bezalela.com Open in urlscan Pro
162.0.232.43 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bezalela.com/
Submission Tags: phishing
Submission: On November 28 via api (November 28th 2022, 4:15:50 pm UTC) from US — Scanned from DE

Summary HTTP 152 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 23 IPs in 5 countries across 26 domains to perform 152 HTTP transactions. The main IP is 162.0.232.43, located in United States and belongs to NAMECHEAP-NET, US. The main domain is bezalela.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 19th 2022. Valid for: 7 months.

This is the only time bezalela.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	162.0.232.43 162.0.232.43	22612 (NAMECHEAP...) (NAMECHEAP-NET)
7	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
21	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4 8	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1 12	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a02:fa8:8806... 2a02:fa8:8806:13::1400	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
6 6	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	34.98.67.61 34.98.67.61	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 4	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832	16509 (AMAZON-02) (AMAZON-02)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:80e::2008	() ()
1	2001:4860:480... 2001:4860:4802:34::36	() ()
152	23

34 162.0.232.43 (United States)

ASN22612 (NAMECHEAP-NET, US)
PTR: premium129-3.web-hosting.com

bezalela.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 4 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 142.250.186.130 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:13::1400 (Singapore)

ASN41041 (VCLK-EU-SE, US)

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.18.33.19 (None, ) 6 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.64.190.78 (United Kingdom) 2 redirects

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany) 2 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2008 (None, )

ASN- ()

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (None, )

ASN- ()

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 cm.g.doubleclick.net — Cisco Umbrella Rank: 271	131 KB
34	bezalela.com bezalela.com	3 MB
31	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 131 tpc.googlesyndication.com — Cisco Umbrella Rank: 182	913 KB
17	gstatic.com fonts.gstatic.com www.gstatic.com	261 KB
11	google.com 4 redirects adservice.google.com — Cisco Umbrella Rank: 121 www.google.com — Cisco Umbrella Rank: 16	2 KB
7	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 107	2 KB
6	casalemedia.com 6 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 562	6 KB
4	pubmatic.com 2 redirects image6.pubmatic.com — Cisco Umbrella Rank: 871	1 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 219	617 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 5200	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2489	1 KB
2	rubiconproject.com 2 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 411	975 B
2	openx.net rtb.openx.net — Cisco Umbrella Rank: 1980	487 B
2	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 956	801 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 472	1 KB
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 1083 r.turn.com — Cisco Umbrella Rank: 4504	869 B
1	google-analytics.com region1.google-analytics.com	345 B
1	googletagmanager.com www.googletagmanager.com	77 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 2331	297 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 1265	356 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 454	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 602	919 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 4274	104 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 961	699 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
0	onetag-sys.com Failed onetag-sys.com Failed
152	26

	Domain	Requested by
34	bezalela.com	bezalela.com
22	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
21	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	cm.g.doubleclick.net	1 redirects googleads.g.doubleclick.net bezalela.com
10	pagead2.googlesyndication.com	bezalela.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
9	fonts.gstatic.com	fonts.googleapis.com
8	www.google.com	4 redirects googleads.g.doubleclick.net tpc.googlesyndication.com
8	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	bezalela.com googleads.g.doubleclick.net
6	ssum-sec.casalemedia.com	6 redirects
4	image6.pubmatic.com	2 redirects googleads.g.doubleclick.net
4	www.googletagservices.com	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	e.dlx.addthis.com	2 redirects
2	pixel.rubiconproject.com	2 redirects
2	rtb.openx.net	googleads.g.doubleclick.net
2	cms.quantserve.com	googleads.g.doubleclick.net
2	eb2.3lift.com	2 redirects
1	region1.google-analytics.com	www.googletagmanager.com
1	www.googletagmanager.com	bezalela.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	match.adsrvr.org	googleads.g.doubleclick.net
1	sync.mathtag.com	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	r.turn.com	googleads.g.doubleclick.net
1	ad.turn.com	1 redirects
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
0	onetag-sys.com Failed	googleads.g.doubleclick.net
152	31

This site contains links to these domains. Also see Links.

Domain
wordpress.org
www.candidthemes.com

Subject Issuer	Validity	Valid
bezalela.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-19` - `2023-05-05`	7 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2022-08-09` - `2023-09-10`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh

This page contains 18 frames:

Primary Page: https://bezalela.com/
Frame ID: E4B8A798D83C35EDEBC2502521C7AC11
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html
Frame ID: BCD97F240E13E9B1CECB3752DA6A94C3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&adk=1812271804&adf=3025194257&lmt=1669652144&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fbezalela.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652144490&bpp=8&bdt=1230&idt=243&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1007807982019&frm=20&pv=2&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&fsapi=1&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=259
Frame ID: 7919B2CA93B61A186A900900CA0A32C1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669652144&rafmt=1&to=qs&pwprc=2324655530&format=1200x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652144498&bpp=3&bdt=1238&idt=256&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=259
Frame ID: E1B9B8E9350308431AB42E1D755986C8
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Frame ID: DF12DEA126E3F9642D030570D8CE2C5D
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
Frame ID: B18797D53C31729546492EDFB008155B
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
Frame ID: 87D295EC4675317B8AAA46D63E8AD2E2
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Frame ID: 1AE1227883E4014552784722A9750E98
Requests: 5 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 850FD6D75C3D085DA543C3952A988DAB
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 3AF62877FFE6B6E711FD310EA91157ED
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 87DADBD2B0E452A33A0352293227208F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A4C164210516964603D52DF1A4211592
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 9E2AA602DFE4E93CA4C03D45B742E341
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 8EC0BE6D00C54F54A52DDE63FA48C7CF
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 99A5118FCFA7398C215A585DABCD0388
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B631C0F6B20184742EA09D2191B6E883
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FDCA0356951767384C5887D2C8C50056
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3577FFCC41679504133E20AB3611CF0D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

noti juegos – Bienvenidos

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery Migrate (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

152
Requests

91 %
HTTPS

59 %
IPv6

26
Domains

31
Subdomains

23
IPs

5
Countries

5077 kB
Transfer

6447 kB
Size

21
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://wordpress.org/
Title: Proudly powered by WordPress

Search URL Search Domain Scan URL

URL: http://www.candidthemes.com/
Title: Candid Themes

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 110

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOAnFrPcmIVlYrH6Guy2aPA&google_cver=1&google_push=ASkJ3FaWjhof_o4y4QzDyiyMmT0lBUincuhEqZHtZPtO69yLUYyWuUbWCDK1_b7wILwNaP9PqHDpYsnaGCqVzFx4OFeEH7fpbuaAIBnm7R0l9oon_o6RG2qjT7Ew6dQhz0Qk5AfpG-jyCVnb50-X_eVLcj_n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA4Nzk2MjA1NDM2ODA3NzY1Nw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOUrQNgIFlP3YTZovEAujyA&google_cver=1

Request Chain 112

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECEqPJPL_YgcMv50-wXmZYU&google_cver=1&google_push=ASkJ3FaTMBxqpa8LFyHMHTFHdcDo68sI8NnDPGaOJLeC9GBC8v_fJRlch7rS8GJPbUn9p0sklkuOai1i7FtAg01OJzPJ3DNUbcYs9AXRZ2fehlAHffUhAmTjIr6rHTfc3XZ2TlrkDcwTShTY_0Sg5l6EX2MYgg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaTMBxqpa8LFyHMHTFHdcDo68sI8NnDPGaOJLeC9GBC8v_fJRlch7rS8GJPbUn9p0sklkuOai1i7FtAg01OJzPJ3DNUbcYs9AXRZ2fehlAHffUhAmTjIr6rHTfc3XZ2TlrkDcwTShTY_0Sg5l6EX2MYgg

