hawamer.com Open in urlscan Pro
2606:4700:10::6814:1e0b Public Scan

Go To Rescan
Add Verdict Report

URL:
https://hawamer.com/vb/index.php
Submission: On September 21 via manual (September 21st 2022, 3:13:32 am UTC) from SA — Scanned from DE

Summary HTTP 184 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 21 domains to perform 184 HTTP transactions. The main IP is 2606:4700:10::6814:1e0b, located in United States and belongs to CLOUDFLARENET, US. The main domain is hawamer.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 14th 2022. Valid for: a year.

This is the only time hawamer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
31	2606:4700:10:... 2606:4700:10::6814:1e0b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
25	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200a	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:806::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c03::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:806::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1 26	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
3 15	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 4	104.18.18.126 104.18.18.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:802::2006	15169 (GOOGLE) (GOOGLE)
1 3	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
4 4	23.7.201.234 23.7.201.234	16625 (AKAMAI-AS) (AKAMAI-AS)
3	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
3	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
3 3	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a05:d01c:1d8... 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce	16509 (AMAZON-02) (AMAZON-02)
2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
184	31

31 2606:4700:10::6814:1e0b (United States)

ASN13335 (CLOUDFLARENET, US)

hawamer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:806::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c03::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:806::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a957b41b5de9382aee439650bcc74285.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 142.250.185.162 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.18.18.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.89.210.122 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:802::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.7.201.234 (Vienna, Austria) 4 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-7-201-234.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.144.165 (Frankfurt am Main, Germany) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (None, ) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 1 redirects pagead2.googlesyndication.com — Cisco Umbrella Rank: 105 a957b41b5de9382aee439650bcc74285.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 142	768 KB
39	doubleclick.net 4 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 41 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 ad.doubleclick.net — Cisco Umbrella Rank: 178 static.doubleclick.net — Cisco Umbrella Rank: 340 cm.g.doubleclick.net — Cisco Umbrella Rank: 210 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 307	1 MB
31	hawamer.com hawamer.com	195 KB
20	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 271	253 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	119 KB
7	google.com 1 redirects adservice.google.com — Cisco Umbrella Rank: 75 www.google.com — Cisco Umbrella Rank: 2	2 KB
6	casalemedia.com 4 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528 ssum-sec.casalemedia.com — Cisco Umbrella Rank: 438	5 KB
5	gstatic.com www.gstatic.com fonts.gstatic.com	97 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 190	202 KB
4	addthis.com 4 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1728	3 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 228	4 KB
3	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1423	888 B
3	rubiconproject.com 3 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 335	1 KB
3	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 648	248 B
3	openx.net rtb.openx.net — Cisco Umbrella Rank: 1505	549 B
3	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 1020	1 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27 region1.google-analytics.com — Cisco Umbrella Rank: 2989	20 KB
3	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 293 fonts.googleapis.com — Cisco Umbrella Rank: 40	33 KB
2	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 561	107 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 9081 www.google.de — Cisco Umbrella Rank: 6352	1 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 857	646 B
184	21

	Domain	Requested by
31	hawamer.com	hawamer.com
26	tpc.googlesyndication.com	1 redirects googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
22	pagead2.googlesyndication.com	hawamer.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
20	s0.2mdn.net	hawamer.com s0.2mdn.net
15	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net hawamer.com
13	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net hawamer.com
9	www.googletagmanager.com	hawamer.com www.googletagmanager.com
6	www.google.com	1 redirects hawamer.com googleads.g.doubleclick.net tpc.googlesyndication.com
5	www.googletagservices.com	www.googletagmanager.com googleads.g.doubleclick.net
4	e.dlx.addthis.com	4 redirects
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	dsum-sec.casalemedia.com	2 redirects googleads.g.doubleclick.net
3	ag.innovid.com	googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	image6.pubmatic.com	googleads.g.doubleclick.net
3	rtb.openx.net	googleads.g.doubleclick.net
3	cms.quantserve.com	1 redirects googleads.g.doubleclick.net
3	fonts.gstatic.com	fonts.googleapis.com
3	static.doubleclick.net	googleads.g.doubleclick.net
3	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net
2	googleads4.g.doubleclick.net	hawamer.com
2	id.rlcdn.com	googleads.g.doubleclick.net
2	ssum-sec.casalemedia.com	2 redirects
2	ad.doubleclick.net	1 redirects googleads.g.doubleclick.net
2	www.gstatic.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	a957b41b5de9382aee439650bcc74285.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	hawamer.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	ajax.googleapis.com	hawamer.com
184	35

This site contains links to these domains. Also see Links.

Domain
upload.hawamer.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-14` - `2023-06-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-08-29` - `2022-11-21`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh

This page contains 23 frames:

Primary Page: https://hawamer.com/vb/index.php
Frame ID: 6BE50F5A0A6F88E9090F8AB121ABCB77
Requests: 57 HTTP requests in this frame

Frame: https://hawamer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663718400
Frame ID: D55771A7AD45533846A8A603DB85D075
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html
Frame ID: C71C30E94296D0F9599C493956FE510F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&adk=1812271804&adf=3025194257&lmt=1663730006&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006755&bpp=5&bdt=244&idt=153&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6694352045891&frm=20&pv=2&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=178
Frame ID: 178EEC680AE87B4E31AA3828CFE2D434
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=5668849956&adk=2916847107&adf=3499367324&pi=t.ma~as.5668849956&w=1200&fwrn=4&fwrnh=100&lmt=1663730006&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006762&bpp=1&bdt=251&idt=173&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rjATCQFyPd&p=https%3A//hawamer.com&dtd=177
Frame ID: 9B165D97DB98D4FD02CC58B43FA08242
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
Frame ID: AF8701993D67B429833E465F9599A26E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362
Frame ID: A55565545A0CD123CDFFFF1AD18C69DA
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369
Frame ID: 4C0D9105FF591607DA1E8C805328E0E3
Requests: 15 HTTP requests in this frame

Frame: https://a957b41b5de9382aee439650bcc74285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C6AA03252D67EA2916CDCC951D45583D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK_mgtMBMAE&v=APEucNVJPH1h7aMFJOr5iDCz0k9CQEaZeYu79mJZKBMw3GBS_Yqg3li4k2McoTnXsqdVSBFQ0BXBh1qvNchRpPJ96Omr5EG2E5Dp4tiU5BxXMrfLZyiXZELgXIKU53uuni_9vfsULWKJxoZWBvAeRVoJEhDlS2EdZ4y8ddi1r4Y2YONYZ96aU2s
Frame ID: 8B7D1BA28642DC99212D8F7A2F2A0C6A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBujSXRcdJGG_4_yu5nod88nQtabZ7fcvWKANkHS8kKlbK7VPWuXkztGQylWQ1u5ZC_SaCiljWoLlh1fmccwc5xikp1xT_YV4TNJNA00c-ngQoBI8NbppeCu5008TEoMxjz9yCA0wE7Cpm7cRbiId3YQJd8w&dbm_d=AKAmf-B2tvBPOFajT2MM_nze56fux6Qaq1Fj3y3ktMt_C5pWar1th2pGaqtP0Ma_zCOEqRomjq4bhgfQdsxiVv9YswIECc66weEYt5i-r_RAagw2gnNoxVcfsrVDeKWb2mx9NA6Z9KWloeqIpx9lEvYeZc7AiU0JI-SbEC75SN9MUCc6VHVlGgxUZ-NZc5HW9R7fSCqLnEwP5ew2wrvZMPp-wrnTJ1K_CrfhKf2l9qx9A1Cmahjf4v3YiS1atr6NiUEUTvpmbSZ0GiTSF1IjDAgpazIaFsJNbpMbY8IBjEaG6nr5TdLCiuC_s4YM-4m9LoMAZ7qtzkZZ69FddT_PSPFAnico2-k6gQje1Uo4NjEVqfunpYNAsfHIB-g0E8X01iDm535L9TCN9cZZcmjkRwm3xoJYVKUIsgmUWZMqCXWHnrK_4KK7nsuB422eZqqqqHej_qArb0-UBlHhw4eRpJrVstUTjz95XnYihgnjK_Xa6roqgDEXbh81Dt_myLD5yi5ND3TOuK7u6GyYFTxhyrLK32O652vxFTst0Xl3m4IU-Gujo6mECbw929ZgdrsOawLTe6yyKHVvgqY3AYCAJ2u6w6-AcN9vDJKkWKyFjOMrxc8A5jerGlGEpayuYBQ6xcFn4yx9rR3zqYtvr3qdefieslDl4hoG1P-z6GEiUpTZ4EKAcvH73e0EtEqLgZ6qqNtWY3xqKqqzVkbWnxhQIBkyqQ18sdNjitogVx7Is83wAFo_qYh1ZOFY14pXwssFkOSJPek3mxl_tTRpdBp8cjAlKWHVwo7cMBAsW3L_JywZRH2eKVzK1QjXSqnG4_vHy9_hFNi6s7QPKre1lDq9det0-c0mxJmceDVJ3bgU-FfGqcTGxkPN0vj9DSDC2RlA5sLWpyxsirv3ooLFG27em66DuTbcH3_Prs3pQtIVFU-wLfscHc3w6Q-z-cYTn-eu4T8i4My1WNuaCmmH9NKGQGC4dzwOWgvn76TrMep-z8NNw4AafttfsH3qEE6kjn-ph1jol55Op95x9XUY4FRfSHundKiSeiP49JpLEp1i-rsgh150IPhgQ1UWjNRNttogdvAI8XOtYQTbNiEQUfNB9Ye0PO8ikXSeNwCH7SHtC_8icptzA-C0-jApiviA_3VzQeLirCA2x9WHok1gTF4X74jn7AMYh32G6y14tJcD-9pl8L1FV2sW6QGKyFduKqmQRut-B3z4UN9v1Tc0JUrRvcNAWI2INvXtzhW1OJEGdK1exHIPyTuxDZysuGDzbUetUySAUgArqTgdX2ixRwTDNHxIqlOJzFF8COhXX1YOD1iI7Vs8486sLM-tkw2A1vPT2Skui0H_C36L_1tHunq_LoNA-5lMoZjfhIYFxkRawuHrXg0l0viw-mNNuysNq1-xCi-nylwfop1l5vgPuq-0eBiWELReguuYIztJZdUIm0SrDqHvr6_PsWNVGungvmH1bd34H0yldaI-8lXftz2aYHSXKSqxE8AX357IaXwjl_t7ykfGlgRzmLBxXW90FKYuWgJmbgqhB3SiTLpDZSqSviRKAvXvrEVFYsJhoxozPmUgeOZ711O7h8fp2fAKkzFjuGLnpxWPFw0VSc9T5WgoIIehNw3B7XO9uFsXLg3PkmthtANYntAPQPuG7OKzipT84KW5O3FIKdoQjOU9UlgO7_dg4X5yiY-8hV1TDAzamYFEUR_EPOaCJTK486tZ05721FFamlBxhW9rk5nmvZ_NkOdUoNiIdwqCpYgxxEz1qiKZKZ49ETn_GMttP-c7YHZXgnnGkaWLGZXPVAiYKaljxCWmqsNOB9YpqsvPHnHvjDqvmbSleWZxDQ6Mwq4KA_gNTdoGQ1HG6eq_COcWjTa4LqIJYBDIWnhjwq6p-_PSSxIvOcz-cAIQW9gnqVjxMCfxyYI9eZzC_zbAypnxoi6N7BpYH8SqTWT7rnPvU0-rqNBseyjjbKy2qvJN2mrRKDtLFN_IqD2MkOcf3kivO7-TpD0bl7DaK24FlR-Q3lLJmGqFofBqgUIDu7K2-nX_tam8psxTeTNXUW0Dz-QaUnlMNm7iMvtq_jR8LDDRJ3i3L1-tIKBAGxl-JMkxm5ZwEyI2Wa8K-2UIxhQY62BtPCioFxZZcYPoLkNRy2pJ6ls3ZkF4OxkOhafK03IUHbROP0WY8AazezPSuEWAQRd9k2IgD_4HDU7g5MIPAf7pxFd0PnN4jwPMUX0sC3iwAgCjGAPeK1P9-AWL32S1nWwxruynSV5LkvxsUxcNLKbTb8mav4OpqvpFvakUJnNz4220XjoAlhh9zs_ow8CN4VvABYT1wwENL_irjrzFB0UdnZmkqVeEoS5WQF6rSuECeAKTDleAFq6paZUjY2by4i_NBvfBOCMeIXr4-CsyWLPl6nYv4DQcGOkKLY_C5n9jhWFoogdmUrVpRPhGw2hs2ijz4Gu2dTYE5-BLyZXEOXlQHfODCbwQiYayBccLbRxMPjjuEk-KgXnfmrwQ1zizl-JMmyIMsXb24TsC3GG-JNzQxBApaBeNLb1tjLU2t-sDkbuXrWlOFMkKR1AYePjlEnxscKz3C9yIJJf6OXoBj9R6X2sLAFYTFwQmZtO19oIOEOJb_sIIRG5WLJDEKVhxyQHKoAxq7v8mMRELwPivIEfO3OAnmY6CJ-o7U13vdX-zcnEwOzLgw1nfeHpSPWFSWwbR51wuTD9oQXeb0WLAWNceNl-4ch22UepxU_DYhe93InDxO15xfoAUoVQ44NhOyWpeKZAmqO7d-KJ212QUeA43kfEGISvj1h9zuubmy_06DFPlaA8mz4v2D-MOh2zjYM2XzZ-aYBoe-WV4mTewFLSaaMkvHO1iYxxI6tfvQiZF9Z0JrRJOXjRtmAA9SCsFHUE1yY0QhqVSsVq6fwBu-U_ryfNGRU_tlq5GP0jAk9M2NbcuaO7fKzl-rq3my1P67n61GEcJt6XXIlWqvMVXC93FPJH45QPtXPB-IhQL1LhUd6QLjwJYHHJjgv_niFOE59c694eckYNyS3bMDJ8YSGj0YWZqYP1xxKzHAJPdwhh7_jhaY8VdCW_r29sQ_bAVHYsT43LjhYqbSXwIuvMrBRWmkUEMSpRWrB2IWgdVqvknJU-bdQhutX1hJrPB7XtCE_WcnkmMbkQoa31mTg0QZlIlbTfL3RjJtSPldtoCRMc8RS1cwna_Cra7bcj7JfByU06xLjJ-5qiyHrvB_nlCwW-xDmxtG2ar_TDzbKw7DeHdVHBX4fkED8Hxk-49rmS2McSO4f_1RL8n3HhS1LwUIHIx2AqBFZNtmO1XUZM9IESo9Qk0sFhNKfEIXroJLGwwEiiNWj6jvWZh8NbO0XrTJbOiwlX1XekgVTJ_zeb35Z81CETl3-C9wFPaxCZMBXxrOhy-DokLaiVPLCrZQls2T0X4S1hhoIAH9V3BwNcwFts-cM2Sba2Ugo_gHNIlevPaR4gxhCgvwFYDe0-vHOfLYT199mGScgPRe_mxlU8hnYtwePCcLzu_upy9oiJcrM52RsNX_mNo2wHj1QlH5Bi-Bw&cid=CAASEuRobY8VHgn6WCClgR0ZqVmenQ&rfl=2%2Chttps%253A%252F%252Fhawamer.com%252F%240
Frame ID: 150323AC114B9F2448F427FE98C691D9
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E784AB780B83BABDAA763AE5C65D7B0A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A97C612C54FA433755D009ABED82CAE6
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 109FE54EBD94FC845EDBFABCB04597AC
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: C32215FA274F0449B9DFC366983CDCBB
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B47A8CFB33989B4E8D56D236AC85EC74
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: 046CF9978B2D9F4C568AA129C9E09480
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
Frame ID: 97D149CEE5F891B58AE3EF4FCDA6B9A5
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F1028E0B8A8EC8BD0AF2A369CC3FFEA8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: F06F5E0F82E2CD5C021FFA4BEBCC04F7
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js
Frame ID: 62D649286AB9C0779783B1CAE6512EEE
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: C2C5BD991BC22B9B41A96DCDFA4C48F8
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: E85BDCD0F30050B5A0D6C93DF2D250F0
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

هوامير البورصة السعودية

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

184
Requests

92 %
HTTPS

67 %
IPv6

21
Domains

35
Subdomains

31
IPs

6
Countries

2794 kB
Transfer

5145 kB
Size

29
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://upload.hawamer.com/
Title: مركز رفع الصور

Search URL Search Domain Scan URL

URL: http://upload.hawamer.com/customer/
Title: اتصل بنا

Search URL Search Domain Scan URL

URL: https://upload.hawamer.com/advertise/
Title: اعلن معنا

Search URL Search Domain Scan URL

URL: https://upload.hawamer.com/customer/
Title: اتصل بنا

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 69

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3142491234;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CKbA6KD1pPoCFSqI_QcdzhgKcw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3142491234;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Request Chain 75

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA HTTP 301
https://tpc.googlesyndication.com/simgad/11451250718949484972

Request Chain 108

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1

Request Chain 109

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyqBV8V6Uns61sHuVem3IgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1

