f18-5f8cdf8d1ab6-20230420 21:25:55
.turn.com/	1970-01-20 15:33:12	Name: uid Value: 3102212720617862560
.doubleclick.net/	1970-01-20 20:35:36	Name: IDE Value: AHWqTUkPErLfh80yknbB-zQQvAA_GgA0BcBx5Yp43SD2oZSSS2vq8i8HjMjz3j9aFXQ
.pubmatic.com/	1970-01-20 11:15:26	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-20 19:59:36	Name: CMID Value: ZEHmI0akjcPvNQqzOHlo.wAA
.casalemedia.com/	1970-01-20 13:23:36	Name: CMPS Value: 5140
.casalemedia.com/	1970-01-20 13:23:36	Name: CMPRO Value: 5140
.pubmatic.com/	1970-01-20 19:59:36	Name: KADUSERCOOKIE Value: E8404146-0193-40E9-98D3-EAC23C6C5E57
.bidswitch.net/	1970-01-20 19:59:36	Name: tuuid Value: 2419e2b9-5cba-45c7-b510-48d0decd5846
.bidswitch.net/	1970-01-20 19:59:36	Name: c Value: 1682040355
.bidswitch.net/	1970-01-20 19:59:36	Name: tuuid_lu Value: 1682040355
.de17a.com/	1970-01-20 19:52:24	Name: guid Value: 1.720205982109138089
.yahoo.com/	1970-01-20 19:59:57	Name: A3 Value: d=AQABBCPmQWQCEFv2nq0GtXjUGqgtXm3r6xgFEgEBAQE3Q2RLZAAAAAAA_eMAAA&S=AQAAAhcohpUpS23CnvW6vBFazCw
.bidswitch.net/	1970-01-20 11:14:00	Name: google_push Value: Aer7DvJly5c2HkX6PC38NOGvv3FW5QqqYz6etf-vW0sS2mi3i7Y-0j6hL-Gy4ekG8bhPXK0mBiWiq_CLt9fYBEW-qsabLrihh1t4elQ
.mathtag.com/	1970-01-20 20:39:55	Name: uuid Value: 9a506441-e624-4500-b4a2-3eff648f3c0b
.mathtag.com/	1970-01-20 11:57:12	Name: mt_mop Value: 4:1682040356

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://theteenworker.com/ Message: Mixed Content: The page at 'https://theteenworker.com/' was loaded over HTTPS, but requested an insecure element 'http://img.oeya.com/images/201911/1573029118061041853.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://theteenworker.com/ Message: Mixed Content: The page at 'https://theteenworker.com/' was loaded over HTTPS, but requested an insecure element 'http://img.oeya.com/images/201602/1454578883357083194.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://theteenworker.com/ Message: Mixed Content: The page at 'https://theteenworker.com/' was loaded over HTTPS, but requested an insecure element 'http://adcenter.conn.tw/track/oeya_url_image.php?key=7a235d86c5099de3581d4ec4e3fbc468'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://theteenworker.com/(Line 68) Message: Mixed Content: The page at 'https://theteenworker.com/' was loaded over HTTPS, but requested an insecure element 'http://img.oeya.com/images/201911/1573029118061041853.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://theteenworker.com/(Line 68) Message: Mixed Content: The page at 'https://theteenworker.com/' was loaded over HTTPS, but requested an insecure element 'http://img.oeya.com/images/201602/1454578883357083194.jpg'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://theteenworker.com/(Line 68) Message: Mixed Content: The page at 'https://theteenworker.com/' was loaded over HTTPS, but requested an insecure element 'http://adcenter.conn.tw/track/oeya_url_image.php?key=7a235d86c5099de3581d4ec4e3fbc468'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEAqt3m2vrDiDqptXZbC5IEc&google_cver=1&google_push=Aer7DvK8kaHg1NtZ1nRrght2v1542BnvsRqBJtc7_JCPWqqxPCHPrmXsEbz9UO1SwMD6Dq_quJj65hBXHRzB057cCPyklG2_uWtldEAM7Q Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