Request Chain 114

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_cver=1&google_push=ASkJ3FaDcmhCaoJ1Nr9Wpe-KjRQY1QCVHgrGLw6tBQEtGQQbPALoK3y6s15qlcuHvoabCeYmwgK_ssj0w7Z7m0oWjptIMhRhZj2zDcENCoVpgXhmmNI-2vCCLvkbgxrPzCyMn2Xju62AOUFF_l9gopQ-duVw HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_push=ASkJ3FaDcmhCaoJ1Nr9Wpe-KjRQY1QCVHgrGLw6tBQEtGQQbPALoK3y6s15qlcuHvoabCeYmwgK_ssj0w7Z7m0oWjptIMhRhZj2zDcENCoVpgXhmmNI-2vCCLvkbgxrPzCyMn2Xju62AOUFF_l9gopQ-duVw&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FaDcmhCaoJ1Nr9Wpe-KjRQY1QCVHgrGLw6tBQEtGQQbPALoK3y6s15qlcuHvoabCeYmwgK_ssj0w7Z7m0oWjptIMhRhZj2zDcENCoVpgXhmmNI-2vCCLvkbgxrPzCyMn2Xju62AOUFF_l9gopQ-duVw

Request Chain 115

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFrT9YUIzJDKodhcH5wa25E&google_cver=1&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411sbEuY0Kd4wdVYEYXzTM1RsNXGgjHYhNjj8mLYeXGxJwPacdtydYMLztSvgHdF9Y-ghxLtrNKM4SqMoVv0RDrPFC4i18vgy3pCX0KHA HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411sbEuY0Kd4wdVYEYXzTM1RsNXGgjHYhNjj8mLYeXGxJwPacdtydYMLztSvgHdF9Y-ghxLtrNKM4SqMoVv0RDrPFC4i18vgy3pCX0KHA&google_gid=CAESEFrT9YUIzJDKodhcH5wa25E HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM4OTgzODY2NTQyODcwNzE3ODgyMQ%3D%3D&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411sbEuY0Kd4wdVYEYXzTM1RsNXGgjHYhNjj8mLYeXGxJwPacdtydYMLztSvgHdF9Y-ghxLtrNKM4SqMoVv0RDrPFC4i18vgy3pCX0KHA

Request Chain 118

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 122

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE8L4W6h4aCyMsxKAZ_NSeY&google_cver=1&google_push=ASkJ3FY5LaSDx_Kc5PcUlGwDYO33Uo_-QyvIg-hyQae_D1GTdshPcCF-iYbqyAK4xT3nzxMQ3M2_0EELgDDI4WqkSeitg8QXE1Y HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE8L4W6h4aCyMsxKAZ_NSeY&google_cver=1&google_push=ASkJ3FY5LaSDx_Kc5PcUlGwDYO33Uo_-QyvIg-hyQae_D1GTdshPcCF-iYbqyAK4xT3nzxMQ3M2_0EELgDDI4WqkSeitg8QXE1Y&rdf=1

Request Chain 123

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOUz0XBDyJ5Hw3LdywxjAO4&google_cver=1&google_push=ASkJ3FbWvEEr5oiYbZvCeli2ljoFsnLROcibjEaEBkFiGHxyrBCyU4px4olPevASMoYAD2hXcJ2YmxdoaflwU217BzZ5yxbmOA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUUwtMVUtQURQNQ==&google_push=ASkJ3FbWvEEr5oiYbZvCeli2ljoFsnLROcibjEaEBkFiGHxyrBCyU4px4olPevASMoYAD2hXcJ2YmxdoaflwU217BzZ5yxbmOA

Request Chain 124

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_cver=1&google_push=ASkJ3FYABZmw8IY9-aKN-I6o8U-oyYzWze00Tl00OOqz0MQa4ycUMPR7rv8YBUx92VOICVNL2xiz7rP5q4-tW98FrNjatZgV6g HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_push=ASkJ3FYABZmw8IY9-aKN-I6o8U-oyYzWze00Tl00OOqz0MQa4ycUMPR7rv8YBUx92VOICVNL2xiz7rP5q4-tW98FrNjatZgV6g&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FYABZmw8IY9-aKN-I6o8U-oyYzWze00Tl00OOqz0MQa4ycUMPR7rv8YBUx92VOICVNL2xiz7rP5q4-tW98FrNjatZgV6g

Request Chain 128

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbSTil0AUfP8ytxMJgI2snvwBpoakPoXULaHLVD0hhMt58eMPkA83hkn-zG8bO0oFNfJpLyPH5JI_ajrR3tTLTNvzc_LNvCe3tf1RmQ0xiYoaZMinL3TfgN-Bh_XjEFzz6ol8BR2Z6KoltkaqZzVzI&google_gid=CAESEPDz3YY1gmDJ-n_U8gtg9i8&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbSTil0AUfP8ytxMJgI2snvwBpoakPoXULaHLVD0hhMt58eMPkA83hkn-zG8bO0oFNfJpLyPH5JI_ajrR3tTLTNvzc_LNvCe3tf1RmQ0xiYoaZMinL3TfgN-Bh_XjEFzz6ol8BR2Z6KoltkaqZzVzI&google_gid=CAESEPDz3YY1gmDJ-n_U8gtg9i8&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxNjE1NDcwMDAxMjUxNjA4Njk3Mw%3D%3D&google_push=ASkJ3FbSTil0AUfP8ytxMJgI2snvwBpoakPoXULaHLVD0hhMt58eMPkA83hkn-zG8bO0oFNfJpLyPH5JI_ajrR3tTLTNvzc_LNvCe3tf1RmQ0xiYoaZMinL3TfgN-Bh_XjEFzz6ol8BR2Z6KoltkaqZzVzI

Request Chain 130

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOTl1_fnLX3xUE8D-HSW8-o&google_cver=1&google_push=ASkJ3Fa1zUT5DwlliANabAWWggkzx-b578w744KHl8sOzHVGb2fnl3hMaExbDNoF1GnzAF40Jx4Y8JZOCpHRyutdo_TExtoYRQHKE-oRRwy8sDrsv17cZDuOLLGEjM6ejVOPBSUlkvR_hI0aLALQrs1EGDo HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOTl1_fnLX3xUE8D-HSW8-o&google_cver=1&google_push=ASkJ3Fa1zUT5DwlliANabAWWggkzx-b578w744KHl8sOzHVGb2fnl3hMaExbDNoF1GnzAF40Jx4Y8JZOCpHRyutdo_TExtoYRQHKE-oRRwy8sDrsv17cZDuOLLGEjM6ejVOPBSUlkvR_hI0aLALQrs1EGDo&rdf=1

Request Chain 131

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO9ZWUqWtYrd-zLaky7vr50&google_cver=1&google_push=ASkJ3FaJEEbtlJc4e_v2ywDDM1hN1sAlV4EjcGNX4ZoO4Jfs6GbZCBRnGJavpa8yQUGFJ1FAXcSFiOj6XRrSYKqbwTfbcFshEJZuUjJfNcl7g1nd4UO5hoaH4VAPwLwaylj7wcJ_gZFKQzBW6b9q9Y1QEio HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUU4tMUctQUJXMg==&google_push=ASkJ3FaJEEbtlJc4e_v2ywDDM1hN1sAlV4EjcGNX4ZoO4Jfs6GbZCBRnGJavpa8yQUGFJ1FAXcSFiOj6XRrSYKqbwTfbcFshEJZuUjJfNcl7g1nd4UO5hoaH4VAPwLwaylj7wcJ_gZFKQzBW6b9q9Y1QEio