Request Chain 110

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESED2yIlyup4LwSAqRyv7k5KY&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2yIlyup4LwSAqRyv7k5KY%26google_cver%3D1

Request Chain 111

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2OTAzMDU3OTgyODQyNzY0OA%3D%3D

Request Chain 119

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-dmSpX4zWnDJorYICRyVRK9VbsEhqM2PM2cvvuAkdtlDw-pLKzvcD8hx7kRr7cJxicsjk8ExZ5ajYLZHx6y_XB4jJus1Fhgw&google_gid=CAESEMugHm4YamTpwXWT6VZ_L_o&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-dmSpX4zWnDJorYICRyVRK9VbsEhqM2PM2cvvuAkdtlDw-pLKzvcD8hx7kRr7cJxicsjk8ExZ5ajYLZHx6y_XB4jJus1Fhgw&google_gid=CAESEMugHm4YamTpwXWT6VZ_L_o&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA5OTc0OTQxNzAxMg%3D%3D&google_push=AZmPxg-dmSpX4zWnDJorYICRyVRK9VbsEhqM2PM2cvvuAkdtlDw-pLKzvcD8hx7kRr7cJxicsjk8ExZ5ajYLZHx6y_XB4jJus1Fhgw

Request Chain 122

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIPj9fxQCfb8uqrMm6EHTx8&google_cver=1&google_push=AZmPxg9HJaVIvRrgUFz5UWAEDEu_LeCUkOMLL6jh3lakxwyh-GQhsCyGCpUik4edY5GXsC99X7gbL6Q5VlO_f68XT8riYqPOb2omcw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMTQtMTItOUJVWQ==&google_push=AZmPxg9HJaVIvRrgUFz5UWAEDEu_LeCUkOMLL6jh3lakxwyh-GQhsCyGCpUik4edY5GXsC99X7gbL6Q5VlO_f68XT8riYqPOb2omcw

Request Chain 123

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFdyaaUtofryHIfXX73sHlM&google_cver=1&google_push=AZmPxg-gPrUMnX4WZQT7RoqViEquoNpIwRiN9fiKPpFUIqB6A0kBK3WaBW7O7kIcAD8rKVlrbfX6hiGZolzigJlzBNPvifkG-tc6Ww HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdyaaUtofryHIfXX73sHlM&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-gPrUMnX4WZQT7RoqViEquoNpIwRiN9fiKPpFUIqB6A0kBK3WaBW7O7kIcAD8rKVlrbfX6hiGZolzigJlzBNPvifkG-tc6Ww

Request Chain 127

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 136

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg955dfi55W_6kus7lQs2LpgrcVasJpuj3GWmHUThdJyTjxnnPfQpTn4t8ucBgq7gfYZfslGPdR7C2Pw8RU8Ec-oYfRSUw&google_gid=CAESEAlJMDJa-TsrQ_Nuq83eFTg&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg955dfi55W_6kus7lQs2LpgrcVasJpuj3GWmHUThdJyTjxnnPfQpTn4t8ucBgq7gfYZfslGPdR7C2Pw8RU8Ec-oYfRSUw&google_gid=CAESEAlJMDJa-TsrQ_Nuq83eFTg&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA0MjgxOTU0OTQ5NQ%3D%3D&google_push=AZmPxg955dfi55W_6kus7lQs2LpgrcVasJpuj3GWmHUThdJyTjxnnPfQpTn4t8ucBgq7gfYZfslGPdR7C2Pw8RU8Ec-oYfRSUw

Request Chain 139

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECijgRgTKVkJTHIhzJQ9kHg&google_cver=1&google_push=AZmPxg8QFzm-0xQ5Tn3lQL8e3DwYT3qXi-tuyiikFS2Q7F2810eOBbZFWghxbaHwa5irDd0hDdi_pg9K1g4UrJ7q37Mz4HJXPA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMkQtMUktOVlHSQ==&google_push=AZmPxg8QFzm-0xQ5Tn3lQL8e3DwYT3qXi-tuyiikFS2Q7F2810eOBbZFWghxbaHwa5irDd0hDdi_pg9K1g4UrJ7q37Mz4HJXPA

Request Chain 146

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM3VlJE88qFD6oEJtNjQvXQ&google_cver=1&google_push=AZmPxg9Leh9Z2mZ-CXcf8wuoTrA2u35l9R7DjRqB6W0HWGo5ZnfZz6DVs4pVirgyxX7RqADbEeWpMnG0mh0p3vMULbLWlBFHZsw HTTP 302
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9Leh9Z2mZ-CXcf8wuoTrA2u35l9R7DjRqB6W0HWGo5ZnfZz6DVs4pVirgyxX7RqADbEeWpMnG0mh0p3vMULbLWlBFHZsw&google_hm=1o0G-u2oRb6Re-Olc5xN4w

Request Chain 150

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELATO-oZdc6d9oW5EEe1c5s&google_cver=1&google_push=AZmPxg-D7OZnFHcpX4oIBPNyZ85aHrZULrXetxSWMxjEvzf8BZD_R18773zeRgOTMmgK7aX6AxBGv5SRE3DLAhst-wvGqg62VPc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyNFAtVi03T0RG&google_push=AZmPxg-D7OZnFHcpX4oIBPNyZ85aHrZULrXetxSWMxjEvzf8BZD_R18773zeRgOTMmgK7aX6AxBGv5SRE3DLAhst-wvGqg62VPc

Request Chain 151

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPuYgWCDU4ngfWxXpKUm-oo&google_cver=1&google_push=AZmPxg-s4Opkyqm3b3cn0b2sjR3yGxB3lTsfSbBLMe4r75iH621oCF2FXhP-uPlVJbSwoAF6Pjnl_sXUVypLZePggOGS2WTgCCs HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPuYgWCDU4ngfWxXpKUm-oo&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-s4Opkyqm3b3cn0b2sjR3yGxB3lTsfSbBLMe4r75iH621oCF2FXhP-uPlVJbSwoAF6Pjnl_sXUVypLZePggOGS2WTgCCs

184 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index.php Show response
hawamer.com/vb/ 140 KB
22 KB 756ms
697ms Document
text/html 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f196c6637d673478272c283119d0358057d13141de72f601d3f7b6efc7c7188b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private
cf-cache-status: DYNAMIC
cf-ray: 74df9ff85e646922-FRA
content-encoding: gzip
content-type: text/html; charset=windows-1256
date: Wed, 21 Sep 2022 03:13:26 GMT
pragma: private
server: cloudflare
vary: Accept-Encoding

GET
H2 200 fontawesome-webfont.woff2
hawamer.com/vb/hawamerbytraidnt/ 75 KB
76 KB 30ms
28ms Font
font/woff2 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/hawamerbytraidnt/fontawesome-webfont.woff2
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://hawamer.com/vb/index.php
Origin: https://hawamer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Thu, 22 Aug 2019 11:35:30 GMT
server: cloudflare
age: 5053
etag: "5d5e7e02-12d68"
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffcc9dd6922-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 77160

GET
H2 200 vbulletin_all.js Show response
hawamer.com/vb/hawamerbytraidnt/js/ 67 KB
22 KB 51ms
50ms Script
application/javascript 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/hawamerbytraidnt/js/vbulletin_all.js?v=3811
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 527309ba6e7b3fb503dfdef866abd615e4662cbe9c4d604529f5555b7099e098

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4734258
cf-polished: origSize=68203
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sun, 04 Nov 2018 17:11:20 GMT
server: cloudflare
etag: W/"5bdf2838-10a6b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 74df9ffcc9e06922-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H3 200 responsive-nav.min.js Show response
hawamer.com/vb/hawamerbytraidnt/js/ 6 KB
3 KB 29ms
27ms Script
application/javascript 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/hawamerbytraidnt/js/responsive-nav.min.js
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 38c5697100f4beb86d7d1364407cd3a16783ede5e7c13e007102312cf16198ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 Jan 2016 17:06:50 GMT
server: cloudflare
age: 4734269
etag: W/"56a8f92a-1991"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=315360000
cf-ray: 74df9ffd3a3b8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style-0f09c572-00090.css
hawamer.com/vb/clientscript/vbulletin_css/ 104 KB
20 KB 50ms
49ms Stylesheet
text/css 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3539efdeb1c6f51783f415235ec492eaedc7ee475b6e3ed1208470282931a0cc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4734258
cf-polished: origSize=111708
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sun, 22 May 2022 08:28:33 GMT
server: cloudflare
etag: W/"6289f431-1b45c"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 74df9ffcc9de6922-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vbulletin_important.css
hawamer.com/vb/clientscript/ 404 B
361 B 50ms
49ms Stylesheet
text/css 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/clientscript/vbulletin_important.css?v=3811
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e658790158fe348fcc8d328c7c8bd06aa42ce2cda12823e771cf04d21185ef88

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 4734258
cf-polished: origSize=432
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 07 May 2018 15:19:52 GMT
server: cloudflare
etag: W/"5af06e98-1b0"
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=315360000
cf-ray: 74df9ffcc9df6922-FRA
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 vbulletin_menu.js Show response
hawamer.com/vb/clientscript/ 9 KB
3 KB 49ms
48ms Script
application/javascript 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/clientscript/vbulletin_menu.js?v=3811
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 183f9a7c5ffb8321d9ba11e68c274f4060d0c9efc87275402a94c41ba5f59a04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 12 May 2018 12:06:46 GMT
server: cloudflare
age: 4734258
etag: W/"5af6d8d6-221a"
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffcc9e16922-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 169 KB
57 KB 102ms
44ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2779829712178693

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

82dafeb5dcfdbae610a12b1744faf91e84b97b54b76a8fba2dfbfe08bff15936

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Origin: https://hawamer.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58184
x-xss-protection: 0
server: cafe
etag: 623317198913959252
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 03:13:26 GMT

GET
H3 200 logo.webp
hawamer.com/images/ 7 KB
7 KB 32ms
28ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/logo.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 40ff2fd0d97080e168855dc03f686a313c1394f11be58808fd1dc38a0b62054c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 05 Jul 2022 17:19:30 GMT
server: cloudflare
age: 850
etag: "62c472a2-1bd6"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a408fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 7126

GET
H3 200 download38.webp
hawamer.com/images/ 2 KB
2 KB 31ms
28ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download38.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7dfeed40c0a8d3c61a9e256ac99484c2f60a5a5bb120512ea19a229ad896f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 18:18:31 GMT
server: cloudflare
age: 850
etag: "5f3c1b77-6c2"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a418fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730

GET
H3 200 download40.webp
hawamer.com/images/ 150 B
357 B 31ms
28ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download40.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 75eaf57f47ee4ca619b8d23bbe5013bbcf9160fcbfe2b647952a5f22f53009ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 18:22:52 GMT
server: cloudflare
age: 850
etag: "5f3c1c7c-96"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a438fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 150

GET
H3 200 icon14.webp
hawamer.com/vb/images/icons/ 338 B
546 B 53ms
50ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/images/icons/icon14.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93ee3429fd6062afe638c809df7dbf2bb151a184ab61070a2e9623c7f15daf3e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 19:03:26 GMT
server: cloudflare
age: 850
etag: "5f3c25fe-152"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a448fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 338

GET
H3 200 icon2.webp
hawamer.com/vb/images/icons/ 368 B
576 B 53ms
50ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/images/icons/icon2.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0d15e1f0ee0de92951261fafd238fe4cd970411f4b3511414470ce5728f31999

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 19:05:41 GMT
server: cloudflare
age: 3564
etag: "5f3c2685-170"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a478fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 368

GET
H3 200 icon10.webp
hawamer.com/vb/images/icons/ 378 B
586 B 45ms
42ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/images/icons/icon10.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e4b74e0f8d8de7bb5b830c21228dc6d720783b30a9d1e8f99414704a9f061bd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 19:03:12 GMT
server: cloudflare
age: 1577
etag: "5f3c25f0-17a"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a488fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 378

GET
H3 200 download26.webp
hawamer.com/images/ 446 B
654 B 46ms
43ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download26.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 58f08e722618af80b645e5ff076f7a315a764cc9726cc5f230c2e2356d87c85f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 17:55:16 GMT
server: cloudflare
age: 850
etag: "5f3c1604-1be"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a498fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 446

GET
H3 200 collapse_thead.gif
hawamer.com/vb/hawamerbytraidnt/img/buttons/ 54 B
379 B 50ms
47ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/hawamerbytraidnt/img/buttons/collapse_thead.gif
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 155141b2b3db4c030c80a332f8eb7efe9ade08aa35c9993207b74eb2c2e9e4e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
age: 119503
cf-polished: origFmt=gif, origSize=1173
content-disposition: inline; filename="collapse_thead.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Tue, 04 Jul 2017 01:55:04 GMT
server: cloudflare
etag: W/"595af578-495"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd3a4a8fee-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 download25.webp
hawamer.com/images/ 390 B
598 B 50ms
47ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download25.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ba151539d549e1659ceead292f8b87fafc25ba11b7057e921be5b5e536bdf257

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 17:54:16 GMT
server: cloudflare
age: 850
etag: "5f3c15c8-186"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a4c8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 390

GET
H3 200 download23.webp
hawamer.com/images/ 2 KB
2 KB 55ms
52ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download23.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7dfeed40c0a8d3c61a9e256ac99484c2f60a5a5bb120512ea19a229ad896f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 17:50:43 GMT
server: cloudflare
age: 850
etag: "5f3c14f3-6c2"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a4d8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1730

GET
H3 200 download211.webp
hawamer.com/images/ 2 KB
2 KB 55ms
52ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download211.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09226dc6bb5bfcbeaab03057fdc16af4efce2a4b76bceaca9e6815ea349d32c4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 17:51:52 GMT
server: cloudflare
age: 850
etag: "5f3c1538-668"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a4e8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1640

GET
H3 200 download22.webp
hawamer.com/images/ 2 KB
2 KB 56ms
53ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download22.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4d27c38511ced0d6449a1e329bc0528c35afbf7b1e829a9c4397be7f9ac57456

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 17:48:17 GMT
server: cloudflare
age: 850
etag: "5f3c1461-6cc"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a4f8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1740

GET
H3 200 download27.webp
hawamer.com/images/ 624 B
832 B 56ms
53ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/images/download27.webp
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3739d298ac8233f1e4fc8259cc76997573168ae88f671ebbc7420f02ba468262

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
last-modified: Tue, 18 Aug 2020 18:02:00 GMT
server: cloudflare
age: 1811
etag: "5f3c1798-270"
vary: Accept-Encoding
content-type: image/webp
cache-control: max-age=2678400
accept-ranges: bytes
cf-ray: 74df9ffd3a508fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 624

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.5.1/ 87 KB
31 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:828::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:16:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3415
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31021
x-xss-protection: 0
last-modified: Fri, 08 May 2020 07:05:03 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 21 Sep 2023 02:16:31 GMT

GET
H3 200 jquery.lazyload.mini.js Show response
hawamer.com/vb/hawamerbytraidnt/js/ 3 KB
1 KB 30ms
30ms Script
application/javascript 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/hawamerbytraidnt/js/jquery.lazyload.mini.js?ver=1.5.0
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270e8803da88a35e505288da53079fc6528002d7821abfd0d10be61819353471

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 27 May 2020 10:39:22 GMT
server: cloudflare
age: 4734269
etag: W/"5ece435a-bad"
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd2a318fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H3 200 vbulletin_menu.js
hawamer.com/vb/clientscript/ 0
3 KB 49ms
46ms Other
application/javascript 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/vb/clientscript/vbulletin_menu.js?v=3811
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/index.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: public
date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Sat, 12 May 2018 12:06:46 GMT
server: cloudflare
age: 4734269
etag: W/"5af6d8d6-221a"
vary: Accept-Encoding
content-type: application/javascript
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd3a428fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
46 KB 89ms
33ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-N32RH97

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f066c599940ef1093a72d95661748c1706830641ad7bbcb1cb66d919464f6203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46410
x-xss-protection: 0
expires: Wed, 21 Sep 2022 03:13:26 GMT

GET
H3 200 s.png
hawamer.com/vb/hawamerbytraidnt/img/ 482 B
802 B 44ms
44ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/hawamerbytraidnt/img/s.png
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fa5b4147cc7fae08d74099c0bd253d17f91d178b3611a87b092e225b93e22df3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
age: 116719
cf-polished: origFmt=png, origSize=575
content-disposition: inline; filename="s.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 04 Feb 2017 13:30:26 GMT
server: cloudflare
etag: W/"5895d772-23f"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd4a558fee-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 headbgver_min.png
hawamer.com/vb/hawamerbytraidnt/ 356 B
683 B 50ms
49ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/hawamerbytraidnt/headbgver_min.png
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e5c353031c9d6f0347536a290c1dd1507cc8ee2f62f7b1f572c820320b7b06da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
age: 120348
cf-polished: origFmt=png, origSize=479
content-disposition: inline; filename="headbgver_min.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Thu, 15 Nov 2018 16:17:34 GMT
server: cloudflare
etag: W/"5bed9c1e-1df"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd4a568fee-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 u.png
hawamer.com/vb/hawamerbytraidnt/img/ 160 B
478 B 51ms
50ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/hawamerbytraidnt/img/u.png
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3171d41aa3f920ce61b139412e8a88a4d36c46f7370f5569a70e9a6b1ab75cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
age: 115582
cf-polished: origFmt=png, origSize=306
content-disposition: inline; filename="u.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 04 Feb 2017 13:30:44 GMT
server: cloudflare
etag: W/"5895d784-132"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd4a588fee-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 p.png
hawamer.com/vb/hawamerbytraidnt/img/ 130 B
448 B 51ms
50ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/hawamerbytraidnt/img/p.png
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: afa3435876a6813db3ec6e48272ed141066e66ff36b311af071c0ed4902d16d9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
age: 118486
cf-polished: origFmt=png, origSize=213
content-disposition: inline; filename="p.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Sat, 04 Feb 2017 13:30:26 GMT
server: cloudflare
etag: W/"5895d772-d5"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd4a598fee-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 navbarbg.png
hawamer.com/vb/images/ 92 B
415 B 36ms
35ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/images/navbarbg.png
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 421b9ce865704be5c68333dd4976e2529828f5317dca749342e67d3671b2d555