25hoon.com
ad.turn.com
adcenter.conn.tw
adservice.google.com
adservice.google.de
ag.innovid.com
bid.g.doubleclick.net
c1.adform.net
cm.g.doubleclick.net
csi.gstatic.com
d5p.de17a.com
dclk-match.dotomi.com
encrypted-tbn0.gstatic.com
encrypted-tbn1.gstatic.com
encrypted-tbn2.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
imasdk.googleapis.com
img.oeya.com
lh3.googleusercontent.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
r.turn.com
r2---sn-5hne6nzy.c.2mdn.net
ssum-sec.casalemedia.com
sync.mathtag.com
sync.teads.tv
theteenworker.com
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
x.bidswitch.net
googlecm.hit.gemius.pl
104.111.217.42
15.197.193.217
172.104.116.119
172.217.18.2
18.184.93.146
18.198.82.46
185.29.132.241
185.64.189.115
185.80.39.216
211.78.88.136
213.155.156.168
2600:9000:223f:2000:15:ed0:74c0:93a1
2607:f8b0:4001:c5c::78
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:806::2004
2a00:1450:4001:806::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::200a
2a00:1450:4001:811::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::200a
2a00:1450:400e:15::7
2a05:d018:d29:3601:d2c:8390:eca9:13db
2a05:d01c:1d8:8100:85e3:b246:393:848f
34.91.62.186
37.157.6.254
46.228.164.11
51.89.9.251
66.235.200.146
69.173.144.139
74.125.133.157
89.207.16.140
089573faad72e10708f3a9071a67b4e677bd61e26c8b7a67351057b4812bbbfb
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c6ba4901cfb68b03ca9a97ce1d7cbb688d6802c60819dd7cea0522aca8a0576
0cbc93e43779ecb992eaa87b6c664975d44bca6a8dd93d15fd766511bed763a3
0ea0fef9750b1529d886c6051fda3e66d3c8730429fd04f86cfcd61a7ddedf39
0fd0cf9dac5b5e494314b263cd8704a9102efd1f92e14cc8b30c8fceda916621
10736071b6df1397bb54ea649d49aaa8b7e38f3c86716c6ec961d26b6cc6fc76
1cdcff27149b7b4d3278d4548aded5d7e0e6c79afe809be973fbd4d1922d83f1
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1f93a6740975e8627b3f8e9fdbe3ef095304ef9ec162e9610d63a3731b27bc06
214615e9b7bfe7befc83ff62075d8169c7663ffc9d909166de88fce264c26c17
2214c2f7a7941bc1f14f5fb3c82e7e91143fd7173a6c144c9722297b4070fef6
231de18b8d42e355897c3c550df71a0e4c19593ba51070a130ee9f307a70c441
247747c8d78cb2a32b9addf67bcb24f31efeb5a8b34cbba51e26b30a474a4b14
254417fae3a277a92a1347de5ab5d4733d76ddf7912e21854b968c22bcc41b8f
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2db6489d44c93f3301f1969a58df60a3d7e36c3c892fc0976dadf1f761d569cc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3526e13c93d7457f1c10b15c466d96f2e219e35de92695952c83a2810d2c6ec8
35fd59b97a8e0d867188a88d4ec485d4daa94c2ac3ae46790435ee7b59f229c2
3bb07f9da1b8eaacac2b92c984465fe84afb1ca6f722e30df18b834afa2533bb
3d409d495b6da5045e2faf09432524fc1e2b2dd66194098e981dfd2a9ad6ca10
3d50d6853d0253476369360f6bac9a006caa35e6a2e08f1f2838b944d79f40a4
3f15939181132a8ea3a1798da2a751abff0c0ffd3efae80b7229a921edc4f90b
40fa627fc20705729cef8e28f3108b84d0f09934ac38701de07039aae3537c4b
44d61fb5304f557bc9133d36b8405a2d0bd490f65c18151d69378a809eb401ab
484ec1c347c17d7d3b98d5058aa5d90bb5c7315f3a67f44611e902de4be50831
48671c8860fef84077ee17a4391732c1bf6cc4c48f7c854f88ac0267b7bf3067
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4b977bf6527db152aec01f17b8ccdfcb28ba1526096c1af1d784cef47eab2fc6
4d44566e720619539e8c9c22a3c65223058c7c48f4b782a35cb4c006a49ee47c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
515e7d08ef66a70008c3d949bc89c168ab9fb0eb763818c7cde0468c7b7e8828
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56cb66844b6e4806082b345cc9bf870b3e2493a6f4e277b865d85666f0fac439
5859806e9ce73fc8ab94e4c1a93d5961293f4307464cf6bc0ba24f98656337f8
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a4c4f0c46ae67632c17c89cedeb8d38a2d97cf213ee5eec2662b0bef4cc9c70
605b14697226eeb0be6b2c11db8206b70f4c8681c3f921e4ceca4793ce1a95ce
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
677d6bb0a82c5d6fe79800c43068508653f298e0a4bda7d18f656331e706c515