Request Chain 132

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_cver=1&google_push=ASkJ3Fbp9CQ2h8YojVxG8fgqx02MfZrxBWvvqLqGri03z8oEXX1MoqUYRIVVf3W2RaLjjwJ5vazvBUubPQH5xXAHg8bJPXoB2rHAhdFWwGnPnOtUS35mGLrMgMBMfl9KZPgW3LAhMrBIM1uRe5CmnoBNSHY HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_push=ASkJ3Fbp9CQ2h8YojVxG8fgqx02MfZrxBWvvqLqGri03z8oEXX1MoqUYRIVVf3W2RaLjjwJ5vazvBUubPQH5xXAHg8bJPXoB2rHAhdFWwGnPnOtUS35mGLrMgMBMfl9KZPgW3LAhMrBIM1uRe5CmnoBNSHY&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3Fbp9CQ2h8YojVxG8fgqx02MfZrxBWvvqLqGri03z8oEXX1MoqUYRIVVf3W2RaLjjwJ5vazvBUubPQH5xXAHg8bJPXoB2rHAhdFWwGnPnOtUS35mGLrMgMBMfl9KZPgW3LAhMrBIM1uRe5CmnoBNSHY

Request Chain 135

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 136

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

152 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bezalela.com/ 75 KB
13 KB 1094ms
710ms Document
text/html 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 414dd6732f8bc04b8cf1988b7005397d87287fb025c41d84c5b045abe0ff0947

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-length: 12630
content-type: text/html; charset=UTF-8
date: Mon, 28 Nov 2022 16:15:43 GMT
etag: "7747-1669647297;br"
link: <https://bezalela.com/wp-json/>; rel="https://api.w.org/"
server: LiteSpeed
vary: Accept-Encoding
x-litespeed-cache: hit
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.min.css
bezalela.com/wp-includes/css/dist/block-library/ 93 KB
12 KB 285ms
281ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Tue, 15 Nov 2022 22:01:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 11616
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 classic-themes.min.css
bezalela.com/wp-includes/css/ 217 B
416 B 299ms
295ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
last-modified: Wed, 02 Nov 2022 10:00:20 GMT
server: LiteSpeed
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 217
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 styles.css
bezalela.com/wp-content/plugins/contact-form-7/includes/css/ 3 KB
1 KB 300ms
296ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Sat, 22 Oct 2022 18:29:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 848
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 style.css
bezalela.com/wp-content/themes/fairy/ 102 KB
17 KB 460ms
456ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/style.css?ver=6.1.1
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 8a17db44ec5e656a0a27b74532c4105d13af1be688bc9275901638a009574f99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Thu, 10 Nov 2022 08:41:22 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 16764
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 style.css
bezalela.com/wp-content/themes/fairy-lite/ 3 KB
1 KB 636ms
632ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy-lite/style.css?ver=6.1.1
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0e53271d35fcf08dbaa80ea3ac5a170ea42bb61fe3ce733a69e424c6a8690df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Fri, 21 Oct 2022 21:47:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1161
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 570 B
305 B 90ms
37ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.1.1

Requested by

Host: bezalela.com
URL: https://bezalela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

09f07203e44f242a7ef21726b98dc433bda2606c1645c63532424387ff4f9f79

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:43 GMT

GET
H2 200 css
fonts.googleapis.com/ 740 B
646 B 83ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.1.1

Requested by

Host: bezalela.com
URL: https://bezalela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a96f5c4227f2a6c1e667989eb234ea2c898c259c7f68b269129109c2df6536c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:43 GMT

GET
H2 200 font-awesome.min.css
bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/ 30 KB
7 KB 638ms
635ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 6662
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 slick.css
bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 2 KB
713 B 640ms
637ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.css?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 493
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 slick-theme.css
bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 3 KB
993 B 642ms
639ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick-theme.css?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 773
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 style.css
bezalela.com/wp-content/themes/fairy-lite/ 3 KB
1 KB 643ms
640ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy-lite/style.css?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0e53271d35fcf08dbaa80ea3ac5a170ea42bb61fe3ce733a69e424c6a8690df5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:13:11 GMT
content-encoding: br
last-modified: Fri, 21 Oct 2022 21:47:38 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1161
expires: Mon, 05 Dec 2022 16:13:11 GMT

GET
H2 200 front.min.css
bezalela.com/wp-content/plugins/cookie-notice/css/ 5 KB
1 KB 644ms
642ms Stylesheet
text/css 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=6.1.1
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 01:40:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 967
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 jquery.min.js Show response
bezalela.com/wp-includes/js/jquery/ 88 KB
30 KB 647ms
645ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Wed, 02 Nov 2022 10:00:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 30324
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 jquery-migrate.min.js Show response
bezalela.com/wp-includes/js/jquery/ 11 KB
4 KB 809ms
807ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:43 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 19:36:06 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3995
expires: Mon, 05 Dec 2022 16:15:43 GMT

GET
H2 200 front.min.js Show response
bezalela.com/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 394ms
393ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.4.2
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Tue, 01 Nov 2022 01:40:04 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1970
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 166 KB
167 KB 122ms
64ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2086013297301324

Requested by

Host: bezalela.com
URL: https://bezalela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49a914e88f33cc8a82890afc9adf7bd225c9336329ff90fda5b2ea69f9b3504b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Origin: https://bezalela.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170078
x-xss-protection: 0
server: cafe
etag: 6597014185475356064
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 28 Nov 2022 16:15:44 GMT

GET
H2 200 ff.webp
bezalela.com/wp-content/uploads/2022/11/ 183 KB
183 KB 888ms
887ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/ff.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0ef4fd8c7e91c83e0f0a0e6918d907f08dd580fbf868e657e379fce4c7f2239d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Nov 2022 16:51:00 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 187298
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 index.js Show response
bezalela.com/wp-content/plugins/contact-form-7/includes/swv/js/ 10 KB
3 KB 400ms
400ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Sat, 22 Oct 2022 18:29:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 2817
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 index.js Show response
bezalela.com/wp-content/plugins/contact-form-7/includes/js/ 12 KB
4 KB 400ms
400ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Sat, 22 Oct 2022 18:29:55 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3706
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 navigation.js Show response
bezalela.com/wp-content/themes/fairy/js/ 3 KB
1 KB 385ms
383ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/js/navigation.js?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Mon, 22 Aug 2022 08:47:56 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 988
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
bezalela.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 15 KB
3 KB 386ms
384ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/custom/js/theia-sticky-sidebar.js?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 794b9e10816a6252aef7eb75ced45cf53dd47eafe1773ab94c141727132460b8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 3013
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 slick.js Show response
bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/ 90 KB
15 KB 514ms
512ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/slick/slick.js?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 14940
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 imagesloaded.min.js Show response
bezalela.com/wp-includes/js/ 5 KB
2 KB 386ms
385ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-includes/js/imagesloaded.min.js?ver=4.1.4
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1733
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 masonry.min.js Show response
bezalela.com/wp-includes/js/ 24 KB
7 KB 559ms
557ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-includes/js/masonry.min.js?ver=4.2.2
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Sun, 14 Jun 2020 04:23:28 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 7117
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 custom.js Show response
bezalela.com/wp-content/themes/fairy/candidthemes/assets/custom/js/ 7 KB
2 KB 394ms
392ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/custom/js/custom.js?ver=1.3.7
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Mon, 15 Aug 2022 20:18:34 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1543
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 wp-emoji-release.min.js Show response
bezalela.com/wp-includes/js/ 18 KB
5 KB 561ms
560ms Script
application/javascript 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 15:26:24 GMT
server: LiteSpeed
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 4619
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e0.ttf
fonts.gstatic.com/s/muli/v28/ 39 KB
21 KB 78ms
25ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v28/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30e0.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli%3A400%2C300italic%2C300&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7a3a9ccda18793e070f9a8b44cf4f6104cb467454be8204d939aeb3f7dc01b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bezalela.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 00:06:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 58182
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21296
x-xss-protection: 0
last-modified: Mon, 11 Jul 2022 20:54:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 00:06:02 GMT