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
age: 115962
cf-polished: origFmt=png, origSize=133
content-disposition: inline; filename="navbarbg.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 18 May 2015 11:47:46 GMT
server: cloudflare
etag: W/"5559d162-85"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd5a718fee-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 gradient_tcat.png
hawamer.com/vb/images/gradients/ 364 B
689 B 35ms
34ms Image
image/webp 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hawamer.com/vb/images/gradients/gradient_tcat.png
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 10bf6a7d0ff6343528d6fccd9b63643ff28cc12eedbe3ebc47bc5ab6862e2a9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/vb/clientscript/vbulletin_css/style-0f09c572-00090.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
cf-cache-status: HIT
age: 117802
cf-polished: origFmt=png, origSize=463
content-disposition: inline; filename="gradient_tcat.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
pragma: public
last-modified: Mon, 07 May 2018 17:50:04 GMT
server: cloudflare
etag: W/"5af091cc-1cf"
vary: Accept
content-type: image/webp
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: public, max-age=315360000
cf-ray: 74df9ffd5a728fee-FRA
cf-bgj: imgq:100,h2pri

GET
H3 200 invisible.js Show response
hawamer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/ Frame D557 38 KB
16 KB 24ms
24ms Script
application/javascript 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663718400
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3076020cd540f3dcc5fc44bc8df009b6ccd1ab1bb47c10c72ea826ebededc8d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74df9ffe0ace8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 71ms
22ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N32RH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
server: Golfe2
age: 686
date: Wed, 21 Sep 2022 03:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19826
expires: Wed, 21 Sep 2022 05:02:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 84ms
28ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N32RH97

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2ed90f1ebfb7ab763e48c4d8cb416694a9a0dd0c97d3ad90df28f978557e4a7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27767
x-xss-protection: 0
server: sffe
etag: "1340 / 215 of 1000 / last-modified: 1663711668"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 21 Sep 2022 03:13:26 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
73 KB 84ms
42ms Script
application/javascript 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-PGRLQHN6EK&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-N32RH97

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3febfda090b36a98dc79c7f52ac75c354d1d29bd03828982b246b63005cbd5a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 75080
x-xss-protection: 0
expires: Wed, 21 Sep 2022 03:13:26 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 99ms
57ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N32RH97&cv=30&v=3&t=t&pid=1373190049&rv=9j0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&tc=5&dl=hawamer.com%2Fvb%2Findex.php&tdp=GTM-N32RH97&z=0

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 td
www.googletagmanager.com/ 0
15 B 70ms
28ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.googletagmanager.com/td?id=GTM-N32RH97&cv=30&v=3&t=t&pid=1373190049&rv=9j0&es=1&e=gtm.init_consent&eid=-1&u=AAAAAAAAAAAAAAAg&tc=5&dl=hawamer.com%2Fvb%2Findex.php&tdp=GTM-N32RH97&z=0
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
server: Golfe2
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 78ms
36ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N32RH97&cv=30&v=3&t=t&pid=1373190049&rv=9j0&es=1&e=gtm.init&eid=0&u=AAAAAAAAAAAAAAAg&tc=5&z=0

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 98ms
56ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N32RH97&cv=30&v=3&t=t&pid=1373190049&rv=9j0&es=1&e=gtm.js&eid=1&u=AAAAAAAAAAAAAAAg&tc=5&tr=1gaawc.1ua.1lcl.1html&ti=1gaawc.1ua.1lcl.1html&z=0

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/ 346 KB
122 KB 92ms
50ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2779829712178693&plah=hawamer.com&bust=31069751

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2779829712178693

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6b7648f196516186e81f7018f420992e92cda2acc994e50ab669492380a5999c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 124742
x-xss-protection: 0
server: cafe
etag: 15069143614511573104
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 21 Sep 2022 03:13:26 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/ Frame C71C 10 KB
5 KB 73ms
21ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220915/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2779829712178693

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 25326
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 20:11:20 GMT
etag: 9671129459699598864
expires: Tue, 04 Oct 2022 20:11:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 76ms
58ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=puberror&context=165&msg=TagError%3A%20adsbygoogle.push()%20error%3A%20No%20slot%20size%20for%20availableWidth%3D0%0Aat%20jo%20(https%3A%2F%2Fpagead2.googlesyndication.com%2Fpagead%2Fjs%2Fadsbygoogle.js%3Fclient%3Dca-pub-2779829712178693%3A190%3A371)%0Aat%20io%20(adsbygoogle.js%3Fclient%3Dca-pub-2779829712178693%3A189%3A137)%0Aat%20qo%20(adsbygoogle.js%3Fclient%3Dca-pub-2779829712178693%3A193%3A187)%0Aat%20Tp%20(adsbygoogle.js%3Fclient%3Dca-pub-2779829712178693%3A237%3A460)%0Aat%20kq%20(adsbygoogle.js%3Fclient%3Dca-pub-2779829712178693%3A244%3A105)%0Aat%20jq%20(adsbygoogle.js%3Fclient%3Dca-pub-2779829712178693%3A243%3A454)%0Aat%20sq%20(adsbygoogle.js%3F&shv=r20220915&mjsv=m202209080101&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C31067826&client=ca-pub-2779829712178693&slotname=5668849956&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 44ms
44ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N32RH97&cv=30&v=3&t=t&pid=1373190049&rv=9j0&es=1&e=gtm.dom&eid=3&u=AAAAAAAAAAAAAAAg&tc=5&z=0

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pica.js
hawamer.com/cdn-cgi/challenge-platform/h/b/scripts/ Frame D557 20 KB
8 KB 25ms
24ms Other
application/javascript 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/cdn-cgi/challenge-platform/h/b/scripts/pica.js
Requested by: Host: hawamer.com
URL: https://hawamer.com/vb/index.php
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6aecc59e2029b3620197bb7074a8e11839e0305f71885afa972b2df49c600fa1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 74df9ffe9b2e8fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 69ms
27ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j97&a=1577915488&t=pageview&_s=1&dl=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&ul=en-us&de=windows-1256&dt=%D9%87%D9%88%D8%A7%D9%85%D9%8A%D8%B1%20%D8%A7%D9%84%D8%A8%D9%88%D8%B1%D8%B5%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=249457720&gjid=745073415&cid=645438071.1663730007&tid=UA-12654981-1&_gid=1209499755.1663730007&_r=1&gtm=2wg9j0N32RH97&z=1813900617

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://hawamer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hawamer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022091901.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 15:47:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 41127
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131339
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 08:34:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 20 Sep 2023 15:47:59 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 176 B
472 B 32ms
30ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=hawamer.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8b66ec1a9f300160bbfeaabe9662fcaa6c19e8c09113be399a1e85a0155f52b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119
x-xss-protection: 0
expires: Wed, 21 Sep 2022 03:13:26 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 81ms
28ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-PGRLQHN6EK&gtm=2oe9j0&_p=1577915488&cid=645438071.1663730007&ul=en-us&sr=1600x1200&_z=ccd.v9B&_s=1&sid=1663730006&sct=1&seg=0&dl=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&dt=%D9%87%D9%88%D8%A7%D9%85%D9%8A%D8%B1%20%D8%A7%D9%84%D8%A8%D9%88%D8%B1%D8%B5%D8%A9%20%D8%A7%D9%84%D8%B3%D8%B9%D9%88%D8%AF%D9%8A%D8%A9&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PGRLQHN6EK&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://hawamer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
439 B 121ms
28ms XHR
text/plain 2a00:1450:400c:c03::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-12654981-1&cid=645438071.1663730007&jid=249457720&gjid=745073415&_gid=1209499755.1663730007&_u=YEBAAAAAAAAAAC~&z=463890744

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://hawamer.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 21 Sep 2022 03:13:27 GMT
content-type: text/plain
access-control-allow-origin: https://hawamer.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 215 B
646 B 82ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=hawamer.com&callback=_gfp_s_&client=ca-pub-2779829712178693

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209080101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2779829712178693&plah=hawamer.com&bust=31069751

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bdff4ebf1aec5c400565d6ed99415c66bf37f1df96591c17c5e73913d36fc36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 202
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 97ms
32ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=hawamer.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 79ms
30ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=hawamer.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 03:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 178E 0
19 B 113ms
70ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&adk=1812271804&adf=3025194257&lmt=1663730006&plat=9%3A32904%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&ea=0&pra=5&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006755&bpp=5&bdt=244&idt=153&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6694352045891&frm=20&pv=2&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=178

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:27 GMT
expires: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9B16 97 KB
31 KB 518ms
480ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=5668849956&adk=2916847107&adf=3499367324&pi=t.ma~as.5668849956&w=1200&fwrn=4&fwrnh=100&lmt=1663730006&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006762&bpp=1&bdt=251&idt=173&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rjATCQFyPd&p=https%3A//hawamer.com&dtd=177

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1d51f417340eb0dbedd599d0502f3a4f7cfafa3ec8f443d0b73be4db2a8595f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32055
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:27 GMT
expires: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 74df9ff85e646922 Show response
hawamer.com/cdn-cgi/challenge-platform/h/b/cv/result/ Frame D557 2 B
389 B 37ms
37ms XHR
text/plain 2606:4700:10::6814:1e0b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hawamer.com/cdn-cgi/challenge-platform/h/b/cv/result/74df9ff85e646922
Requested by: Host: hawamer.com
URL: https://hawamer.com/cdn-cgi/challenge-platform/h/b/scripts/alpha/invisible.js?ts=1663718400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:10::6814:1e0b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: gzip
server: cloudflare
cf-ray: 74dfa0007ca48fee-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AF87 21 KB
10 KB 426ms
425ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

108f1b08245f938ff7ba1e4494d95a7d5ef4704f022b95cb94296c7efc46d20e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 10477
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:27 GMT
expires: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 82ms
31ms Image
image/gif 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-12654981-1&cid=645438071.1663730007&jid=249457720&_u=YEBAAAAAAAAAAC~&z=1622900142

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 85ms
35ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-12654981-1&cid=645438071.1663730007&jid=249457720&_u=YEBAAAAAAAAAAC~&z=1622900142

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A555 95 KB
33 KB 382ms
382ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

596e6f38669dbf684cd17986903fb3422a90eb793c85ceecf28e70a8088d51d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 33402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:27 GMT
expires: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4C0D 95 KB
34 KB 426ms
426ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8b287fe669612c0c79631618f9e2da3316b86effaecb2555348e7ebd50e653c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 34304
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:27 GMT
expires: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 2 KB
331 B 83ms
82ms XHR
text/plain 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=329631927462144&correlator=1691556533429226&eid=31069718%2C31069764%2C31069354%2C31067826%2C31062931&output=ldjh&gdfp_req=1&vrg=2022091901&ptt=17&impl=fifs&iu_parts=4306809%2Cfxsol%2Cfxsol_320%2CHawamer_LeaderBoard3%2CHawamer_LeaderBoard3_320_100%2Cpostbit_728%2Cpostbit_320&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=728x90%2C320x100%2C728x90%2C320x100%2C728x90%2C320x100&ifi=6&adks=1231641259%2C2932375748%2C986511490%2C1673347859%2C2750401287%2C1503910397&sfv=1-0-38&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1663730007174&lmt=1663730007&dlt=1663730006511&idt=644&adxs=707%2C-12245933%2C707%2C-9%2C-9%2C-9&adys=653%2C-12245933%2C748%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C0%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&frm=20&vis=1&psz=1053x90%7C0x0%7C1053x90%7C0x-1%7C0x-1%7C0x-1&msz=728x-1%7C0x-1%7C728x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C128%2C4%2C2%2C2%2C2&ohw=1598%2C0%2C1598%2C0%2C0%2C0&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3210e9d6c10584c3db3c7b4dce234b7785cca673062791c3480cbee1fb26ec41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 300
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://hawamer.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a957b41b5de9382aee439650bcc74285.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C6AA 6 KB
4 KB 108ms
29ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a957b41b5de9382aee439650bcc74285.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022091901.js?cb=31069718

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:27 GMT
expires: Thu, 21 Sep 2023 03:13:27 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 38ms
37ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N32RH97&cv=30&v=3&t=t&pid=1373190049&rv=9j0&e=gtm.js&eid=1&u=AAAAAAAAAAAAAAAg&tc=5&tr=5gaawc.5lcl.5html.5ua&ti=1gaawc.1lcl.1html.1ua&z=0

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 9B16 3 KB
1 KB 80ms
29ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=5668849956&adk=2916847107&adf=3499367324&pi=t.ma~as.5668849956&w=1200&fwrn=4&fwrnh=100&lmt=1663730006&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006762&bpp=1&bdt=251&idt=173&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rjATCQFyPd&p=https%3A//hawamer.com&dtd=177

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 01:23:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 03:13:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 03:13:27 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9B16 2 KB
983 B 122ms
63ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:25:31 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 9B16 23 KB
10 KB 80ms
21ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 01:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 01:53:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9B16 3 KB
1 KB 120ms
66ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:17:19 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 9B16 17 KB
7 KB 83ms
25ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 03:00:47 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9B16 140 KB
44 KB 104ms
60ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 03:13:27 GMT

GET
H2 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 9B16 33 KB
14 KB 73ms
20ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 14:45:25 GMT

GET
H3

200

B26587312.345371259;dc_pre=CKbA6KD1pPoCFSqI_QcdzhgKcw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3142491234;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua= Show response
ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/ Frame 9B16
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3142491234;dc_lat=;dc_rdid=;tag_for_child_directed_treatme...
https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CKbA6KD1pPoCFSqI_QcdzhgKcw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3142491234;dc_lat=;dc_rd...

42 B
63 B

91ms
44ms

Fetch
image/gif

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CKbA6KD1pPoCFSqI_QcdzhgKcw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3142491234;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=

Requested by

Protocol

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://ad.doubleclick.net/ddm/trackimp/N279602.134426GOOGLEDISPLAYNETWO/B26587312.345371259;dc_pre=CKbA6KD1pPoCFSqI_QcdzhgKcw;dc_trk_aid=536810712;dc_trk_cid=160699114;ord=3142491234;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
follow-only-when-prerender-shown: 1
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9B16 0
0 68ms
68ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfLa0VoEqY8T6PIOxlQfIm7-oB7yaw7hs5u27h54QloLNhYgWEAEggbqrGmCVso-CoAegAfid-OIDyAEJqQIGbM_swrqwPqgDAcgDywSqBNEBT9DFvCW-Dnl6wSoUspwKqOejbEhEzXNFrsuZmUKGO5LsR1HBErC9A-1y4zF4ettIRtHVCia73SuHJLCH5PWOU5R-9qsPI5FBTZ3xhXRIY-24jkrzm9RIzPvk2w3W8AZRFNwIGRO8xfFR9C0HugTRhVADGGa7ckespeIvNWbvmE3cp60WHEaWL3iyToU3lEyvbrz1Gvh616nLjkksRblvV5wBxV8LrIrjcffpBLVMjnqk8PRHJLTtUOekTM94NSNLHW-uUYa5Aa2L-BO3TNMVomrABPzt_8GFBJIFBAgEGAGSBQQIBRgEoAYugAe17anWAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB6a-G9gHAPIHBBDvqyXSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAaIMCCoGCgT5nrEC2BMN0BUBgBcBshccChoIABIUcHViLTI3Nzk4Mjk3MTIxNzg2OTMYAA&sigh=-snJW21ou8s&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=5668849956&adk=2916847107&adf=3499367324&pi=t.ma~as.5668849956&w=1200&fwrn=4&fwrnh=100&lmt=1663730006&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006762&bpp=1&bdt=251&idt=173&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=242&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=rjATCQFyPd&p=https%3A//hawamer.com&dtd=177
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 3336867600807524417_15852033481640660483.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame 9B16 244 KB
245 KB 113ms
47ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/387628009/3336867600807524417_15852033481640660483.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

460b54e379503b72fa23a97803300647f0738d5ecc1d5c2dd090d2a43acccc80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 02:34:08 GMT
x-content-type-options: nosniff
age: 520759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 250208
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 23:22:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 02:34:08 GMT