6aead4b8d414f6c0d6166357f3680c0c8c8c2bab32f3e25845fc18a068a8d62a
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b92d00c678821931b2a2aa14d95e7e80b0fd1faf4aba10966471e3886286a2c
6df9974b50018a40be58d642d21ea356bac07074aa604a583ace71a1ead41023
75627329c3bcca31e255b3055405cf05e45e4f5cb84588c0c27a2bb393afbfdd
78cad1fb95d1e9bbe4a7b1f90fa38ef699314ee65bf914e65ffae62005103a8e
7e649e039a95aeb1ff8f322288e90e534c5072fd9d6686369e17478a6ad7bc74
81b55a740c24003e8fdc348b7d2be4afefae50af171ecb8bdcc2f6876d98845a
85074357cf2f6e2e622abc1417460c11609fd93f4919d3210ec103ddaea59122
85f5fa4e4e018f353a57795fac053b8440905db9cda4a7d18147d48e8d77e233
88618e1edf40d50b52fa27482998e9560325ec8aa12941d3c059e4c6faca0eb1
89ddc3ad6d707e6e7bcf8f9e235c983b2f4fb9b2d1e41681a52ccef908100c0d
8cb00b3db2e68ae430cd96730d426b74a42cd138f3f2475564861aa1fdda0888
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94191abeefb62d5a1eefdfea1c1c0d158ff07a376aaf0ec96c1d264ef2812c44
95616f34a1e85258e238c14c3aa1ca3fb74a35703e0e8eb2cb4c834a423ee697
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9d25b93e0f09ba75fae766ebb322398d6c3525edd2d97a8178c5713e26fb835f
9e57af73ed2b90fa56796c4bc7397842f93d48543334e6afc11e9b489ed1629b
a19fc65be57891f84626491a603bff645b9077cbddb1187a2d39f82a43b75fda
a1b1e3637f86de095e33fd0ab714a09476241dadef63a86477c040560bc56f9f
a382e23d66273a21459a420d3eee061cda751552adda62f7463419a6da30ed23
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa793dea7df86c78a908431a6b6b5ba0248bf8e813469db4a1e6f57c60ddaada
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
af3db37cd37f8c6425e168cdde71e01053db2350a26ce758c1393820a2497453
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b0393c1cd4bb674445aff6b51c4ab5eb16f7d655c75c4de0c35267d1f3df028f
b317cfdc517e1da4923ae3cf29d7428836e88103ae7ccb630fdc607cb6e9666e
b91359944662028be21ac3714760a640c8d6b8b17fa00aded3a6dcd37506a0f4
ba5d13f6f6555ed3cbc0cd3a7742e67e3f9bf817bd0ca0e852133d9b7265175d
bae059fd5774acd8c940c02acd1708b584696f2511ef5ffec8be01f1b2fd8776
bd6924fe8df2c97b990d00d38db3052aadaa6c212c6631a30f40daeb6ed425f8
c02b9ec79fbd254fa28c4af580ef583bb835db70e1fe23cf73578011e8c66f14
c317a678c440afae34736fd8d13a0a28f7f21fdfb351a94f33c7f2abb2560ed8
c5b21a713e42fe15adf3bd1d388213e3529a1dd2bd24874e87c7988b52af86ab
c9f957cc06255b47576fff3b5cb87257783c7e554062ec31a21723d81d1df774
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
ca667f167deceab3b773d4161758df493db8b0d28e9d41e4225bc2c10ea24d36
cf4b933e5cfacd7c21b277629b2bd5d8d414d4deaa3ae42f1d19d50a088743ce
d2b4851fdcb163e2b9d72da09c99d5550544ad587e894031ffa5df04bff29eb4
dc56627f1190d46a30b32d5479c1f2e2afe36b1e321728a62a130220af930a01
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7f940776166cf2f3d7a644b5df2a32c635a8971d0bc020eb7aed4f47494d233
eb2338ddb36996a667d9684bfdf65c58817d8e80e70a1b392ef86b3cb652bd32
ee19742886613aea1197abf7241637e70dce9f4060174548f917d9ac717c4688
ee2ea6a83236c438345616fbc5638dec6a952c71f5c3c93178d18f89f03da4d8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f50e59fa7a264b1674e5f94591375a26e9aea318036b2a629e5ba182df01b54f
f554d16e0856cd0ae673d4d5c62d97c72c97f12d276ab9341c93bb9d0952792a
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

theteenworker.com Open in urlscan Pro 66.235.200.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

186 Requests

85 %HTTPS

54 %IPv6

33 Domains

45 Subdomains

31 IPs

10 Countries

3016 kBTransfer

6993 kBSize

26 Cookies

11 Outgoing links

Page URL History

Redirected requests

186 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

theteenworker.com Open in urlscan Pro
66.235.200.146 Public Scan

Screenshot
Live screenshot

Full Image

186
Requests

85 %
HTTPS

54 %
IPv6

33
Domains

45
Subdomains

31
IPs

10
Countries

3016 kB
Transfer

6993 kB
Size

26
Cookies

186 HTTP transactions
9 data transactions