GET
H2 200 pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 15 KB
11 KB 74ms
22ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlEA.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bezalela.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sun, 27 Nov 2022 09:08:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 112039
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10455
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 27 Nov 2023 09:08:25 GMT

GET
H2 200 fontawesome-webfont.woff2
bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/ 75 KB
76 KB 703ms
703ms Font
font/woff2 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: bezalela.com
URL: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://bezalela.com/wp-content/themes/fairy/candidthemes/assets/framework/Font-Awesome/css/font-awesome.min.css?ver=1.3.7
Origin: https://bezalela.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Dec 2020 13:53:20 GMT
server: LiteSpeed
content-type: font/woff2
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 77160
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf
fonts.gstatic.com/s/poppins/v20/ 16 KB
10 KB 86ms
45ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlEA.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins%3A400%2C500%2C600%2C700&ver=6.1.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bezalela.com
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 05:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38723
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10630
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:59:08 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 28 Nov 2023 05:30:21 GMT

GET
H2 200 Los-detalles-del-mapa-de-Fortnite-Capitulo-4-Temporada-1-posiblemente-se-filtraron.webp
bezalela.com/wp-content/uploads/2022/11/ 241 KB
242 KB 902ms
900ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/Los-detalles-del-mapa-de-Fortnite-Capitulo-4-Temporada-1-posiblemente-se-filtraron.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: ed200a085b2fc5d71c22a7bb89b02c1c5645525ca2492b0a86fb8e788d710538

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Nov 2022 16:40:57 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 247006
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 Por-que-algunos-jugadores-de-Fortnite-obtienen-un-planeador-por-solo-100-VBucks.webp
bezalela.com/wp-content/uploads/2022/11/ 63 KB
63 KB 935ms
934ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/Por-que-algunos-jugadores-de-Fortnite-obtienen-un-planeador-por-solo-100-VBucks.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: bb862ded7817e5f802b88080afd3ee32c121e22d7cb066efbf107b52ae1538a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Nov 2022 16:31:22 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 64630
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 7ec41-16686912050201-1920.webp
bezalela.com/wp-content/uploads/2022/11/ 68 KB
68 KB 902ms
901ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/7ec41-16686912050201-1920.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 0758ee77b9ab1ea5723bcce88784275ef290c15c2db1e506657a3c99c9d0b4a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Nov 2022 16:25:32 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 69840
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 Donde-encontrar-a-Bao-Bros-en-Fortnite-Capitulo-3-Temporada-4.webp
bezalela.com/wp-content/uploads/2022/11/ 81 KB
82 KB 912ms
912ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/Donde-encontrar-a-Bao-Bros-en-Fortnite-Capitulo-3-Temporada-4.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 51170295d6d1a3f4da52845bb57a32d6f9176d778c929d9a0897cff98515d8ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Nov 2022 16:06:53 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 83422
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 3f437-16686820843735-1920.webp
bezalela.com/wp-content/uploads/2022/11/ 179 KB
179 KB 1062ms
1061ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/3f437-16686820843735-1920.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: d73ac596655d8231cfec7c0afb7fa0446c4554c06a1335be709a35f5606cabee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Nov 2022 15:58:21 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 183370
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 Captura.png
bezalela.com/wp-content/uploads/2022/11/ 1 MB
1 MB 1044ms
1043ms Image
image/png 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/Captura.png
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 241cf154bcd01b8a533e0756dce1547e6212069c93cf927d336ba91dff8dd064

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Fri, 18 Nov 2022 15:50:39 GMT
server: LiteSpeed
content-type: image/png
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 1515330
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 El-mejor-equipamiento-para-Kastov-74u-en-Modern-Warfare-2.webp
bezalela.com/wp-content/uploads/2022/11/ 68 KB
68 KB 1062ms
1061ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/El-mejor-equipamiento-para-Kastov-74u-en-Modern-Warfare-2.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: bb0778617179b9be943f97825e023725f1878afc2296e18e6fa8ccbace56a255

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Thu, 10 Nov 2022 18:43:07 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 69542
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 El-glitch-de-Chopper-Gunner-de-Modern-Warfare-2-permite-a-los-jugadores-tener-wallhacks.webp
bezalela.com/wp-content/uploads/2022/11/ 244 KB
244 KB 1063ms
1062ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/El-glitch-de-Chopper-Gunner-de-Modern-Warfare-2-permite-a-los-jugadores-tener-wallhacks.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 73f69ebf80c73bb2f8d60c92b38c1f58fb889df13edc145471abf91ae0fd621c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Thu, 10 Nov 2022 18:37:21 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 249830
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H2 200 Como-desbloquear-la-optica-de-punto-azul-dominada-en-Modern-Warfare-2.webp
bezalela.com/wp-content/uploads/2022/11/ 250 KB
251 KB 1096ms
1096ms Image
image/webp 162.0.232.43
NAMECHEAP-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bezalela.com/wp-content/uploads/2022/11/Como-desbloquear-la-optica-de-punto-azul-dominada-en-Modern-Warfare-2.webp
Requested by: Host: bezalela.com
URL: https://bezalela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 162.0.232.43 , United States, ASN22612 (NAMECHEAP-NET, US),
Reverse DNS: premium129-3.web-hosting.com
Software: LiteSpeed /
Resource Hash: 941358761d5567124991033fd858b1074f29d3bda397cd97c88ac4dadefba104

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
last-modified: Thu, 10 Nov 2022 18:24:20 GMT
server: LiteSpeed
content-type: image/webp
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
content-length: 256258
expires: Mon, 05 Dec 2022 16:15:44 GMT

GET
H3 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 403 KB
403 KB 111ms
65ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama.js?client=ca-pub-2086013297301324&plah=bezalela.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2086013297301324

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c5affb9c896c0f6b998a59046e4cc5836c3214dfab4233c4aa30de321bb4aea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
x-content-type-options: nosniff
server: cafe
etag: 8842811717460540055
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 412303
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:44 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/ Frame BCD9 10 KB
5 KB 73ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2086013297301324

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 12914
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 12:40:30 GMT
etag: 10353107486223812946
expires: Mon, 12 Dec 2022 12:40:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
699 B 79ms
29ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=bezalela.com&callback=_gfp_s_&client=ca-pub-2086013297301324&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/show_ads_impl_with_ama.js?client=ca-pub-2086013297301324&plah=bezalela.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3e24e9e2616193ef0e677a8ac558a22e3535224de1567f391ccce6fb523bb3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=ISO-8859-1
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
795 B 120ms
30ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bezalela.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
552 B 81ms
30ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bezalela.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7919 167 KB
46 KB 957ms
912ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&adk=1812271804&adf=3025194257&lmt=1669652144&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&format=0x0&url=https%3A%2F%2Fbezalela.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652144490&bpp=8&bdt=1230&idt=243&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1007807982019&frm=20&pv=2&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&fsapi=1&eae=6&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=259

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb8ae89425975edcb51e27066d10da53ab837cdd7dfde080c2ba4e4f44dde7f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 46955
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:45 GMT
expires: Mon, 28 Nov 2022 16:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame E1B9 430 B
279 B 398ms
361ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=2767623100&adf=995376434&pi=t.aa~a.108489206~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1669652144&rafmt=1&to=qs&pwprc=2324655530&format=1200x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652144498&bpp=3&bdt=1238&idt=256&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=197&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&dtd=259