GET
H2 200 11304551484059591612_4864762457894113745.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame 9B16 334 KB
335 KB 89ms
23ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/387628009/11304551484059591612_4864762457894113745.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c03bea64b39cd6d9d4fafd380a0ceb4f1dfaa14456175e99037b5fcef161791c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 11:04:08 GMT
x-content-type-options: nosniff
age: 490159
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 342055
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 23:22:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 11:04:08 GMT

GET
H2 200 14865024107087657153
tpc.googlesyndication.com/daca_images/simgad/ Frame 9B16 26 KB
26 KB 92ms
48ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/14865024107087657153

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9e236ae5a5773e2cb58d4f57dea675b60cfbd1324f768a42002fbc21d63aca56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 03:44:05 GMT
x-content-type-options: nosniff
age: 170962
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26255
x-xss-protection: 0
last-modified: Mon, 26 Jun 2017 02:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 19 Sep 2023 03:44:05 GMT

GET
H2 200 4252299678333252276_11479334813822259636.jpeg
static.doubleclick.net/dynamic/5/387628009/ Frame 9B16 239 KB
239 KB 173ms
107ms Image
image/jpeg 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.doubleclick.net/dynamic/5/387628009/4252299678333252276_11479334813822259636.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cd8e5c68aee27e167f062fe548878379b5c7e5a409f08f706b470711c6b63ea2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 05:51:35 GMT
x-content-type-options: nosniff
age: 163312
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 244422
x-xss-protection: 0
last-modified: Wed, 13 Jul 2022 23:21:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 19 Sep 2023 05:51:35 GMT

GET
H3

200

11451250718949484972
tpc.googlesyndication.com/simgad/ Frame 9B16
Redirect Chain

https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX7dCyHBD6ARj6ATIINLr0xKtPtEA
https://tpc.googlesyndication.com/simgad/11451250718949484972

15 KB
15 KB

52ms
32ms

Image
image/jpeg

2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11451250718949484972

Requested by

Protocol

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Thu, 15 Sep 2022 06:58:20 GMT
x-content-type-options: nosniff
age: 504907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15583
x-xss-protection: 0
last-modified: Thu, 02 Jul 2020 21:33:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 15 Sep 2023 06:58:20 GMT

Redirect headers

date: Tue, 20 Sep 2022 06:09:20 GMT
x-content-type-options: nosniff
server: cafe
age: 75847
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/html; charset=UTF-8
location: https://tpc.googlesyndication.com/simgad/11451250718949484972
cache-control: public, max-age=2592000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 20 Oct 2022 06:09:20 GMT

GET
H2 200 16590193452655118078
tpc.googlesyndication.com/simgad/ Frame A555 123 KB
123 KB 77ms
67ms Image
image/gif 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16590193452655118078

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

408ca8a34678a0031d413d72bd297a317cf632ef12c195448c9b7469d5a8b27a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 05:40:51 GMT
x-content-type-options: nosniff
age: 595956
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 126245
x-xss-protection: 0
last-modified: Tue, 26 Jul 2022 20:18:09 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 14 Sep 2023 05:40:51 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame A555 23 KB
9 KB 37ms
28ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 01:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 01:53:05 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame A555 3 KB
1 KB 68ms
62ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:17:19 GMT

GET
H2 200 transparent.png
tpc.googlesyndication.com/pagead/images/ Frame A555 67 B
196 B 52ms
47ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/transparent.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:25:27 GMT
x-content-type-options: nosniff
server: cafe
age: 64080
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag: 2462972746714251406
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 67
x-xss-protection: 0
expires: Wed, 21 Sep 2022 09:25:27 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame A555 17 KB
7 KB 48ms
42ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 760
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 03:00:47 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A555 0
0 77ms
29ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRyEfFBuRBkz93PDyDdm0Qcnc_90D5rLG2daKnqr76dxL6wGt6a9RJFaKhjkWaMDjlaBSIZKR0RMFPF7KRYTTKSgltQog
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A555 140 KB
44 KB 75ms
71ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 03:13:27 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame A555 32 KB
13 KB 61ms
57ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1960e96dffec2f85eb5815b99af79f54998d8cecb7272b033e4ca7c3f008a03a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 18:47:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 30379
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13561
x-xss-protection: 0
server: cafe
etag: 2350513669966983282
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 04 Oct 2022 18:47:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A555 0
0 72ms
69ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWJAiV4EqY8WUCdq99u8PtaCD6AqivYKha6yg25z_D9Lh0uCyARABIIG6qxpglbKPgqAHoAHvisj1A8gBA6kCBmzP7MK6sD6oAwHIA8kEqgTTAU_QZOvHxXxJgRbsS_OKLevPGASJZ9087a1JV_mTcXubMChzQYbSN9rtcSDRHA3flx8BnPH-u2XNBfBzPlW12kQsW7IYOIwKslUbXtOCpz3_xe32qXyeTQvin1VoguUtpJDY7FYtthuTmaLPe0Mkw10iNnyckgMaw7TW_kmHdYe4l1fl4lhe8Nghejl1byRFGTWh5IuQhdko18hbxIZSsDck-eW4d279oOf7NW2ypkMupSJL6E_6Iz-OfcCehzeW0BoSG1yS5mI62DFjGxuGcAWKG4PABPmowPb9A5IFBAgEGAGSBQQIBRgEoAYDgAf59LcKqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwHyBwQQ9-AB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw3QFQGYFgGAFwGyFxwKGggAEhRwdWItMjc3OTgyOTcxMjE3ODY5MxgA&sigh=X5Uc6kFCN3A&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 8B7D 624 B
297 B 32ms
32ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK_mgtMBMAE&v=APEucNVJPH1h7aMFJOr5iDCz0k9CQEaZeYu79mJZKBMw3GBS_Yqg3li4k2McoTnXsqdVSBFQ0BXBh1qvNchRpPJ96Omr5EG2E5Dp4tiU5BxXMrfLZyiXZELgXIKU53uuni_9vfsULWKJxoZWBvAeRVoJEhDlS2EdZ4y8ddi1r4Y2YONYZ96aU2s

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1503 86 KB
34 KB 69ms
68ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBujSXRcdJGG_4_yu5nod88nQtabZ7fcvWKANkHS8kKlbK7VPWuXkztGQylWQ1u5ZC_SaCiljWoLlh1fmccwc5xikp1xT_YV4TNJNA00c-ngQoBI8NbppeCu5008TEoMxjz9yCA0wE7Cpm7cRbiId3YQJd8w&dbm_d=AKAmf-B2tvBPOFajT2MM_nze56fux6Qaq1Fj3y3ktMt_C5pWar1th2pGaqtP0Ma_zCOEqRomjq4bhgfQdsxiVv9YswIECc66weEYt5i-r_RAagw2gnNoxVcfsrVDeKWb2mx9NA6Z9KWloeqIpx9lEvYeZc7AiU0JI-SbEC75SN9MUCc6VHVlGgxUZ-NZc5HW9R7fSCqLnEwP5ew2wrvZMPp-wrnTJ1K_CrfhKf2l9qx9A1Cmahjf4v3YiS1atr6NiUEUTvpmbSZ0GiTSF1IjDAgpazIaFsJNbpMbY8IBjEaG6nr5TdLCiuC_s4YM-4m9LoMAZ7qtzkZZ69FddT_PSPFAnico2-k6gQje1Uo4NjEVqfunpYNAsfHIB-g0E8X01iDm535L9TCN9cZZcmjkRwm3xoJYVKUIsgmUWZMqCXWHnrK_4KK7nsuB422eZqqqqHej_qArb0-UBlHhw4eRpJrVstUTjz95XnYihgnjK_Xa6roqgDEXbh81Dt_myLD5yi5ND3TOuK7u6GyYFTxhyrLK32O652vxFTst0Xl3m4IU-Gujo6mECbw929ZgdrsOawLTe6yyKHVvgqY3AYCAJ2u6w6-AcN9vDJKkWKyFjOMrxc8A5jerGlGEpayuYBQ6xcFn4yx9rR3zqYtvr3qdefieslDl4hoG1P-z6GEiUpTZ4EKAcvH73e0EtEqLgZ6qqNtWY3xqKqqzVkbWnxhQIBkyqQ18sdNjitogVx7Is83wAFo_qYh1ZOFY14pXwssFkOSJPek3mxl_tTRpdBp8cjAlKWHVwo7cMBAsW3L_JywZRH2eKVzK1QjXSqnG4_vHy9_hFNi6s7QPKre1lDq9det0-c0mxJmceDVJ3bgU-FfGqcTGxkPN0vj9DSDC2RlA5sLWpyxsirv3ooLFG27em66DuTbcH3_Prs3pQtIVFU-wLfscHc3w6Q-z-cYTn-eu4T8i4My1WNuaCmmH9NKGQGC4dzwOWgvn76TrMep-z8NNw4AafttfsH3qEE6kjn-ph1jol55Op95x9XUY4FRfSHundKiSeiP49JpLEp1i-rsgh150IPhgQ1UWjNRNttogdvAI8XOtYQTbNiEQUfNB9Ye0PO8ikXSeNwCH7SHtC_8icptzA-C0-jApiviA_3VzQeLirCA2x9WHok1gTF4X74jn7AMYh32G6y14tJcD-9pl8L1FV2sW6QGKyFduKqmQRut-B3z4UN9v1Tc0JUrRvcNAWI2INvXtzhW1OJEGdK1exHIPyTuxDZysuGDzbUetUySAUgArqTgdX2ixRwTDNHxIqlOJzFF8COhXX1YOD1iI7Vs8486sLM-tkw2A1vPT2Skui0H_C36L_1tHunq_LoNA-5lMoZjfhIYFxkRawuHrXg0l0viw-mNNuysNq1-xCi-nylwfop1l5vgPuq-0eBiWELReguuYIztJZdUIm0SrDqHvr6_PsWNVGungvmH1bd34H0yldaI-8lXftz2aYHSXKSqxE8AX357IaXwjl_t7ykfGlgRzmLBxXW90FKYuWgJmbgqhB3SiTLpDZSqSviRKAvXvrEVFYsJhoxozPmUgeOZ711O7h8fp2fAKkzFjuGLnpxWPFw0VSc9T5WgoIIehNw3B7XO9uFsXLg3PkmthtANYntAPQPuG7OKzipT84KW5O3FIKdoQjOU9UlgO7_dg4X5yiY-8hV1TDAzamYFEUR_EPOaCJTK486tZ05721FFamlBxhW9rk5nmvZ_NkOdUoNiIdwqCpYgxxEz1qiKZKZ49ETn_GMttP-c7YHZXgnnGkaWLGZXPVAiYKaljxCWmqsNOB9YpqsvPHnHvjDqvmbSleWZxDQ6Mwq4KA_gNTdoGQ1HG6eq_COcWjTa4LqIJYBDIWnhjwq6p-_PSSxIvOcz-cAIQW9gnqVjxMCfxyYI9eZzC_zbAypnxoi6N7BpYH8SqTWT7rnPvU0-rqNBseyjjbKy2qvJN2mrRKDtLFN_IqD2MkOcf3kivO7-TpD0bl7DaK24FlR-Q3lLJmGqFofBqgUIDu7K2-nX_tam8psxTeTNXUW0Dz-QaUnlMNm7iMvtq_jR8LDDRJ3i3L1-tIKBAGxl-JMkxm5ZwEyI2Wa8K-2UIxhQY62BtPCioFxZZcYPoLkNRy2pJ6ls3ZkF4OxkOhafK03IUHbROP0WY8AazezPSuEWAQRd9k2IgD_4HDU7g5MIPAf7pxFd0PnN4jwPMUX0sC3iwAgCjGAPeK1P9-AWL32S1nWwxruynSV5LkvxsUxcNLKbTb8mav4OpqvpFvakUJnNz4220XjoAlhh9zs_ow8CN4VvABYT1wwENL_irjrzFB0UdnZmkqVeEoS5WQF6rSuECeAKTDleAFq6paZUjY2by4i_NBvfBOCMeIXr4-CsyWLPl6nYv4DQcGOkKLY_C5n9jhWFoogdmUrVpRPhGw2hs2ijz4Gu2dTYE5-BLyZXEOXlQHfODCbwQiYayBccLbRxMPjjuEk-KgXnfmrwQ1zizl-JMmyIMsXb24TsC3GG-JNzQxBApaBeNLb1tjLU2t-sDkbuXrWlOFMkKR1AYePjlEnxscKz3C9yIJJf6OXoBj9R6X2sLAFYTFwQmZtO19oIOEOJb_sIIRG5WLJDEKVhxyQHKoAxq7v8mMRELwPivIEfO3OAnmY6CJ-o7U13vdX-zcnEwOzLgw1nfeHpSPWFSWwbR51wuTD9oQXeb0WLAWNceNl-4ch22UepxU_DYhe93InDxO15xfoAUoVQ44NhOyWpeKZAmqO7d-KJ212QUeA43kfEGISvj1h9zuubmy_06DFPlaA8mz4v2D-MOh2zjYM2XzZ-aYBoe-WV4mTewFLSaaMkvHO1iYxxI6tfvQiZF9Z0JrRJOXjRtmAA9SCsFHUE1yY0QhqVSsVq6fwBu-U_ryfNGRU_tlq5GP0jAk9M2NbcuaO7fKzl-rq3my1P67n61GEcJt6XXIlWqvMVXC93FPJH45QPtXPB-IhQL1LhUd6QLjwJYHHJjgv_niFOE59c694eckYNyS3bMDJ8YSGj0YWZqYP1xxKzHAJPdwhh7_jhaY8VdCW_r29sQ_bAVHYsT43LjhYqbSXwIuvMrBRWmkUEMSpRWrB2IWgdVqvknJU-bdQhutX1hJrPB7XtCE_WcnkmMbkQoa31mTg0QZlIlbTfL3RjJtSPldtoCRMc8RS1cwna_Cra7bcj7JfByU06xLjJ-5qiyHrvB_nlCwW-xDmxtG2ar_TDzbKw7DeHdVHBX4fkED8Hxk-49rmS2McSO4f_1RL8n3HhS1LwUIHIx2AqBFZNtmO1XUZM9IESo9Qk0sFhNKfEIXroJLGwwEiiNWj6jvWZh8NbO0XrTJbOiwlX1XekgVTJ_zeb35Z81CETl3-C9wFPaxCZMBXxrOhy-DokLaiVPLCrZQls2T0X4S1hhoIAH9V3BwNcwFts-cM2Sba2Ugo_gHNIlevPaR4gxhCgvwFYDe0-vHOfLYT199mGScgPRe_mxlU8hnYtwePCcLzu_upy9oiJcrM52RsNX_mNo2wHj1QlH5Bi-Bw&cid=CAASEuRobY8VHgn6WCClgR0ZqVmenQ&rfl=2%2Chttps%253A%252F%252Fhawamer.com%252F%240

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

26abaff119d142e11bb9894fdff38b2031c3dcc018108ae78a277a4f96ff8a23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34790
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 1503 3 KB
1 KB 93ms
43ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:17:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 1503 17 KB
7 KB 78ms
29ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:24:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1503 0
0 43ms
30ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRskPWt_BK0VAX_tRog3xB0cqt0ZgWFYO4mss0NLSMYJUNlKf0GlceXm6csZQ9EpoD2pqdpi5BzsGrIXY4b_jk7wbDoNQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1503 140 KB
44 KB 44ms
42ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 03:13:27 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1503 42 B
63 B 55ms
54ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D105kYVVJinRrHZNMsdSvmVdkraxAujFcxggZP6IdO2xSEiA-sVRwGDyUoqjolJ-RpBsyXOt3CU4AlVid2jmp_bLNobUSC4hMX704lQjy3WzRQc84

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 4C0D 8 KB
893 B 87ms
39ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 21 Sep 2022 02:55:04 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 21 Sep 2022 03:13:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 21 Sep 2022 03:13:27 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 4C0D 2 KB
902 B 75ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2876
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 875
x-xss-protection: 0
server: cafe
etag: 16974406330603315520
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:25:31 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 4C0D 23 KB
9 KB 56ms
22ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 01:53:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4822
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9550
x-xss-protection: 0
server: cafe
etag: 715955199520789971
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 01:53:05 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 4C0D 3 KB
1 KB 75ms
51ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:17:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3368
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:17:19 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/ Frame 4C0D 17 KB
7 KB 57ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220915/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:24:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2933
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7552
x-xss-protection: 0
server: cafe
etag: 1588701280721430806
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:24:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4C0D 0
0 32ms
29ms Image
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTJF14HAvhKA5KnWxPEaaoLQWc7u6NrwQ8bRlP9RT-G6alvXLGT3Z7kvDuFXXm39sUa0p9WoZQfKDjVGhqVtbSqw3GkXg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4C0D 140 KB
44 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44544
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1663587528796173"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 03:13:27 GMT