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e07bdf1fafeaec64eaef59e0143abed9464a53d99f5871c2654314d5f91b4a49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 256
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:45 GMT
expires: Mon, 28 Nov 2022 16:15:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/ 174 KB
174 KB 63ms
63ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202211100101/reactive_library.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

977bfd62b77c18d12947313b6f552c23da5f5549a9f3cb57060012f284ea6592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:45 GMT
x-content-type-options: nosniff
server: cafe
etag: 3595652057143532490
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private, max-age=1209600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 178175
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:45 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 82ms
33ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bezalela.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 79ms
32ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bezalela.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DF12 75 KB
25 KB 795ms
795ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4243adcb808891e3fc4b1cc82e4ab4b42d8446171107c9d8ce8753029c6db64d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 25815
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
expires: Mon, 28 Nov 2022 16:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B187 69 KB
24 KB 802ms
802ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0433d7d149554b39a8dda1dc44f7a33a6d977ed0b93074d161686ad6967821c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 24139
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
expires: Mon, 28 Nov 2022 16:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 87D2 68 KB
23 KB 754ms
754ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9b9ec224581f50957f28f5a7e99d88ea867a2cc154113c482fdb2a53f5be925f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 23738
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
expires: Mon, 28 Nov 2022 16:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
32ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=bezalela.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 32ms
31ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=bezalela.com

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=ISO-8859-1
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/ Frame 1AE1 10 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 68660
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 27 Nov 2022 21:11:26 GMT
etag: 10353107486223812946
expires: Sun, 11 Dec 2022 21:11:26 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css2
fonts.googleapis.com/ Frame 1AE1 400 B
229 B 79ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1AE1 205 B
294 B 73ms
22ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:10:42 GMT
x-content-type-options: nosniff
age: 304
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Nov 2023 16:10:42 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 1AE1 604 B
1 KB 72ms
22ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:50:35 GMT
x-content-type-options: nosniff
age: 1511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 28 Nov 2023 15:50:35 GMT

GET
H2 200 interstitial_ad_frame.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/ Frame 1AE1 28 KB
11 KB 87ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/elements/html/interstitial_ad_frame.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a8501a1e8e1770b01ea157c8ac042aae8dad296b12e3c9afc9350215df8653f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 05:45:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 37807
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10856
x-xss-protection: 0
server: cafe
etag: 4783739950998329511
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 05:45:39 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 850F 557 B
301 B 32ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d4954aaa953694d03feda01dd98ae4852e9c9d3f8f1140a620d1ef0c928345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 850F 2 KB
1 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bc215a872ab9aaae4d909e40ad5ce96594678b55b22717351cea7929bb97a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
server: cafe
etag: 13101302802994182238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:35 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 850F 29 KB
11 KB 73ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:24 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 850F 3 KB
1 KB 71ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 11:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1280
x-xss-protection: 0
server: cafe
etag: 8058174711348553767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 11:59:00 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 850F 25 KB
10 KB 77ms
27ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890198226d0fa2755e670f66e533d7d78e52eca75788b2023029ad6407ad4664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9996
x-xss-protection: 0
server: cafe
etag: 15736932386263499371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:54:34 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 850F 154 KB
155 KB 111ms
38ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157753
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 eba95b36d6ef46e7efff9e57bb4ba2d7.js Show response
www.gstatic.com/mysidia/ Frame 850F 48 KB
18 KB 68ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eba95b36d6ef46e7efff9e57bb4ba2d7.js?tag=mysidia_one_click_handler_one_afma

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63cd4ed47ce00200b3eabfa26dc16c929823095b567ab71b30c6238e6a013f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 25 Nov 2022 08:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18370
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 08:14:02 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 850F 295 B
319 B 24ms
24ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 05:10:20 GMT
x-content-type-options: nosniff
server: cafe
age: 39926
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 29 Nov 2022 05:10:20 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AF6 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 15:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 3AF6
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

49ms
48ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221110/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
expires: Mon, 28 Nov 2022 16:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 css
fonts.googleapis.com/ Frame 87D2 557 B
304 B 33ms
32ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84c19fc7ec4bcb7528f721721bb79c9a8f0ec7c557b8c136ca713944f11e7c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 87D2 2 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bc215a872ab9aaae4d909e40ad5ce96594678b55b22717351cea7929bb97a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
server: cafe
etag: 13101302802994182238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:35 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame 87D2 295 B
319 B 26ms
24ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 05:10:20 GMT
x-content-type-options: nosniff
server: cafe
age: 39926
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 29 Nov 2022 05:10:20 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame 87D2 29 KB
11 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:24 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 87D2 3 KB
1 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 11:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1280
x-xss-protection: 0
server: cafe
etag: 8058174711348553767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 11:59:00 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame 87D2 25 KB
10 KB 24ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890198226d0fa2755e670f66e533d7d78e52eca75788b2023029ad6407ad4664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9996
x-xss-protection: 0
server: cafe
etag: 15736932386263499371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:54:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 87D2 0
0 86ms
30ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIJrxUbh3AZgx-aSqqKFP-2ZGT86F2mPnBjlBGd9Fua-csUcFaR4I0lc3_DvmgGlbfnW9vGeEWnayOUTFUUxi5_OCvlg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 87D2 154 KB
154 KB 93ms
41ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157753
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 eba95b36d6ef46e7efff9e57bb4ba2d7.js Show response
www.gstatic.com/mysidia/ Frame 87D2 48 KB
18 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eba95b36d6ef46e7efff9e57bb4ba2d7.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63cd4ed47ce00200b3eabfa26dc16c929823095b567ab71b30c6238e6a013f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 25 Nov 2022 08:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18370
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 08:14:02 GMT

GET
H3 200 304314a31e78a0aa1699696860447599.js Show response
www.gstatic.com/mysidia/ Frame DF12 14 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/304314a31e78a0aa1699696860447599.js?tag=client_fast_engine

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1469f5e0ebcb18b1b28ad6da9d645ad3b44dfc67f120d7b064f9b19a9e3f2996

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 25 Nov 2022 09:45:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282629
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5853
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 09:45:17 GMT

GET
H3 200 5bc72e7222c20bd1d6e0ddd38462082a.js Show response
www.gstatic.com/mysidia/ Frame DF12 12 KB
5 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5bc72e7222c20bd1d6e0ddd38462082a.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cc4bafdbedf0e9bf3a34d9958bb01c53a1a2d4e9ace8f94d4a86a2942d71775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 26 Nov 2022 13:51:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 181484
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5119
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 24 Feb 2023 13:51:02 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame DF12 557 B
301 B 35ms
35ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e8d4954aaa953694d03feda01dd98ae4852e9c9d3f8f1140a620d1ef0c928345

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DF12 2 KB
1 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bc215a872ab9aaae4d909e40ad5ce96594678b55b22717351cea7929bb97a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
server: cafe
etag: 13101302802994182238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:35 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame DF12 295 B
319 B 30ms
24ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 05:10:20 GMT
x-content-type-options: nosniff
server: cafe
age: 39926
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 29 Nov 2022 05:10:20 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame DF12 29 KB
11 KB 29ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:24 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DF12 3 KB
1 KB 33ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 11:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1280
x-xss-protection: 0
server: cafe
etag: 8058174711348553767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 11:59:00 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame DF12 25 KB
10 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890198226d0fa2755e670f66e533d7d78e52eca75788b2023029ad6407ad4664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9996
x-xss-protection: 0
server: cafe
etag: 15736932386263499371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:54:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame DF12 0
0 62ms
31ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyaLwwGAI_eNmQicDh0uFP_iBG63M5OMojhCr7AfL6V4hT9dq_fGqD8LgXFh3WMSRrQeyFE_bE0U6kUJnfHSjhG95z6Q
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DF12 154 KB
154 KB 83ms
55ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157753
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 eba95b36d6ef46e7efff9e57bb4ba2d7.js Show response
www.gstatic.com/mysidia/ Frame DF12 48 KB
18 KB 30ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eba95b36d6ef46e7efff9e57bb4ba2d7.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63cd4ed47ce00200b3eabfa26dc16c929823095b567ab71b30c6238e6a013f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 25 Nov 2022 08:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18370
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 08:14:02 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 87D2 0
17 B 70ms
69ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cdr_dsd6EY9jcPMiH8AKFvZJgyZi_zm25iLjl7hDdq4PC8CIQASCAp8iWAWCV0puCrAegAe6YpO0ByAEBqQJFHnq5tPSoPqgDAaoEyQFP0AuAvi1kRW0N6yYyikJkLbmO8QaZyCIUh8FG4mZO7uOYKeSZMItztOa5Ez-BBskjtSqHjuco8LQXVnlyfZYGnddVQ2F6pMFHnI-YKUlufIPqb6x50POumjAbo4llCp6tgPA-9ftA8A1kpvMZOUez7n0zX2gdRJ6Blpz4VyGRivvQh_y9dWp-3tPrJQ8VlAHzNByg0f8zpZWwLBDLu6PRLCJuIYl_1kZlJyoH6y58jlhcCet8t70JozSd0XS37GJe8TUMwLEQhy7ABNDy6L-wBJIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAf65tuSAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcEEP73A9IIEQiA4YAQEAEYHzICqgI6AoBAgAoByAsB2BMN0BUBmBYBgBcBshccChoIABIUcHViLTIwODYwMTMyOTczMDEzMjQYAA&sigh=0ZmhGavvG20&uach_m=[UACH]&cid=CAQSOwDq26N932pUUM9mvMcAYWaK8YSzzMNprSnS5iZuEzGYG4fW3XtyJR5J1i7rxRrJ5nPR6wkgQPb7EUVDGAEgEw&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 16:15:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=ISO-8859-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 87D2 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
H3 200 css
fonts.googleapis.com/ Frame B187 557 B
304 B 34ms
33ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

84c19fc7ec4bcb7528f721721bb79c9a8f0ec7c557b8c136ca713944f11e7c46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 load_preloaded_resource.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B187 2 KB
1 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/load_preloaded_resource.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5bc215a872ab9aaae4d909e40ad5ce96594678b55b22717351cea7929bb97a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1211
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1055
x-xss-protection: 0
server: cafe
etag: 13101302802994182238
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:35 GMT

GET
H3 200 icon.png
googleads.g.doubleclick.net/pagead/images/adchoices/ Frame B187 295 B
319 B 22ms
21ms Image
image/png 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/images/adchoices/icon.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 05:10:20 GMT
x-content-type-options: nosniff
server: cafe
age: 39926
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Tue, 29 Nov 2022 05:10:20 GMT

GET
H3 200 abg_lite.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/ Frame B187 29 KB
11 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:55:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1222
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11206
x-xss-protection: 0
server: cafe
etag: 16690196781007480285
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:55:24 GMT

GET
H3 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B187 3 KB
1 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/window_focus.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 11:59:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 15406
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1280
x-xss-protection: 0
server: cafe
etag: 8058174711348553767
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 11:59:00 GMT

GET
H3 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/ Frame B187 25 KB
10 KB 28ms
26ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20221110/r20110914/client/qs_click_protection.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

890198226d0fa2755e670f66e533d7d78e52eca75788b2023029ad6407ad4664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:54:34 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1272
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9996
x-xss-protection: 0
server: cafe
etag: 15736932386263499371
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 12 Dec 2022 15:54:34 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B187 0
0 41ms
31ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSs7L7ip_KTHc-njCQ01Pt137uRGDVJ7oho0N1yQiNHQ_Jx6ishvx_I368LKA7Qq47Im47hewqj0gu9ese1djjBkqFkpA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B187 154 KB
154 KB 71ms
64ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1668095300071091"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 157753
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:46 GMT

GET
H3 200 eba95b36d6ef46e7efff9e57bb4ba2d7.js Show response
www.gstatic.com/mysidia/ Frame B187 48 KB
18 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eba95b36d6ef46e7efff9e57bb4ba2d7.js?tag=mysidia_one_click_handler_one_afma

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63cd4ed47ce00200b3eabfa26dc16c929823095b567ab71b30c6238e6a013f1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 25 Nov 2022 08:14:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 288104
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18370
x-xss-protection: 0
last-modified: Mon, 14 Nov 2022 13:59:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 23 Feb 2023 08:14:02 GMT

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7920179007395525072/ Frame DF12 16 KB
16 KB 23ms
23ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7920179007395525072/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

034a56fa7c084ac553d91c2ee747155c9e3b08042dab9bd8d716342771a910bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Tue, 22 Nov 2022 07:31:20 GMT
x-content-type-options: nosniff
age: 549866
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16545
x-xss-protection: 0
last-modified: Tue, 01 Dec 2020 15:25:50 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 22 Nov 2023 07:31:20 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame B187 0
17 B 70ms
69ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CuVM0sd6EY_fSPI-G8ALDp4CoCq7olLhtiJXWouQQmLv-4NsyEAEggKfIlgFgldKbgqwHoAHb1N_BAsgBAakCO5GE3MKSsT6oAwGqBMkBT9DaVMkNrwSA8VeayHD2OeD-wZY-nWwoqGsnZdUE2nFqlm2SpU6p0c5n9o_s93X2MAEpsozLnfvuemIKR3cvPGIibfQGmCbeaxiXZIJ6sy5gWSjIe2OIqHVuSuuiY3HRhtJVqvoIS39KOunl6kGmtIb2CMDjOLdifSs5-H1pN-S8P1iMjzbOtZFoZUXfxcuNkjyrfT34z9qok0XUj6ljCOkmOYfdyTm_JRGDJESwRBi1BvZKFVRUMWkVc7TIpyNXdt295ru6if8dwAS37KjOmASSBQQIBBgBkgUECAUYBIAHwb2XwAOoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDa1wfSCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi0yMDg2MDEzMjk3MzAxMzI0GAA&sigh=auH1xH_gEsE&uach_m=[UACH]&cid=CAQSOwDq26N9sSZBSAUJegEiu46M5xE_ttlftVNwZcrfNEB5__9WU4-59uHnOsQ8Wu5bHZTMqRwS3JGkK90FGAEgEw&template_id=5020

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 16:15:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=ISO-8859-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame DF12 0
17 B 70ms
64ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CP3Lisd6EY7K_OtmD8ALZ7bPwCo-y6pltm6Lf8ZgQ3pSlsrIwEAEggKfIlgFgldKbgqwHoAHo6_beAcgBAakClKK6-9aFsT6oAwGqBMkBT9DwK7XCIok9oNuKc_CNT0RhyVFnb9fhHWa8BZum9ez8mgRvf6-EKf6yOHJELSh14n5PMp0LXu4deOf-J70gSYQnmCaqZtdZK2IgKTuLfqcgyDrWYIQqyq0fzR17jrkIlcXOcejh2z34gYBuT5TxjyYnnFxIyHrSa9xE66pKZ4cgvQKLoswAx2spaDZplv3OoymZt8RsFp45qzyiGYDpVPpFRnc1rlguFUIOvX3s_CKHvHJegbw2FersurrKN3zp0jGcL9a1gsD6wASvjqLk_AOSBQQIBBgBkgUECAUYBIAHgJSJoQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDpzQ_SCBEIgOGAEBABGB8yAqoCOgKAQIAKAcgLAdgTDIgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yMDg2MDEzMjk3MzAxMzI0GAA&sigh=DIf4LOlykjI&uach_m=[UACH]&cid=CAQSOwDq26N9_dm_AtdCyZNpctoNBHY4uPeJu4Y0JfcDLVR8MJYRs_IE4z49hjqsaCf0eZ-AwlOM0umitMM0GAEgEw&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 28 Nov 2022 16:15:46 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=ISO-8859-1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame B187 209 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Type: image/svg+xml