GET
H3 200 026517f4e3185bf0f4d8fd76517024ed.js Show response
www.gstatic.com/mysidia/ Frame 4C0D 33 KB
13 KB 73ms
29ms Script
text/javascript 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/026517f4e3185bf0f4d8fd76517024ed.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 14:45:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 44882
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13694
x-xss-protection: 0
last-modified: Mon, 12 Sep 2022 21:57:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 19 Dec 2022 14:45:25 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4C0D 0
0 75ms
75ms Fetch
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CpxC7V4EqY8vuCbnd7_UPw6egyAOs_--dbOP7kd-_EPesvc-SMBABIIG6qxpglbKPgqAHoAGG3LiJA8gBCakCGkXcm1W6sD6oAwHIA8sEqgTWAU_Q5KNFBEX78-z_ZooOYU-C0IiQRrTTMeg9zqAI-1tQP8aD74BWu-Gs0ft7qGLvSH5qureWWoAvZ-a30xiTeDM8xc_IPDOu7QTTDJx5ZX5Hy-0dIVSr3TkvXzEY1B3yo3KGcXIFi-Pn6gQ9dbJOGdN_zcK8e9PrxilokaYya-81-Xp6QAqEFoECF0MrcR0AvVBg-y-eJyHPXUwJGN-wiwi_qDZPkfgSR4kXHggAQsS1LWCqBAR-kHGO9tLuzSeOdS_pglYwCzX24HKq8rtiZKbVKomNWlvABPyZ867_A5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfio8d2qAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ46UB0ggRCIDhgBAQARgfMgKqAjoCgECACgHICwHYEw7QFQGAFwGyFxwKGggAEhRwdWItMjc3OTgyOTcxMjE3ODY5MxgA&sigh=tj56ibYWdDI&uach_m=[UACH]&template_id=5000

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E784 143 B
166 B 29ms
24ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 02:39:22 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A97C 1 KB
749 B 26ms
21ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Wed, 21 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 9B16 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d28c972f83e2c201127b15186a3810a175499cbcf623208829a7b4226123cd4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/4037691253282431185/ Frame 4C0D 172 KB
173 KB 56ms
52ms Image
image/png 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4037691253282431185/downsize_200k_v1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fa572bfb1764ec20d3e97a249d246f78c581d30b51250bf20a50f4184f776c45

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Fri, 16 Sep 2022 22:52:34 GMT
x-content-type-options: nosniff
age: 361253
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 176591
x-xss-protection: 0
last-modified: Wed, 22 Jun 2022 14:54:49 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 16 Sep 2023 22:52:34 GMT

GET
DATA 200
OK truncated
/ Frame 4C0D 206 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame 4C0D 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame A555 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 581a6765cc74d97568aaed5f866f5bfb7f2b7927b63976c8f237c36b234efdf7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1

43 B
846 B

58ms
42ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK_mgtMBMAE&v=APEucNVJPH1h7aMFJOr5iDCz0k9CQEaZeYu79mJZKBMw3GBS_Yqg3li4k2McoTnXsqdVSBFQ0BXBh1qvNchRpPJ96Omr5EG2E5Dp4tiU5BxXMrfLZyiXZELgXIKU53uuni_9vfsULWKJxoZWBvAeRVoJEhDlS2EdZ4y8ddi1r4Y2YONYZ96aU2s
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74dfa004e9bb9a03-FRA
pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cQ%2F5TuFFEiBzlMCX%2FA%2FYU0fxXaRbSzcVc26jupgrk0ig672ajoYvj0%2BtOKAic%2FNU9lpi7hP91vzqfD7Guodi5iA9%2By6DACOnOj9yIfg1XyDbRXWeCOTj8iv3%2Bijv6AoP6YxHHN3QF6TfpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 8B7D
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YyqBV8V6Uns61sHuVem3IgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1

43 B
843 B

39ms
39ms

Image
image/gif

104.18.18.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK_mgtMBMAE&v=APEucNVJPH1h7aMFJOr5iDCz0k9CQEaZeYu79mJZKBMw3GBS_Yqg3li4k2McoTnXsqdVSBFQ0BXBh1qvNchRpPJ96Omr5EG2E5Dp4tiU5BxXMrfLZyiXZELgXIKU53uuni_9vfsULWKJxoZWBvAeRVoJEhDlS2EdZ4y8ddi1r4Y2YONYZ96aU2s
Protocol: H3
Server: 104.18.18.126 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

cf-ray: 74dfa005ba409a03-FRA
pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBLpFOUeR%2FZJ9D9a2PyHlgTQy%2FD9OnmB3AsMkEAyOAzpNaOqAhI9%2FjFk6Cgeo16qOF2CxAN1XhsUj5E1Rj24gIJN7788yIadmaJqyJJtWwMszDhG23D8ynuc1tJ6wlpVVUqiPWut5%2BWBwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
cache-control: no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEHS7qHp7A7802TtL_KMFrOc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 8B7D
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESED2yIlyup4LwSAqRyv7k5KY&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2yIlyup4LwSAqRyv7k5KY%26google_cver%3D1

43 B
1 KB

31ms
29ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2yIlyup4LwSAqRyv7k5KY%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CI-DLxCv7fgBGK_mgtMBMAE&v=APEucNVJPH1h7aMFJOr5iDCz0k9CQEaZeYu79mJZKBMw3GBS_Yqg3li4k2McoTnXsqdVSBFQ0BXBh1qvNchRpPJ96Omr5EG2E5Dp4tiU5BxXMrfLZyiXZELgXIKU53uuni_9vfsULWKJxoZWBvAeRVoJEhDlS2EdZ4y8ddi1r4Y2YONYZ96aU2s

Protocol

HTTP/1.1

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 03:13:27 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 521c4e7b-51cb-4b0f-8c31-5772fbbb413e
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 03:13:27 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 51631d2c-4580-431b-a787-0018a4cab6dd
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESED2yIlyup4LwSAqRyv7k5KY%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8B7D
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2OTAzMDU3OTgyODQyNzY0OA%3D%3D

170 B
188 B

34ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2OTAzMDU3OTgyODQyNzY0OA%3D%3D

Requested by

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 21 Sep 2022 03:13:27 GMT
X-Proxy-Origin: 84.19.175.184; 84.19.175.184; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid: 69929f42-aa90-497f-a4f1-e8a3cb832ed5
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=Mjg2OTAzMDU3OTgyODQyNzY0OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9B16 21 KB
22 KB 71ms
21ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8IacM9Wef3EJPWRrHjgE4B6CnlZxHVBg3etBD7TA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 22:44:30 GMT
x-content-type-options: nosniff
age: 16137
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21428
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:32:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 22:44:30 GMT

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 9B16 20 KB
20 KB 87ms
39ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 09:51:39 GMT
x-content-type-options: nosniff
age: 580908
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20784
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:21:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 09:51:39 GMT

GET
H2 200 express_html_obb_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 1503 119 KB
42 KB 104ms
22ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 11:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57827
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42405
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:28 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Sep 2022 11:09:40 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/ Frame 1503 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DBujSXRcdJGG_4_yu5nod88nQtabZ7fcvWKANkHS8kKlbK7VPWuXkztGQylWQ1u5ZC_SaCiljWoLlh1fmccwc5xikp1xT_YV4TNJNA00c-ngQoBI8NbppeCu5008TEoMxjz9yCA0wE7Cpm7cRbiId3YQJd8w&dbm_d=AKAmf-B2tvBPOFajT2MM_nze56fux6Qaq1Fj3y3ktMt_C5pWar1th2pGaqtP0Ma_zCOEqRomjq4bhgfQdsxiVv9YswIECc66weEYt5i-r_RAagw2gnNoxVcfsrVDeKWb2mx9NA6Z9KWloeqIpx9lEvYeZc7AiU0JI-SbEC75SN9MUCc6VHVlGgxUZ-NZc5HW9R7fSCqLnEwP5ew2wrvZMPp-wrnTJ1K_CrfhKf2l9qx9A1Cmahjf4v3YiS1atr6NiUEUTvpmbSZ0GiTSF1IjDAgpazIaFsJNbpMbY8IBjEaG6nr5TdLCiuC_s4YM-4m9LoMAZ7qtzkZZ69FddT_PSPFAnico2-k6gQje1Uo4NjEVqfunpYNAsfHIB-g0E8X01iDm535L9TCN9cZZcmjkRwm3xoJYVKUIsgmUWZMqCXWHnrK_4KK7nsuB422eZqqqqHej_qArb0-UBlHhw4eRpJrVstUTjz95XnYihgnjK_Xa6roqgDEXbh81Dt_myLD5yi5ND3TOuK7u6GyYFTxhyrLK32O652vxFTst0Xl3m4IU-Gujo6mECbw929ZgdrsOawLTe6yyKHVvgqY3AYCAJ2u6w6-AcN9vDJKkWKyFjOMrxc8A5jerGlGEpayuYBQ6xcFn4yx9rR3zqYtvr3qdefieslDl4hoG1P-z6GEiUpTZ4EKAcvH73e0EtEqLgZ6qqNtWY3xqKqqzVkbWnxhQIBkyqQ18sdNjitogVx7Is83wAFo_qYh1ZOFY14pXwssFkOSJPek3mxl_tTRpdBp8cjAlKWHVwo7cMBAsW3L_JywZRH2eKVzK1QjXSqnG4_vHy9_hFNi6s7QPKre1lDq9det0-c0mxJmceDVJ3bgU-FfGqcTGxkPN0vj9DSDC2RlA5sLWpyxsirv3ooLFG27em66DuTbcH3_Prs3pQtIVFU-wLfscHc3w6Q-z-cYTn-eu4T8i4My1WNuaCmmH9NKGQGC4dzwOWgvn76TrMep-z8NNw4AafttfsH3qEE6kjn-ph1jol55Op95x9XUY4FRfSHundKiSeiP49JpLEp1i-rsgh150IPhgQ1UWjNRNttogdvAI8XOtYQTbNiEQUfNB9Ye0PO8ikXSeNwCH7SHtC_8icptzA-C0-jApiviA_3VzQeLirCA2x9WHok1gTF4X74jn7AMYh32G6y14tJcD-9pl8L1FV2sW6QGKyFduKqmQRut-B3z4UN9v1Tc0JUrRvcNAWI2INvXtzhW1OJEGdK1exHIPyTuxDZysuGDzbUetUySAUgArqTgdX2ixRwTDNHxIqlOJzFF8COhXX1YOD1iI7Vs8486sLM-tkw2A1vPT2Skui0H_C36L_1tHunq_LoNA-5lMoZjfhIYFxkRawuHrXg0l0viw-mNNuysNq1-xCi-nylwfop1l5vgPuq-0eBiWELReguuYIztJZdUIm0SrDqHvr6_PsWNVGungvmH1bd34H0yldaI-8lXftz2aYHSXKSqxE8AX357IaXwjl_t7ykfGlgRzmLBxXW90FKYuWgJmbgqhB3SiTLpDZSqSviRKAvXvrEVFYsJhoxozPmUgeOZ711O7h8fp2fAKkzFjuGLnpxWPFw0VSc9T5WgoIIehNw3B7XO9uFsXLg3PkmthtANYntAPQPuG7OKzipT84KW5O3FIKdoQjOU9UlgO7_dg4X5yiY-8hV1TDAzamYFEUR_EPOaCJTK486tZ05721FFamlBxhW9rk5nmvZ_NkOdUoNiIdwqCpYgxxEz1qiKZKZ49ETn_GMttP-c7YHZXgnnGkaWLGZXPVAiYKaljxCWmqsNOB9YpqsvPHnHvjDqvmbSleWZxDQ6Mwq4KA_gNTdoGQ1HG6eq_COcWjTa4LqIJYBDIWnhjwq6p-_PSSxIvOcz-cAIQW9gnqVjxMCfxyYI9eZzC_zbAypnxoi6N7BpYH8SqTWT7rnPvU0-rqNBseyjjbKy2qvJN2mrRKDtLFN_IqD2MkOcf3kivO7-TpD0bl7DaK24FlR-Q3lLJmGqFofBqgUIDu7K2-nX_tam8psxTeTNXUW0Dz-QaUnlMNm7iMvtq_jR8LDDRJ3i3L1-tIKBAGxl-JMkxm5ZwEyI2Wa8K-2UIxhQY62BtPCioFxZZcYPoLkNRy2pJ6ls3ZkF4OxkOhafK03IUHbROP0WY8AazezPSuEWAQRd9k2IgD_4HDU7g5MIPAf7pxFd0PnN4jwPMUX0sC3iwAgCjGAPeK1P9-AWL32S1nWwxruynSV5LkvxsUxcNLKbTb8mav4OpqvpFvakUJnNz4220XjoAlhh9zs_ow8CN4VvABYT1wwENL_irjrzFB0UdnZmkqVeEoS5WQF6rSuECeAKTDleAFq6paZUjY2by4i_NBvfBOCMeIXr4-CsyWLPl6nYv4DQcGOkKLY_C5n9jhWFoogdmUrVpRPhGw2hs2ijz4Gu2dTYE5-BLyZXEOXlQHfODCbwQiYayBccLbRxMPjjuEk-KgXnfmrwQ1zizl-JMmyIMsXb24TsC3GG-JNzQxBApaBeNLb1tjLU2t-sDkbuXrWlOFMkKR1AYePjlEnxscKz3C9yIJJf6OXoBj9R6X2sLAFYTFwQmZtO19oIOEOJb_sIIRG5WLJDEKVhxyQHKoAxq7v8mMRELwPivIEfO3OAnmY6CJ-o7U13vdX-zcnEwOzLgw1nfeHpSPWFSWwbR51wuTD9oQXeb0WLAWNceNl-4ch22UepxU_DYhe93InDxO15xfoAUoVQ44NhOyWpeKZAmqO7d-KJ212QUeA43kfEGISvj1h9zuubmy_06DFPlaA8mz4v2D-MOh2zjYM2XzZ-aYBoe-WV4mTewFLSaaMkvHO1iYxxI6tfvQiZF9Z0JrRJOXjRtmAA9SCsFHUE1yY0QhqVSsVq6fwBu-U_ryfNGRU_tlq5GP0jAk9M2NbcuaO7fKzl-rq3my1P67n61GEcJt6XXIlWqvMVXC93FPJH45QPtXPB-IhQL1LhUd6QLjwJYHHJjgv_niFOE59c694eckYNyS3bMDJ8YSGj0YWZqYP1xxKzHAJPdwhh7_jhaY8VdCW_r29sQ_bAVHYsT43LjhYqbSXwIuvMrBRWmkUEMSpRWrB2IWgdVqvknJU-bdQhutX1hJrPB7XtCE_WcnkmMbkQoa31mTg0QZlIlbTfL3RjJtSPldtoCRMc8RS1cwna_Cra7bcj7JfByU06xLjJ-5qiyHrvB_nlCwW-xDmxtG2ar_TDzbKw7DeHdVHBX4fkED8Hxk-49rmS2McSO4f_1RL8n3HhS1LwUIHIx2AqBFZNtmO1XUZM9IESo9Qk0sFhNKfEIXroJLGwwEiiNWj6jvWZh8NbO0XrTJbOiwlX1XekgVTJ_zeb35Z81CETl3-C9wFPaxCZMBXxrOhy-DokLaiVPLCrZQls2T0X4S1hhoIAH9V3BwNcwFts-cM2Sba2Ugo_gHNIlevPaR4gxhCgvwFYDe0-vHOfLYT199mGScgPRe_mxlU8hnYtwePCcLzu_upy9oiJcrM52RsNX_mNo2wHj1QlH5Bi-Bw&cid=CAASEuRobY8VHgn6WCClgR0ZqVmenQ&rfl=2%2Chttps%253A%252F%252Fhawamer.com%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 02:48:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1495
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 02:48:32 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/ Frame 1503 30 KB
11 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220915/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:10:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11717
x-xss-protection: 0
server: cafe
etag: 8998177921611256807
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Oct 2022 03:10:53 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 109F 1 KB
749 B 22ms
21ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Wed, 21 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame A97C 35 B
463 B 82ms
22ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEFl3aUpzKdPq_Ne-3tXpL7g&google_cver=1&google_push=AZmPxg8PbRyZwhPzTayb-LINrwWBlPN8wF6D7V-1CgtOw6JF4BG7t_20s32wrkKKEh4TRx5RAprcreg7CSO3JRg5fjXF1PhrFwNv

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A97C
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-dmSpX...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg-dmSpX...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA5OTc0OTQxNzAxMg%3D%3D&google_push=AZmPxg-dmSpX4zWnDJorYICRyVRK9VbsEhqM2PM2cvvuAkdtlDw-pLKzvcD8hx7kRr7cJx...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA5OTc0OTQxNzAxMg%3D%3D&google_push=AZmPxg-dmSpX4zWnDJorYICRyVRK9VbsEhqM2PM2cvvuAkdtlDw-pLKzvcD8hx7kRr7cJxicsjk8ExZ5ajYLZHx6y_XB4jJus1Fhgw

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA5OTc0OTQxNzAxMg%3D%3D&google_push=AZmPxg-dmSpX4zWnDJorYICRyVRK9VbsEhqM2PM2cvvuAkdtlDw-pLKzvcD8hx7kRr7cJxicsjk8ExZ5ajYLZHx6y_XB4jJus1Fhgw
pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 21 Sep 2022 03:13:28 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame A97C 43 B
351 B 90ms
29ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESELTp3tDf2J_2wqdJ0ApIMMU&google_cver=1&google_push=AZmPxg_A0__nLSF09GQ1ViBiQ6jhAtgIWA6FPTWWrdSx2EoHE2Qb5a7yfAx2NDfemH-PtbPvKRybK_MABamIqmxpvs7-FPp2VJ6c7g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:26 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 76ut9tfvasbc9vfrk6lg0ppuj8bcnbpg

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A97C 0
166 B 115ms
26ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESECklkSaCnYrdxNaHck73LCo&google_cver=1&google_push=AZmPxg_oYnm8geRtX2ULdYkzxO_jtkUdDg6LCsrZXgIAXAp_TAqjlfrILL9m5xUW8vPR0C448qn6i31QyogcDUA5QdiEyY78YB2Akg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A97C
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEIPj9fxQCfb8uqrMm6EHTx8&google_cver=1&google_push=AZmPxg9HJaVIvRrgUFz5UWAEDEu_LeCUkOMLL6jh3lakxwyh-GQhsCyGCpUik4edY5GXsC99X7g...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMTQtMTItOUJVWQ==&google_push=AZmPxg9HJaVIvRrgUFz5UWAEDEu_LeCUkOMLL6jh3lakxwyh-GQhsCyGCpUik4edY5GXsC99X7gbL6Q5VlO_f68XT8riYqPOb2omcw

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMTQtMTItOUJVWQ==&google_push=AZmPxg9HJaVIvRrgUFz5UWAEDEu_LeCUkOMLL6jh3lakxwyh-GQhsCyGCpUik4edY5GXsC99X7gbL6Q5VlO_f68XT8riYqPOb2omcw

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMTQtMTItOUJVWQ==&google_push=AZmPxg9HJaVIvRrgUFz5UWAEDEu_LeCUkOMLL6jh3lakxwyh-GQhsCyGCpUik4edY5GXsC99X7gbL6Q5VlO_f68XT8riYqPOb2omcw
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A97C
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEFdyaaUtofryHIfXX73sHlM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdyaaUtofryHIfXX73sHlM&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-gPrUMnX4WZQT7RoqViEquoNpIwRiN9...