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 87DA 143 B
166 B 24ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 15:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A4C1 1 KB
643 B 29ms
27ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Tue, 29 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E2A 143 B
166 B 24ms
22ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 15:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 8EC0 1 KB
643 B 24ms
23ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Tue, 29 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99A5 143 B
166 B 22ms
21ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1198
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 15:55:48 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B631 1 KB
643 B 22ms
22ms Document
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

age: 1170
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 15:56:16 GMT
etag: 48472445140208031
expires: Tue, 29 Nov 2022 15:56:16 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame A4C1
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEOAnFrPcmIVlYrH6Guy2aPA&google_cver=1&google_push=ASkJ3FaWjhof_o4y4QzDyiyMmT0lBUincuhEqZHtZPtO69yLUYyWuUbWCDK1_b7wILwNaP9PqHDpYsnaGCqVzFx4OFeEH7fpbuaAI...
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzA4Nzk2MjA1NDM2ODA3NzY1Nw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOUrQNgIFlP3YTZovEAujyA&google_cver=1

43 B
398 B

74ms
29ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOUrQNgIFlP3YTZovEAujyA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
Protocol: H2
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEOUrQNgIFlP3YTZovEAujyA&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame A4C1 0
104 B 252ms
96ms Image
text/plain 2a02:fa8:8806:13::1400
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESELQE7LQDxb5rWdKc80EXmqM&google_cver=1&google_push=ASkJ3FYuLhsnedu1UkGjmyRJ_9RCoj_RTElWTTrqPCqqS5Rd2D_m5k-S18v_13nkCPzYbQQBgY7AumqZjWlBNqs5n7aBbdmPbd_Fi1ogk2Dz06o239oXfUCM0LbV5KHslSB-CDyojtEWvss1PrRjvZD1kuBFrQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:13::1400 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESECEqPJPL_YgcMv50-wXmZYU&google_cver=1&google_push=ASkJ3FaTMBxqpa8LFyHMHTFHdcDo68sI8NnDPGaOJLeC9GBC8v_fJRlch7rS8GJPbUn9p0sklkuOai1i7FtAg01O...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaTMBxqpa8LFyHMHTFHdcDo68sI8NnDPGaOJLeC9GBC8v_fJRlch7rS8GJPbUn9p0sklkuOai1i7FtAg01OJzPJ3DNUbcYs9AXRZ2fehlAHffUhAm...

170 B
188 B

81ms
35ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaTMBxqpa8LFyHMHTFHdcDo68sI8NnDPGaOJLeC9GBC8v_fJRlch7rS8GJPbUn9p0sklkuOai1i7FtAg01OJzPJ3DNUbcYs9AXRZ2fehlAHffUhAmTjIr6rHTfc3XZ2TlrkDcwTShTY_0Sg5l6EX2MYgg

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Mon, 28 Nov 2022 16:15:46 GMT
Server: MT3 169 32252b7 master zrh-pixel-x13 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=ASkJ3FaTMBxqpa8LFyHMHTFHdcDo68sI8NnDPGaOJLeC9GBC8v_fJRlch7rS8GJPbUn9p0sklkuOai1i7FtAg01OJzPJ3DNUbcYs9AXRZ2fehlAHffUhAmTjIr6rHTfc3XZ2TlrkDcwTShTY_0Sg5l6EX2MYgg
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Mon, 28 Nov 2022 16:15:45 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame A4C1 70 B
265 B 157ms
49ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEPAPkrz4Dr0AdxOwD8mSYhw&google_cver=1&google_push=ASkJ3FaNTeqgwbr2nGTi4FrM5yYtRY4K4f8r6tvpKvUFV4KM3ntkaEzIv__HSDVaONRBdv-UGxFZmv7SyyLyVFzXsFhwEmg5Wz1XnMLxpRLyZcEI8FdvmQ81ClGGIp8PtfvTbkkzuw_dkNfAH-LT1NPj4D95
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1419768198&adf=3823945289&pi=t.aa~a.2757300208~rp.3&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=1&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280%2C304x250&nras=5&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=2171&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=54
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FaDcmhCaoJ1Nr9Wpe-KjRQY1QCVHgrGL...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FaDcmhCaoJ1Nr9Wpe-KjRQY1QCVHgrGLw6tBQEtGQQbPALoK3y6s15qlcuHvoabCeYmwgK_ssj0w7Z7m0oWjptIMhRhZj2zDcENCoVpgXhmmNI-2vCCLvkbgxrPzCyMn2Xju62AOUFF_l9gopQ-duVw

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HGXTWPgydtQkSFbDZoNhPWXrLXD3dwm%2FJuTMJ3aL4LqnbolIt2QcfddyMUqL1xZHTXqoKlEgqQgJ6sY%2FeBQQTrawHm5z4inXaMIZjXASmRMHtNoS%2FqW%2ByBT2PqXn9DFAj9LNFqitnwcegQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEN06BJBES9yes3U0zpeGZn4&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FaDcmhCaoJ1Nr9Wpe-KjRQY1QCVHgrGLw6tBQEtGQQbPALoK3y6s15qlcuHvoabCeYmwgK_ssj0w7Z7m0oWjptIMhRhZj2zDcENCoVpgXhmmNI-2vCCLvkbgxrPzCyMn2Xju62AOUFF_l9gopQ-duVw
cache-control: no-cache
cf-ray: 7714677e6e2f8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A4C1
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEFrT9YUIzJDKodhcH5wa25E&google_cver=1&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411sbEuY0Kd4wdVYEYXzTM1RsNXGgjHYhNjj8mLYeXGxJ...
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411sbEuY0Kd4wdVYEYXzTM1RsNXGgjHYhNjj8mLYeXGxJw...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM4OTgzODY2NTQyODcwNzE3ODgyMQ%3D%3D&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411...

170 B
188 B

73ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM4OTgzODY2NTQyODcwNzE3ODgyMQ%3D%3D&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411sbEuY0Kd4wdVYEYXzTM1RsNXGgjHYhNjj8mLYeXGxJwPacdtydYMLztSvgHdF9Y-ghxLtrNKM4SqMoVv0RDrPFC4i18vgy3pCX0KHA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MjM4OTgzODY2NTQyODcwNzE3ODgyMQ%3D%3D&google_push=ASkJ3FZHUBMGQmXgxXRUq0TdEo6v6tRx0G1UUCY9C-zDgPFRQ-g-6411sbEuY0Kd4wdVYEYXzTM1RsNXGgjHYhNjj8mLYeXGxJwPacdtydYMLztSvgHdF9Y-ghxLtrNKM4SqMoVv0RDrPFC4i18vgy3pCX0KHA
date: Mon, 28 Nov 2022 16:15:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET /
onetag-sys.com/match/ Frame A4C1 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A4C1 0
223 B 96ms
28ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IE6heKl4HTU5Enr1GFiyVzO5Xh5YXe3cFdgb-LVMzTbz_qnYK86k7n2HGiktQWTsFJPUskTg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 87DA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
expires: Mon, 28 Nov 2022 16:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dpixel
cms.quantserve.com/ Frame 8EC0 35 B
401 B 119ms
36ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESENWnyTBkJc_o2pLZFPXPMOg&google_cver=1&google_push=ASkJ3FZeBoLxoa-Uc7VZ97V9JDAEIcj4oRs9sDtT5lkubwyEQZZZdoIecxjAVHXPXMQPCAFs_41cqFd3KQxVIRkhPnuHzuG6F2c
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 8EC0 43 B
356 B 91ms
33ms Image
image/gif 34.98.67.61
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESENFmPEB9rbgUCOK1_Tzzv3w&google_push=ASkJ3FapYu7LzbaV2TcrUjSbzYt3yzOvNBWk8biKEFP8_Wgt5dC9wKXcv0hMCmHo-Z8BVmkYTWq08PVokEo4ohhZt0NAqe46PbU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
via: 1.1 google
server: Apache
content-type: image/gif;charset=UTF-8
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame 8EC0 43 B
352 B 88ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFKZ8RCxBBFEtc4ucg5Xo6Q&google_cver=1&google_push=ASkJ3Faruk3ztP0OnwJbo-oJ5s-mupl3Q0tDYlst4jdYh79Kfmgh_JZPasbJpSOhmx9-P3Tmrk0pFgCikucIpODe28FpwRo001k
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: b3cq5kk7dgk6esg1q7586vh5ru3dgaek

GET
H2

200

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame 8EC0
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...