170 B
188 B

33ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdyaaUtofryHIfXX73sHlM&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-gPrUMnX4WZQT7RoqViEquoNpIwRiN9fiKPpFUIqB6A0kBK3WaBW7O7kIcAD8rKVlrbfX6hiGZolzigJlzBNPvifkG-tc6Ww

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v7cx9LVcP3LtD3yHgXa8FAwmvvceHX6910pZuu7Ab7764kz0D7xrynhggtafANF9N%2FOqNUQdOHCl%2Bc7aPPPvj6SNxRL8osTPWuUzjz1CEInstcIcAu9r4xrwMLB2FCeAKN6JaU%2F7RIwCnw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEFdyaaUtofryHIfXX73sHlM&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-gPrUMnX4WZQT7RoqViEquoNpIwRiN9fiKPpFUIqB6A0kBK3WaBW7O7kIcAD8rKVlrbfX6hiGZolzigJlzBNPvifkG-tc6Ww
cache-control: no-cache
cf-ray: 74dfa0051f209096-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame A97C 43 B
297 B 361ms
35ms Image
image/gif 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJfKIMZEy-StGDwy-JdlGoI&google_cver=1&google_push=AZmPxg-FtKOK0M1zLcdtFQRVjBD8blLZkgYX_1VljkRLS3yt1JvF0xlUxzXgg5uR75giVtcN9nNlJED1tEeyHuj8TOu1-3p86U6L
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=4012414888&adf=3466896142&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006764&bpp=1&bdt=253&idt=360&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=383&ady=3468&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=5XJWkJ4dBi&p=https%3A//hawamer.com&dtd=362
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A97C 0
50 B 33ms
32ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KLYVyH5Mwm1nAvj_PxpaBAXlfKh2PLUrvlmZ06wyHM-P_RcxrdI7hOt-m2eeyvBLjKsKy2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 4C0D 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2bdef30944765321861b7104e21250b59a4443e92ae196a11c3ca47107df1107

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E784
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

45ms
37ms

Document
text/html

2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 03:13:27 GMT
expires: Wed, 21 Sep 2022 03:13:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 21 Sep 2022 03:13:27 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame C322 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1503 41 KB
15 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 12:32:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52829
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 20 Sep 2023 12:32:58 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B47A 1 KB
749 B 23ms
22ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 42103
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 15:31:44 GMT
etag: 48472445140208031
expires: Wed, 21 Sep 2022 15:31:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1503 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c3b9157c1aad7c51ab12b67b9e2b37481a9d4d7fddf2885c412702b9072f5700

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v45/ Frame 4C0D 28 KB
28 KB 68ms
23ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 14 Sep 2022 08:44:44 GMT
x-content-type-options: nosniff
age: 584923
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28288
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Sep 2023 08:44:44 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 046C 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 109F 35 B
462 B 27ms
23ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEBEc15-lkMx5E36k0WHsxgU&google_cver=1&google_push=AZmPxg8mcXSaRK94XY2HFPgWJNKr0ttIV0HTccDOdHuxjL94_G6me8volNUub1fRotueZ_UanJyzNYR8pGoJdd4IxF-Mw1ieMw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame 109F 0
98 B 89ms
31ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_SAXDqhsEPBZJhchWxcXxcK3XbqbZHatonweQNkGmineYMm6Vr1KqGJA_46p5Q1d2b-9S-_TMm2VazfDxAOq-ErLxi&google_gid=CAESEM4z5VvctQjL48AUvItUs2o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 109F
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg955dfi...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg955dfi...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA0MjgxOTU0OTQ5NQ%3D%3D&google_push=AZmPxg955dfi55W_6kus7lQs2LpgrcVasJpuj3GWmHUThdJyTjxnnPfQpTn4t8ucBgq7gf...

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA0MjgxOTU0OTQ5NQ%3D%3D&google_push=AZmPxg955dfi55W_6kus7lQs2LpgrcVasJpuj3GWmHUThdJyTjxnnPfQpTn4t8ucBgq7gfYZfslGPdR7C2Pw8RU8Ec-oYfRSUw

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA5MjEwMzEzMjgwMDA0MjgxOTU0OTQ5NQ%3D%3D&google_push=AZmPxg955dfi55W_6kus7lQs2LpgrcVasJpuj3GWmHUThdJyTjxnnPfQpTn4t8ucBgq7gfYZfslGPdR7C2Pw8RU8Ec-oYfRSUw
pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Wed, 21 Sep 2022 03:13:28 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 109F 43 B
134 B 33ms
30ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEEHxseK1mO_vw9q4aSsDm6A&google_cver=1&google_push=AZmPxg-92SDQXCQ6kmbfXJfOgJWmnFsTyfkEfc1s7jOP-iU9h-xLH4JMpJSJz5j8dLtWhB5LiSVk2Ua8_KYrbk-VLZ446fNAmA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: impk7m2qb121mbf9dgchqt5athn47s41

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 109F 0
41 B 43ms
27ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEGhLF0oeX1ZpBHsrMy8Yw9M&google_cver=1&google_push=AZmPxg_CURoPSq-JJ-av7f5NL3m7dzXHS3M3FB7YWsfcZ2ho03wGwQ691C09QdqXzDqtPSUX6_dJ90DUjuDvOhTGVp1TdXG6eA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:26 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 109F
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESECijgRgTKVkJTHIhzJQ9kHg&google_cver=1&google_push=AZmPxg8QFzm-0xQ5Tn3lQL8e3DwYT3qXi-tuyiikFS2Q7F2810eOBbZFWghxbaHwa5irDd0hDdi...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMkQtMUktOVlHSQ==&google_push=AZmPxg8QFzm-0xQ5Tn3lQL8e3DwYT3qXi-tuyiikFS2Q7F2810eOBbZFWghxbaHwa5irDd0hDdi_pg9K1g4UrJ7q37Mz4HJXPA

170 B
188 B

31ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMkQtMUktOVlHSQ==&google_push=AZmPxg8QFzm-0xQ5Tn3lQL8e3DwYT3qXi-tuyiikFS2Q7F2810eOBbZFWghxbaHwa5irDd0hDdi_pg9K1g4UrJ7q37Mz4HJXPA

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyMkQtMUktOVlHSQ==&google_push=AZmPxg8QFzm-0xQ5Tn3lQL8e3DwYT3qXi-tuyiikFS2Q7F2810eOBbZFWghxbaHwa5irDd0hDdi_pg9K1g4UrJ7q37Mz4HJXPA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 109F 43 B
296 B 290ms
36ms Image
image/gif 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEPkHIFIEU8Jhk1Ky8MypIY4&google_cver=1&google_push=AZmPxg-DXsTrIYDWWoA2F7wU9rwwpv0iQP_Jx7ng7Fofm447-Y3gIYnhLAX-Sx_nX1BFce8e33LhDn59SwLI1zcDQuw4Mk5l-g
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 109F 0
12 B 73ms
29ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KjbJI7V5sWscKSLoXwAuDScBGqMNcwLWtf6xVIYuVFkpFz1xTxzWDAan6VYGKT5GchtsSX

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:27 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/ Frame 97D1 5 KB
2 KB 67ms
22ms Document
text/html 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

befaaf91e753a8c9d15844f017da9eef8b6392b1e2815feecf9a0a29e8f41454

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 142612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 1543
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Sep 2022 11:36:35 GMT
expires: Tue, 19 Sep 2023 11:36:35 GMT
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1503 0
622 B 137ms
70ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstImB1egNem_kQwi0XKO10KWusc70ne04HijfBQ6te2qd--yZDzpcRDgyz1OdQeEq_47t5dIefOf96RyK5k9AlW5FqkSTPu5Ript_7XK7iwk85cb_z_RRouO2L44IYsj8wp5L_KuFZpDhcL6haDl0pijTnY1EzEdaxyekNub5ZuM4-cXUIFEwePSXoKYSpgynWrLpEITjRS24-E2VP7k_-5QkhpCjXOZblCcnDd5PNAwWBUS_mXKgl8iCulXRWj4VMcFYZDP8K1yXIv2h1-THggC70r7VAQxIZD2Gp9yBDOunZNHxf6iBVYWP5Ks9DdV9PI6TYc-_O6T4R5qGXIJbn_AzsjeuaTcdBfGMh3q3wh4PNhC0u-O_A5_fRjW6L_kd93fI36SaL7J0v2AuvqqUF0Whl3C7TwmG5MO0m-uPi-AemoxD_JeAJ4HFBd0DimyAevv0FU-2I-lA5Y_yFRsdHBKZ0CbgpjP6wCT_Vd3jgumQDuVc9EgoyCegzNBYjm3I7NWkRgJQt37KVkCbnhLUSunGtYRcNOQBImz-NM5hc5ld4G8-NBzs_3zJUYT4u9J6ncp7F1cE_INBa8F2H9yh6S_AWuW9lEgsXak-B-Zl21M9JpshqVhLCe4DJwwcnVq7v9kF1vp0xLNytUsDU_Z3_rGHwTUxM4O3nG0w6vVBLb5BTgSG99EEBfWN8B9Z7hn96sT1EVt65npAuSILPmjzpKALz9DkyZH8RzOHiNzPv5ScoDdL4BFwCzuN_v3qNBensns3Gt_5kRw5a1HCPi0PN56ixgYOuQDBAwvEN-5OVC_95CYxzDYYL3D-LZmthFyK1Kp1Sd9X9hiEwmAdWcwOED-HJG5t5GCHx7fxTGU6_G-KcFRw_Z0ZDmqdYGCNBHInMsV3MifDoSGeyZIQIp7x7s9I6aEf_iyxMZAbpTujD9Sm48xTARNRTqkvOebccQwRUug-pBhYAZ9rk70bHS4Z5gKjQZuozUzEKKLC4twaYs4LfB5EwFPwTzpxgYBMz8pC1njW6-k4BalpADJhvRKI0nDegkF2Gyt6BP00CVWH0BQdw7MSGm2aCglXuhdmslxqHYg6XRkvi-5IUiAEDKLqyYHdZsgAyPClNRf7H9NWD-8vx7fMzGyz6-lGRiMcu68IAcZVSH3z-rs_lOfjsCObS1Sgyd7uOwZIFzqzLxtWXhF7LhRzsfm8HA26ypE0gXseXydPVAsCRDkdSmi416B91UvJRvyIGq9B-8k63MSN80FD1EzsySnr6_8V6OXxey-mBvQampMV6OMwaMZZuj8qo1B0zQ&sai=AMfl-YQ5vEFJohGECqlnt-XedNS0BAeuHu19Mhuz0nS29rxQoITc0Ff5IA453THo4fGLLZSE3lt4nW_8TUlgLAzGfkdENzMBjlNxmmyeHdMOOl4Vun4aVtQ2tovzFXBFvlSFvhLdEWAgPB3tZD3-dtLIv4FUx7mqksKv&sig=Cg0ArKJSzC9iycEycIqhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=208&cbvp=1&cstd=205&cisv=r20220915.08729&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
date: Wed, 21 Sep 2022 03:13:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F102 22 KB
8 KB 22ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 52768
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 12:33:59 GMT
expires: Wed, 20 Sep 2023 12:33:59 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame F06F 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2748486221&adk=2384799907&adf=3977851281&pi=t.ma~as.2748486221&w=1200&fwrn=4&fwrnh=100&lmt=1663730007&rafmt=1&format=1200x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006765&bpp=1&bdt=254&idt=366&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C336x280%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=193&ady=3786&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=f10oudyxl2&p=https%3A//hawamer.com&dtd=369

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63902
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B47A
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM3VlJE88qFD6oEJtNjQvXQ&google_cver=1&google_push=AZmPxg9Leh9Z2mZ-CXcf8wuoTrA2u35l9R7DjRqB6W0HWGo5ZnfZz6DVs4...
https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9Leh9Z2mZ-CXcf8wuoTrA2u35l9R7DjRqB6W0HWGo5ZnfZz6DVs4pVirgyxX7RqADbEeWpMnG0mh0p3vMULbLWlBFHZsw&google_hm=1o0G-u2oRb6Re...

170 B
188 B

32ms
31ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9Leh9Z2mZ-CXcf8wuoTrA2u35l9R7DjRqB6W0HWGo5ZnfZz6DVs4pVirgyxX7RqADbEeWpMnG0mh0p3vMULbLWlBFHZsw&google_hm=1o0G-u2oRb6Re-Olc5xN4w

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?&google_nid=B765081F39B1F7&google_push=AZmPxg9Leh9Z2mZ-CXcf8wuoTrA2u35l9R7DjRqB6W0HWGo5ZnfZz6DVs4pVirgyxX7RqADbEeWpMnG0mh0p3vMULbLWlBFHZsw&google_hm=1o0G-u2oRb6Re-Olc5xN4w
pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3 451 466606.gif
id.rlcdn.com/ Frame B47A 0
9 B 74ms
30ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-zvhb-yC2UDpZUToQhUfu1705gGpLU56tRRCAUxHyta2mtVPUEECFMEgLj6MSfyw37TX_HMVIz_YLg34exlCdR52kupw&google_gid=CAESEGdRjsUpGJAJ1hHXHfz3_g4&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:28 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 dds
rtb.openx.net/sync/ Frame B47A 43 B
64 B 57ms
32ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEJAKZQUMvbZ5pc6lR8rDw2o&google_cver=1&google_push=AZmPxg-CFYFVy2E2UCIeAMpJ1exRenZfOOSMiwCVhqxmMisndJrBXZkDNnglSR9AC3OFj3FmG5ynyrlS5O3H39n11Cd2sWIpcg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:27 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: c8c9590vkaen50tcn2r75cu9b434cmft

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B47A 0
41 B 28ms
26ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEBdSJ75jVudSM6wZgpU8muY&google_cver=1&google_push=AZmPxg92H-NQYYc2O8edsfwraBrwuWLMGRSokMWyOKXof9M2FJWStTpH5JVg2gJIzvNXjvPb5A1HFt2qT7APyaly1JPE7LS5_w
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B47A
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESELATO-oZdc6d9oW5EEe1c5s&google_cver=1&google_push=AZmPxg-D7OZnFHcpX4oIBPNyZ85aHrZULrXetxSWMxjEvzf8BZD_R18773zeRgOTMmgK7aX6AxB...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyNFAtVi03T0RG&google_push=AZmPxg-D7OZnFHcpX4oIBPNyZ85aHrZULrXetxSWMxjEvzf8BZD_R18773zeRgOTMmgK7aX6AxBGv5SRE3DLAhst-wvGqg62VPc

170 B
188 B

33ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyNFAtVi03T0RG&google_push=AZmPxg-D7OZnFHcpX4oIBPNyZ85aHrZULrXetxSWMxjEvzf8BZD_R18773zeRgOTMmgK7aX6AxBGv5SRE3DLAhst-wvGqg62VPc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhCMVcyNFAtVi03T0RG&google_push=AZmPxg-D7OZnFHcpX4oIBPNyZ85aHrZULrXetxSWMxjEvzf8BZD_R18773zeRgOTMmgK7aX6AxBGv5SRE3DLAhst-wvGqg62VPc
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B47A
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEPuYgWCDU4ngfWxXpKUm-oo&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPuYgWCDU4ngfWxXpKUm-oo&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-s4Opkyqm3b3cn0b2sjR3yGxB3lTsfS...

170 B
188 B

32ms
32ms

Image
image/png

142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPuYgWCDU4ngfWxXpKUm-oo&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-s4Opkyqm3b3cn0b2sjR3yGxB3lTsfSbBLMe4r75iH621oCF2FXhP-uPlVJbSwoAF6Pjnl_sXUVypLZePggOGS2WTgCCs

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sp9LdbPMDtdEsB17T5Wsjb7jkJfSfQx0LuKBloC3pjqMYeJkAp5EJyCSm4IgdQNyfDaD%2BFG5fLB51UP9zYdT8YR7k3L%2B6hUODKpFtlU6MJHF%2B1kZzdKQvVVh60hKnW9%2Ff8JeBpbinCCJLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEPuYgWCDU4ngfWxXpKUm-oo&google_hm=YyqBV8V6Uns61sHuVem3IgAABHkAAAAB&google_nid=index&google_push=AZmPxg-s4Opkyqm3b3cn0b2sjR3yGxB3lTsfSbBLMe4r75iH621oCF2FXhP-uPlVJbSwoAF6Pjnl_sXUVypLZePggOGS2WTgCCs
cache-control: no-cache
cf-ray: 74dfa006397cbbec-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame B47A 43 B
295 B 140ms
36ms Image
image/gif 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKx4nPtX7akxbJTF4LZUCLw&google_cver=1&google_push=AZmPxg-fZOWjW2O0vENTZNNro7DQ7Q4YovYW0YaW-sXSN7KZk2PDij1sWzkPWJBGP5p2ws5vW6LVpIiFrA2S-Zg68cTaRW0_kLo
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame B47A 0
12 B 30ms
29ms Image
text/html 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IUFv8JTH815nKcVL2DGmdYGfvzBsibv4epDpSMc1VnoXdXqLxZloDSn24MHpA8HjJqx-3h

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2779829712178693&output=html&h=280&slotname=2181485600&adk=523166342&adf=280945892&pi=t.ma~as.2181485600&w=336&lmt=1663730007&format=336x280&url=https%3A%2F%2Fhawamer.com%2Fvb%2Findex.php&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1663730006763&bpp=1&bdt=252&idt=350&shv=r20220915&mjsv=m202209080101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=1&correlator=6694352045891&frm=20&pv=1&ga_vid=645438071.1663730007&ga_sid=1663730007&ga_hid=1577915488&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=113&ady=653&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31069511%2C42531706%2C44767166%2C31069751%2C44773747%2C31067826%2C31062931&oid=2&pvsid=329631927462144&tmod=1889695088&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=v2iZKWMBjO&p=https%3A//hawamer.com&dtd=352

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:28 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 style.css
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/css/ Frame 97D1 2 KB
764 B 23ms
22ms Stylesheet
text/css 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0239b3855d8062eecec81f302b3e10a8b0ff514d0da5cf0d2cca5b4ca2af871f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 735
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 97D1 60 KB
24 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 21 Sep 2022 03:13:28 GMT

GET
H3 200 bg1.jpg
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 34 KB
34 KB 22ms
22ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/bg1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0e6b4c4bcf3e891103c564587b4cd069ab3e5a3f3ebcd9062e5bdf16d366d8f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35038
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 txt1a.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 2 KB
2 KB 30ms
29ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/txt1a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14ec0a56adcbd4ce08a14b659f540b3cc0cca5ed3094b55fe907040c6035ec31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2020
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 txt1b.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 723 B
750 B 40ms
37ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/txt1b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

93bbbd05a36ee0871b82405f3041451a5d86ae429d5fc103df3bbaef868a0e02

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 723
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 bg2.jpg
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 36 KB
36 KB 30ms
28ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/bg2.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ad42c74553fa28ff524ae8d95b1017f085a632d376fa4c6169947881ab7783fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36454
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 txt2a.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 2 KB
2 KB 52ms
50ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/txt2a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e58ff3693aa08e935dd83865df5e6c8af4ce2bf69aff4867c0766102ad4a093b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2055
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 txt2b.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 809 B
836 B 40ms
38ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/txt2b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

09132b3bc1428ba04c63f91f845bb9aa97faf0ef6d8b551ec0d2eeb900ba545a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 809
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 bg3.jpg
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 29 KB
29 KB 40ms
38ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/bg3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8a9b84177fc9eae523507750ca61d0059aae069f059b2000ad67f48e5e07c8c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30018
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 txt3.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 3 KB
3 KB 51ms
49ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/txt3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0d849abff0643891197ba4959abc9d8a437abd7463908f717fa63224a0a4be43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2763
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 bg4.jpg
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 27 KB
27 KB 56ms
54ms Image
image/jpeg 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/bg4.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d960f024afdaad4beb76c3e4a1f3c1852fab6cf4c7355fed63b63a93dc32621b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27570
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 txt4.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 1 KB
1 KB 50ms
48ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/txt4.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0cf0e3815982cf2b8d32fd34dcf6ce2fd4fb020e2581c4630491c1cefe34c467

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1394
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 cta.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 1 KB
1 KB 49ms
47ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/cta.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50b510e2dd49932259618aaa1abbe0c9f1238b797d596a1f75ba45faeea73fd9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1159
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 cta1.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 2 KB
2 KB 46ms
45ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/cta1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95e19d3c387502f641761c911d05395bab2a1abe2afb4cdbbb154ace9ac582d7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1738
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 info.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 427 B
454 B 48ms
47ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/info.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63b75b5720cc754eb2633eaf811ad35447d95d5f1fe0ef45134b84939f9def0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 427
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 legal.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 43 KB
43 KB 52ms
51ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/legal.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c8ab85ef047afd8b0783989a060bba1e6c4a0dd4aeaf6d54fde0e4bb8dee3068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44145
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 logo.png
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/ Frame 97D1 2 KB
2 KB 45ms
44ms Image
image/png 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/images/logo.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf5beb2d9113f6021cd167ae1f84b6e18e08b1c3b1871f28cb5720569495931f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2075
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 script.js Show response
s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/script/ Frame 97D1 4 KB
997 B 23ms
22ms Script
application/x-javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/script/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e257b75d32a1a12bb174b4087139c7724bfd5ff8496c8218ab49f69fe7705ee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/10377848951215717446/MAZ_P220062_MAZDA_MMD_CX-60_Open_Weeks_Bond_HTML_300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Mon, 19 Sep 2022 11:36:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142612
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 968
x-xss-protection: 0
last-modified: Thu, 08 Sep 2022 08:53:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 19 Sep 2023 11:36:36 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame F102 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1503 0
26 B 108ms
61ms Ping
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstImB1egNem_kQwi0XKO10KWusc70ne04HijfBQ6te2qd--yZDzpcRDgyz1OdQeEq_47t5dIefOf96RyK5k9AlW5FqkSTPu5Ript_7XK7iwk85cb_z_RRouO2L44IYsj8wp5L_KuFZpDhcL6haDl0pijTnY1EzEdaxyekNub5ZuM4-cXUIFEwePSXoKYSpgynWrLpEITjRS24-E2VP7k_-5QkhpCjXOZblCcnDd5PNAwWBUS_mXKgl8iCulXRWj4VMcFYZDP8K1yXIv2h1-THggC70r7VAQxIZD2Gp9yBDOunZNHxf6iBVYWP5Ks9DdV9PI6TYc-_O6T4R5qGXIJbn_AzsjeuaTcdBfGMh3q3wh4PNhC0u-O_A5_fRjW6L_kd93fI36SaL7J0v2AuvqqUF0Whl3C7TwmG5MO0m-uPi-AemoxD_JeAJ4HFBd0DimyAevv0FU-2I-lA5Y_yFRsdHBKZ0CbgpjP6wCT_Vd3jgumQDuVc9EgoyCegzNBYjm3I7NWkRgJQt37KVkCbnhLUSunGtYRcNOQBImz-NM5hc5ld4G8-NBzs_3zJUYT4u9J6ncp7F1cE_INBa8F2H9yh6S_AWuW9lEgsXak-B-Zl21M9JpshqVhLCe4DJwwcnVq7v9kF1vp0xLNytUsDU_Z3_rGHwTUxM4O3nG0w6vVBLb5BTgSG99EEBfWN8B9Z7hn96sT1EVt65npAuSILPmjzpKALz9DkyZH8RzOHiNzPv5ScoDdL4BFwCzuN_v3qNBensns3Gt_5kRw5a1HCPi0PN56ixgYOuQDBAwvEN-5OVC_95CYxzDYYL3D-LZmthFyK1Kp1Sd9X9hiEwmAdWcwOED-HJG5t5GCHx7fxTGU6_G-KcFRw_Z0ZDmqdYGCNBHInMsV3MifDoSGeyZIQIp7x7s9I6aEf_iyxMZAbpTujD9Sm48xTARNRTqkvOebccQwRUug-pBhYAZ9rk70bHS4Z5gKjQZuozUzEKKLC4twaYs4LfB5EwFPwTzpxgYBMz8pC1njW6-k4BalpADJhvRKI0nDegkF2Gyt6BP00CVWH0BQdw7MSGm2aCglXuhdmslxqHYg6XRkvi-5IUiAEDKLqyYHdZsgAyPClNRf7H9NWD-8vx7fMzGyz6-lGRiMcu68IAcZVSH3z-rs_lOfjsCObS1Sgyd7uOwZIFzqzLxtWXhF7LhRzsfm8HA26ypE0gXseXydPVAsCRDkdSmi416B91UvJRvyIGq9B-8k63MSN80FD1EzsySnr6_8V6OXxey-mBvQampMV6OMwaMZZuj8qo1B0zQ&sai=AMfl-YQ5vEFJohGECqlnt-XedNS0BAeuHu19Mhuz0nS29rxQoITc0Ff5IA453THo4fGLLZSE3lt4nW_8TUlgLAzGfkdENzMBjlNxmmyeHdMOOl4Vun4aVtQ2tovzFXBFvlSFvhLdEWAgPB3tZD3-dtLIv4FUx7mqksKv&sig=Cg0ArKJSzC9iycEycIqhEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=425&vt=11&dtpt=217&dett=3&cstd=205&cisv=r20220915.08729&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&adurl=

Requested by

Host: hawamer.com
URL: https://hawamer.com/vb/index.php

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f130.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 03:13:28 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1503 7 KB
5 KB 76ms
34ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=latest&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b67a774bb40e46fd808113dae652aaf2a3b984c4b1d975629312fe0eed17868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5591
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 83ms
42ms XHR
application/json 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220915&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ba3a9349f6cbdbcf13d6390f7ecf07ac6629c1680029a0e77605c4a6facf7fc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 21 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11262
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F102 0
20 B 57ms
57ms Image
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bq5HyV4EqY_XGI8OB9u8PkfuyoAIAAAAAOAHgBAI&bg=!AgGlAUXNAAZqQh0mSkI7ACkAdvg8WrmN5fd0jE1IhuB7J5K8xfxgEAhAyuKsWKRDPdYElSy31LqkugIAAABdUgAAAAJoAQeZAuLZpyqqQUmv72mSP7cJ9Q9VYMlEKkGdmO8N36FkDrW_5L9gXM7Q6MnShEEQph1IbvjTLkVij0IDmm9ZLa0FjffR6Emqke7EPtuhovgMEGcyN11TC0IUkoLk1p7-uc5AfW709PTeyHLpqeEVYV9WxR7J81cLMhOWR29Gk4iJfx_oNoSJ2Wuz1iTngLJQpJvHqfA_seHhDG3bmUvSzYyC8kvlplINBAMUBgiqn3f1pGZg_-X4sMnnFP2fR7xp802nSwWgz_zqXU-BKQVv2fdpWHyAqiHpflifS2RRvJwqJhgnwSgoHA2c9gbPQFJb6ZDJiq9Pr_PQElDq5TyvqG3GDUDf5MMsW7kGA-nVA_vu9Nvkjk61a8ZQ-8U7V51_Ym4qFwZrvbmUymPxEB3qoYhkl3otKBhyhakCmJfuZgy8vQy8Cmsws_1pSDAdIoFtYNnzPSoEHkVrUW2-T80TnFmbWMn3O9W0YWZCkiJYtCVwAxDeeqSzZMz5A1SBjh2ob-E_qHd7hcdUhBdDVsiW15uPuctK1UMUQiKu3MksdcdusjFE43tbQF6FmS6u0sPHRgUeADIhCqo8l14sPK-pngVNiWp6eACRhj1yUQHt1lnnj7Ld4APcAXq1lW_xio35hCvm7NZZiis10tcS6vBMf7_nN19PkNWGUSMh8-XUK6grhHzTl2oNRtzPDWCb_wJGm-g_MBDg0vFKrIqaYJNapyghWCt1104cMtt5ZUnRgnE0Rd_i-8bksPlWbJ_bwr809FarfirBNAPWXTRdxhuQ-Jr3h_r4QZVgmr3ObmH4pPBslXl1PWR6SXv3QPI_sxdMCWaAapVCZkLulhPXjGEgK0lndGnlHVBKfog1hP8y9uuin5uZjyaHzge5782b27OjAm5Xl33m5Ti5kmhtv9qI9_WyKbe52Z-QHeXIj9OV-wFslnTxh8AiK-8M6pC4vp9S9CInKrBs7sKXdYJWLM-enlkEyQEVUcI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1503 17 KB
6 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_obb_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 03:13:28 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 21 Sep 2022 03:13:28 GMT

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame 62D6 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame C2C5 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 28946
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 20 Sep 2022 19:11:02 GMT
expires: Wed, 20 Sep 2023 19:11:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame E85B 783 B
536 B 33ms
32ms Document
text/html 2a00:1450:4001:806::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78ce26702856d875b4f1935ec5f6b1e14fde083651f32fe919346ecd7bcb978e

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-i7_N0L0lDfvRl21XWjA_7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://hawamer.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-i7_N0L0lDfvRl21XWjA_7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 03:13:28 GMT
expires: Wed, 21 Sep 2022 03:13:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame E85B 0
0 54ms
53ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220915&jk=329631927462144&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js Show response
pagead2.googlesyndication.com/bg/ Frame C2C5 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IIqf1vOd-6pW952NlRsbn4M3wW5PqZJVav1GItm6W8s.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Tue, 20 Sep 2022 09:28:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63903
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16029
x-xss-protection: 0
last-modified: Tue, 13 Sep 2022 10:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 20 Sep 2023 09:28:25 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame C2C5 0
10 B 22ms
21ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fw3TRw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 03:13:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 a
www.googletagmanager.com/ 0
17 B 34ms
34ms Image
image/gif 2a00:1450:4001:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.googletagmanager.com/a?id=GTM-N32RH97&cv=30&v=3&t=t&pid=1373190049&rv=9j0&es=1&e=gtm.load&eid=9&u=AAAAAAAAAAAAAAAg&tc=5&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
server: Google Tag Manager
vary: *
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9B16 42 B
64 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkTtLVlZ0jsdPL7dBQpZSOQ3J7CZLQ90_TqXuSO6U_o7x9xdhj8aMxdM4dilD_E3SYNMc5mKwh5jqNuJ9fivTsYIIDZZso-VHyVS8oIhkIZ-YduiA5CYymwyd2ku476EaruP_1KQ&sai=AMfl-YTMK9-xxiE4CsJvjIDruZXXnS2SeFMb2vGSZDhKOpRTUo91r2ev1H9L5cEFbV4Hq2tL1zOcXRtysx1I&sig=Cg0ArKJSzG0OvK7-QXtzEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=2916847107&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663730006940&rpt=872&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 57ms
57ms Image
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220915&jk=329631927462144&bg=!pqWlpeHNAAZqQh0mSkI7ACkAdvg8WrHMlnubDW0QhdZqfVGykI35dWl18smdt-0U8q4uqHfEX4ik4gIAAABPUgAAAAJoAQeZApfiVoCjyOJW0-B0bmTTQaxcBCiABaz8xuyRNvfT4MdRVf75M0zsnEYsgSb1A_k6MKj6bzFOju9uUw6SJ1EzVDPBWktTen6sJstEboX8p6YmpKfaE3Ete8WMkbkW5fsLS8-PMJAtfCLWQZEpZJQCd4I-b6KowSY5X9ViY6T2JVdi9fmwQMCqwEvHn-A9f3GgTpTCsJjrUB_fA0UdllN3Hk2mMhXXWVtidgePe_BObeAvPRyij_Qh8ATYBdEICJTAwLzdh_4TSvMr8TF3UPhb6UYqJyVXQH78B2VEi_AfahrcZ8PMHv1jfrJMIsjLBKLt8W0J4CRe1OKfuJ7La-B68t0ZYBdnwA5so8YLHH9a1p1d-Y4pA7TwLw3n7_zdV8W53gxay9SPXv6-7-GMbV0BcWif3GptNjWee5Qd_pBhGuZWjd-4Rrt5rKHI4eQE1rSrlIKm3NXrmT8vrDPiaOMVg-fJ1KZlfCPtHRYBpNFCawBgjBanPjJRGchwWZJdOrZDvr0tS-vac4uy1Hav-tos6_QFk54c7NlL2ik64jSBOYFyUsfImVZzN8z1W4cwdfAo-1GIahYhCzJ1FU1tSaQQqcxfp73h0VTqzhctPpyefPW5oJhpIdx7hNLIsrOXeeld7YlaEr4F75IGCM65m9jpC376zKz9bw6RyBjoXj85C5_isxjHOIfiYdtWzgqHaiXiYHT9lb5a3XszE3lpt5Sjt5kLG5cBJTnT0RPd6uwFLMmmZYOeFGLj2_tTcGZ2VPDSDkQrJIbk1Zyji415QYHBNofiH1CLsWYHRmTIkwLn9QnFxRq1qn9pxm7G59-GJSLeXTpRi0WLJ6szuc6c7YfwUNOwa_sZCcKIlVV19HGLtharA4VGbWqhJ8A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hawamer.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1503 42 B
64 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsswQukrKfNRy-jHktHE-1SfbSqPRCKWh7MkGM0zKRneB4EXoRhcqcDSuHNjFZBcjfinRAKypgpEKT2kWOE_VSu-GdMFLmdJeDr6hbpHFC02WJ4YBvUYXNjd2GpYeGdVE-rlwu_vEQ&sai=AMfl-YRCH8qD3hg9tTn-Avv5gJRb3AEOY2q_Rk-ZAOM7sgCcHnvrtL1MTHu1OBLZ7SgvpdO2QFWwK71R3sI-Ln3EHHgDczoJic3u9mdpNw&sig=Cg0ArKJSzPv4gwTtlekLEAE&cid=CAASEuRobY8VHgn6WCClgR0ZqVmenQ&id=lidar2&mcvt=1000&p=0,0,250,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220919&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=523166342&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1663730007551&rpt=462&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.5195.125 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 21 Sep 2022 03:13:29 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

190 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
hawamer.com/	1969-12-31 23:59:59	Name: mohcinesessionhash Value: 4361fd1aabd5f8a98c72592197b3ff37
hawamer.com/	1970-01-20 14:54:26	Name: mohcinelastvisit Value: 1663730005
hawamer.com/	1970-01-20 14:54:26	Name: mohcinelastactivity Value: 0
.hawamer.com/	1970-01-20 06:10:16	Name: _gid Value: GA1.2.1209499755.1663730007
.hawamer.com/	1970-01-20 06:08:50	Name: _gat_UA-12654981-1 Value: 1
.hawamer.com/	1970-01-20 15:44:50	Name: _ga_PGRLQHN6EK Value: GS1.1.1663730006.1.0.1663730006.0.0.0
.hawamer.com/	1970-01-20 15:44:50	Name: _ga Value: GA1.1.645438071.1663730007
.hawamer.com/	1970-01-20 06:08:51	Name: __cf_bm Value: YXhwB2_IdsnmHYKSGoScT_egtILUSK_kVa3pyCDfeIE-1663730007-0-AVVcb1mGrHiSnVptf5okTjzbT6t/m9gGPv3RSSyXwRDbDzIROgmuda+59DzNe5uAsGJ9M0W9U/rtYh9JgVQaaT5Bc62uK49D9w0LM0Hh0lLH/Kd2SsP7OmoxXZY5YB9NPw==
.hawamer.com/	1970-01-20 15:30:26	Name: __gads Value: ID=c31e79d267e66a8b:T=1663730007:S=ALNI_MY-hHLMm-dMFyAdlFNBXxOKH_4s3Q
.doubleclick.net/	1970-01-20 15:30:26	Name: IDE Value: AHWqTUlOutp1umShSdiCNQSTpr5djJid2OYB2hcUqTp2CRs9TFRPbKbMOro1S2r3rL8
.casalemedia.com/	1970-01-20 14:54:26	Name: CMID Value: YyqBV8V6Uns61sHuVem3IgAA
.casalemedia.com/	1970-01-20 08:18:26	Name: CMPS Value: 1145
.casalemedia.com/	1970-01-20 08:18:26	Name: CMPRO Value: 1145
.quantserve.com/	1970-01-20 08:18:26	Name: d Value: ECwBCQGTJ4EA
.quantserve.com/	1970-01-20 15:39:04	Name: mc Value: 632a8157-d17eb-5101c-44d4a
.doubleclick.net/	1970-01-20 06:08:53	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 08:18:26	Name: uuid2 Value: 2869030579828427648
.adnxs.com/	1970-01-20 08:18:26	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GUktzaY(!@wnfH8K6pQK`!5=E<L5?%Lz[:!O#_J'IhZeeZ>3[??%7TWDM?[+qQ[lV_=%nugO%v4VB%nmmV%8Nw
.casalemedia.com/	1970-01-20 08:18:26	Name: CMTS Value: 5150
.e.dlx.addthis.com/	1970-01-20 15:39:04	Name: na_tc Value: Y
.innovid.com/	1970-01-20 08:18:26	Name: uuid Value: f6ecb07b-ecc0-40e5-b6ed-bd266d0c801e-20220920 23:13:28
.addthis.com/	1970-01-20 15:39:04	Name: na_tc Value: Y
.dlx.addthis.com/	1970-01-20 06:52:02	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 06:52:02	Name: na_sr Value: 20220921
.dlx.addthis.com/	1970-01-20 06:08:50	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 06:52:02	Name: na_sc_e Value: 0
.addthis.com/	1970-01-20 15:39:04	Name: na_id Value: 2022092103132800042819549495
.addthis.com/	1970-01-20 15:39:04	Name: uid Value: 632a81588be3abb1
.addthis.com/	1970-01-20 15:39:04	Name: ouid Value: 632a81580001adff5a2ab4b214d791dbbac0bbdf67d320428019

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.googletagservices.com/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg_SAXDqhsEPBZJhchWxcXxcK3XbqbZHatonweQNkGmineYMm6Vr1KqGJA_46p5Q1d2b-9S-_TMm2VazfDxAOq-ErLxi&google_gid=CAESEM4z5VvctQjL48AUvItUs2o&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAZmPxg-zvhb-yC2UDpZUToQhUfu1705gGpLU56tRRCAUxHyta2mtVPUEECFMEgLj6MSfyw37TX_HMVIz_YLg34exlCdR52kupw&google_gid=CAESEGdRjsUpGJAJ1hHXHfz3_g4&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a957b41b5de9382aee439650bcc74285.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
ag.innovid.com
ajax.googleapis.com
cm.g.doubleclick.net
cms.quantserve.com
dsum-sec.casalemedia.com
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hawamer.com
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
region1.google-analytics.com
rtb.openx.net
s0.2mdn.net
securepubads.g.doubleclick.net
ssum-sec.casalemedia.com
static.doubleclick.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
104.18.18.126
104.18.19.126
142.250.185.162
142.250.185.166
172.217.16.130
185.89.210.122
198.47.127.19
2001:4860:4802:34::36
23.7.201.234
2606:4700:10::6814:1e0b
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::2006
2a00:1450:4001:806::2004
2a00:1450:4001:806::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2001
2a00:1450:4001:811::2006
2a00:1450:4001:813::2002
2a00:1450:4001:828::200a
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:400c:c03::9d
2a05:d01c:1d8:8102:cb38:c6a1:ed1a:b7ce
35.186.253.211
35.244.174.68
69.173.144.165
0239b3855d8062eecec81f302b3e10a8b0ff514d0da5cf0d2cca5b4ca2af871f
09132b3bc1428ba04c63f91f845bb9aa97faf0ef6d8b551ec0d2eeb900ba545a
09226dc6bb5bfcbeaab03057fdc16af4efce2a4b76bceaca9e6815ea349d32c4
0b67a774bb40e46fd808113dae652aaf2a3b984c4b1d975629312fe0eed17868
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0cf0e3815982cf2b8d32fd34dcf6ce2fd4fb020e2581c4630491c1cefe34c467
0d15e1f0ee0de92951261fafd238fe4cd970411f4b3511414470ce5728f31999
0d28c972f83e2c201127b15186a3810a175499cbcf623208829a7b4226123cd4
0d71b1f9bb2c1439edff9c640fedc7e649eeaa3a1d5b5b08199a6877b3328a71
0d849abff0643891197ba4959abc9d8a437abd7463908f717fa63224a0a4be43
0e6b4c4bcf3e891103c564587b4cd069ab3e5a3f3ebcd9062e5bdf16d366d8f7
108f1b08245f938ff7ba1e4494d95a7d5ef4704f022b95cb94296c7efc46d20e
10bf6a7d0ff6343528d6fccd9b63643ff28cc12eedbe3ebc47bc5ab6862e2a9e
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14ec0a56adcbd4ce08a14b659f540b3cc0cca5ed3094b55fe907040c6035ec31
155141b2b3db4c030c80a332f8eb7efe9ade08aa35c9993207b74eb2c2e9e4e4
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
183f9a7c5ffb8321d9ba11e68c274f4060d0c9efc87275402a94c41ba5f59a04
1960e96dffec2f85eb5815b99af79f54998d8cecb7272b033e4ca7c3f008a03a
208a9fd6f39dfbaa56f79d8d951b1b9f8337c16e4fa992556afd4622d9ba5bcb
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26abaff119d142e11bb9894fdff38b2031c3dcc018108ae78a277a4f96ff8a23
270e8803da88a35e505288da53079fc6528002d7821abfd0d10be61819353471
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2bdef30944765321861b7104e21250b59a4443e92ae196a11c3ca47107df1107
2ed90f1ebfb7ab763e48c4d8cb416694a9a0dd0c97d3ad90df28f978557e4a7b
3171d41aa3f920ce61b139412e8a88a4d36c46f7370f5569a70e9a6b1ab75cda
3210e9d6c10584c3db3c7b4dce234b7785cca673062791c3480cbee1fb26ec41
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
3539efdeb1c6f51783f415235ec492eaedc7ee475b6e3ed1208470282931a0cc
3739d298ac8233f1e4fc8259cc76997573168ae88f671ebbc7420f02ba468262
38c5697100f4beb86d7d1364407cd3a16783ede5e7c13e007102312cf16198ed
3febfda090b36a98dc79c7f52ac75c354d1d29bd03828982b246b63005cbd5a9
408ca8a34678a0031d413d72bd297a317cf632ef12c195448c9b7469d5a8b27a
40ff2fd0d97080e168855dc03f686a313c1394f11be58808fd1dc38a0b62054c
421b9ce865704be5c68333dd4976e2529828f5317dca749342e67d3671b2d555
42fa7740568dc6425cd4a5562e89e67632280349e368fe348914d808064c9ffc
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
460b54e379503b72fa23a97803300647f0738d5ecc1d5c2dd090d2a43acccc80
4a6fab14bfe7b33fe5dc5349a2bb3720037e0ed7ebe621b352340f9514d83c08
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cf6f3dffbc65f9231255bf31f40ddc84a45bc57428b41d6786afc7153b90b7a
4d27c38511ced0d6449a1e329bc0528c35afbf7b1e829a9c4397be7f9ac57456
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50b510e2dd49932259618aaa1abbe0c9f1238b797d596a1f75ba45faeea73fd9
527309ba6e7b3fb503dfdef866abd615e4662cbe9c4d604529f5555b7099e098
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
581a6765cc74d97568aaed5f866f5bfb7f2b7927b63976c8f237c36b234efdf7
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
58f08e722618af80b645e5ff076f7a315a764cc9726cc5f230c2e2356d87c85f
596e6f38669dbf684cd17986903fb3422a90eb793c85ceecf28e70a8088d51d8
5bdff4ebf1aec5c400565d6ed99415c66bf37f1df96591c17c5e73913d36fc36
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63b75b5720cc754eb2633eaf811ad35447d95d5f1fe0ef45134b84939f9def0d
6aecc59e2029b3620197bb7074a8e11839e0305f71885afa972b2df49c600fa1
6b7648f196516186e81f7018f420992e92cda2acc994e50ab669492380a5999c
7348579c41b9264b67476504697d1205b3a40f15b3442ca6457eef60542670a9
75eaf57f47ee4ca619b8d23bbe5013bbcf9160fcbfe2b647952a5f22f53009ba
78ce26702856d875b4f1935ec5f6b1e14fde083651f32fe919346ecd7bcb978e
82dafeb5dcfdbae610a12b1744faf91e84b97b54b76a8fba2dfbfe08bff15936
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87699878773345d6e7207ceab7074468991c353d70ceb8586fde33a5d40d6929
8a9b84177fc9eae523507750ca61d0059aae069f059b2000ad67f48e5e07c8c3
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8b287fe669612c0c79631618f9e2da3316b86effaecb2555348e7ebd50e653c8
92a7f8224a1ba2ccfa92d3e1fc55ee5aa7ae20a0fcd80d3331bd660878a090f5
93bbbd05a36ee0871b82405f3041451a5d86ae429d5fc103df3bbaef868a0e02
93c42da1bb50f07b79321a02d58ba029a7a6acfb73a02fd3bb536fbc395fcd17
93ee3429fd6062afe638c809df7dbf2bb151a184ab61070a2e9623c7f15daf3e
95e19d3c387502f641761c911d05395bab2a1abe2afb4cdbbb154ace9ac582d7
981c0bff12cb03203363a70e8ffe9b7fdf4af3b0b10c7a02a639eb13327574c0
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9e236ae5a5773e2cb58d4f57dea675b60cfbd1324f768a42002fbc21d63aca56
9e25469f734732205f33dd80ff8ca12080406c18d2fa99a1f368103e51f7999f
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b
ad42c74553fa28ff524ae8d95b1017f085a632d376fa4c6169947881ab7783fa
afa3435876a6813db3ec6e48272ed141066e66ff36b311af071c0ed4902d16d9
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3076020cd540f3dcc5fc44bc8df009b6ccd1ab1bb47c10c72ea826ebededc8d
b47bd1e586888ea8d223fbc2d5e8592e7e8c2b61e3937f9248fb4b7faf34fb41
b64c070e33c73628d39ab223f17487bc8efb2944794231186aeef2c3e32f5288
ba151539d549e1659ceead292f8b87fafc25ba11b7057e921be5b5e536bdf257
ba3a9349f6cbdbcf13d6390f7ecf07ac6629c1680029a0e77605c4a6facf7fc7
bc7dfeed40c0a8d3c61a9e256ac99484c2f60a5a5bb120512ea19a229ad896f2
bdf72009ad226c17f1954ba602292902a780b80af07dbcbab1322bdf5c32be66
befaaf91e753a8c9d15844f017da9eef8b6392b1e2815feecf9a0a29e8f41454
c03bea64b39cd6d9d4fafd380a0ceb4f1dfaa14456175e99037b5fcef161791c
c3b9157c1aad7c51ab12b67b9e2b37481a9d4d7fddf2885c412702b9072f5700
c8ab85ef047afd8b0783989a060bba1e6c4a0dd4aeaf6d54fde0e4bb8dee3068
cd8e5c68aee27e167f062fe548878379b5c7e5a409f08f706b470711c6b63ea2
cf5beb2d9113f6021cd167ae1f84b6e18e08b1c3b1871f28cb5720569495931f
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d960f024afdaad4beb76c3e4a1f3c1852fab6cf4c7355fed63b63a93dc32621b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e1d51f417340eb0dbedd599d0502f3a4f7cfafa3ec8f443d0b73be4db2a8595f
e257b75d32a1a12bb174b4087139c7724bfd5ff8496c8218ab49f69fe7705ee9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4b74e0f8d8de7bb5b830c21228dc6d720783b30a9d1e8f99414704a9f061bd9
e58ff3693aa08e935dd83865df5e6c8af4ce2bf69aff4867c0766102ad4a093b
e5c353031c9d6f0347536a290c1dd1507cc8ee2f62f7b1f572c820320b7b06da
e658790158fe348fcc8d328c7c8bd06aa42ce2cda12823e771cf04d21185ef88
e8b66ec1a9f300160bbfeaabe9662fcaa6c19e8c09113be399a1e85a0155f52b
ed44e345a8354731787a4fc575c66363aac13eebd6007b88aecd8a1deea341df
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f066c599940ef1093a72d95661748c1706830641ad7bbcb1cb66d919464f6203
f196c6637d673478272c283119d0358057d13141de72f601d3f7b6efc7c7188b
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fa572bfb1764ec20d3e97a249d246f78c581d30b51250bf20a50f4184f776c45
fa5b4147cc7fae08d74099c0bd253d17f91d178b3611a87b092e225b93e22df3
fb7989597f1a10a56bd83de6a26eefec44a0c704979fb5e06f02195bc9cebfce

hawamer.com Open in urlscan Pro 2606:4700:10::6814:1e0b Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

184 Requests

92 %HTTPS

67 %IPv6

21 Domains

35 Subdomains

31 IPs

6 Countries

2794 kBTransfer

5145 kBSize

29 Cookies

4 Outgoing links

Redirected requests

184 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

hawamer.com Open in urlscan Pro
2606:4700:10::6814:1e0b Public Scan

Screenshot
Live screenshot

Full Image

184
Requests

92 %
HTTPS

67 %
IPv6

21
Domains

35
Subdomains

31
IPs

6
Countries

2794 kB
Transfer

5145 kB
Size

29
Cookies

184 HTTP transactions
6 data transactions