0
41 B

31ms
31ms

Image
text/html

185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE8L4W6h4aCyMsxKAZ_NSeY&google_cver=1&google_push=ASkJ3FY5LaSDx_Kc5PcUlGwDYO33Uo_-QyvIg-hyQae_D1GTdshPcCF-iYbqyAK4xT3nzxMQ3M2_0EELgDDI4WqkSeitg8QXE1Y&rdf=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Protocol: H2
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 28 Nov 2022 16:15:46 GMT
content-length: 0
content-type: text/html; charset=UTF-8

Redirect headers

location: /AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEE8L4W6h4aCyMsxKAZ_NSeY&google_cver=1&google_push=ASkJ3FY5LaSDx_Kc5PcUlGwDYO33Uo_-QyvIg-hyQae_D1GTdshPcCF-iYbqyAK4xT3nzxMQ3M2_0EELgDDI4WqkSeitg8QXE1Y&rdf=1
date: Mon, 28 Nov 2022 16:15:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8EC0
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEOUz0XBDyJ5Hw3LdywxjAO4&google_cver=1&google_push=ASkJ3FbWvEEr5oiYbZvCeli2ljoFsnLROcibjEaEBkFiGHxyrBCyU4px4olPevASMoYAD2hXcJ2...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUUwtMVUtQURQNQ==&google_push=ASkJ3FbWvEEr5oiYbZvCeli2ljoFsnLROcibjEaEBkFiGHxyrBCyU4px4olPevASMoYAD2hXcJ2YmxdoaflwU217BzZ5yxbmOA

170 B
188 B

75ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUUwtMVUtQURQNQ==&google_push=ASkJ3FbWvEEr5oiYbZvCeli2ljoFsnLROcibjEaEBkFiGHxyrBCyU4px4olPevASMoYAD2hXcJ2YmxdoaflwU217BzZ5yxbmOA

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUUwtMVUtQURQNQ==&google_push=ASkJ3FbWvEEr5oiYbZvCeli2ljoFsnLROcibjEaEBkFiGHxyrBCyU4px4olPevASMoYAD2hXcJ2YmxdoaflwU217BzZ5yxbmOA
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 8EC0
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FYABZmw8IY9-aKN-I6o8U-oyYzWze00T...

170 B
188 B

33ms
32ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FYABZmw8IY9-aKN-I6o8U-oyYzWze00Tl00OOqz0MQa4ycUMPR7rv8YBUx92VOICVNL2xiz7rP5q4-tW98FrNjatZgV6g

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MrxKengDfwHdvkSJatC0kb0VdZ1vOSRRRDJ2ZoldB8gzghe5JdKKCD6KeCZZpEOwQf5Nk2xjUS8fbxmaFodXRj9RHHkeDOa14qsmcLYLMZlSRVNY9AEYzpKPHhHg%2BZsLNYn1eSLxyRKkXg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEE1PVlONcdPgI3zXFmGu9UQ&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3FYABZmw8IY9-aKN-I6o8U-oyYzWze00Tl00OOqz0MQa4ycUMPR7rv8YBUx92VOICVNL2xiz7rP5q4-tW98FrNjatZgV6g
cache-control: no-cache
cf-ray: 7714677e6e2d8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 trk
ag.innovid.com/ Frame 8EC0 43 B
297 B 239ms
37ms Image
image/gif 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEJhVJMu_MkwuuBbz_kBMM1o&google_cver=1&google_push=ASkJ3FbOLusrvK3DrPF_luvjLUNcFedvzp2YiLx9yD-lVm8zZw6h159k4D8x_gmE691PixbSQHcov-qp6h4G-eq_5AST_D6rLqY
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=280&adk=618363986&adf=661518365&pi=t.aa~a.2822006094~rp.4&w=368&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=368x280&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280&nras=3&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1017&ady=1232&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=17
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-type: image/gif
pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 8EC0 0
40 B 97ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LFj9C3JaZQ5_1FWVxJtupM-Jiot9hGWQ7piQh2m66-kVNZhl-Saz0HtL_ljv9ZQlyjYxCP

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame B631 35 B
400 B 116ms
36ms Image
image/gif 2620:116:800d:21:de2e:c7b3:55c0:d5a0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEObfvvn1RGMQ_5BsbfbpK2E&google_cver=1&google_push=ASkJ3FZWWPodh4OY-ZFYq8MxWUacZ0DNeCbYuKApHnwb7DLpEFB8LzqoGouFKwbh0mrMZIREU3ug8k0WvaG1rPukeL9WApDQltl9RmagU_MyNTecD8eQRlMJYl-HbUuqIPt-qRt4gBQWRQmT7cSxEE3Gp4o
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:de2e:c7b3:55c0:d5a0 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B631
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbSTil0...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DASkJ3FbSTil0...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxNjE1NDcwMDAxMjUxNjA4Njk3Mw%3D%3D&google_push=ASkJ3FbSTil0AUfP8ytxMJgI2snvwBpoakPoXULaHLVD0hhMt58eMPkA83hkn-zG8bO0oF...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxNjE1NDcwMDAxMjUxNjA4Njk3Mw%3D%3D&google_push=ASkJ3FbSTil0AUfP8ytxMJgI2snvwBpoakPoXULaHLVD0hhMt58eMPkA83hkn-zG8bO0oFNfJpLyPH5JI_ajrR3tTLTNvzc_LNvCe3tf1RmQ0xiYoaZMinL3TfgN-Bh_XjEFzz6ol8BR2Z6KoltkaqZzVzI

Requested by

Host: bezalela.com
URL: https://bezalela.com/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjExMjgxNjE1NDcwMDAxMjUxNjA4Njk3Mw%3D%3D&google_push=ASkJ3FbSTil0AUfP8ytxMJgI2snvwBpoakPoXULaHLVD0hhMt58eMPkA83hkn-zG8bO0oFNfJpLyPH5JI_ajrR3tTLTNvzc_LNvCe3tf1RmQ0xiYoaZMinL3TfgN-Bh_XjEFzz6ol8BR2Z6KoltkaqZzVzI
pragma: no-cache
date: Mon, 28 Nov 2022 16:15:47 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Mon, 28 Nov 2022 16:15:47 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B631 43 B
135 B 85ms
33ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEFhy5Zmtrl-6QxKdSSinwJQ&google_cver=1&google_push=ASkJ3FZbMCZkjyy-V7U4hMtNHoP5m5ZcpMbYrI3R1cyZnEvkqcRrZ7H9nbKiuLg3a9QVpKct6TQ_Ox23vPE1mnNSngMyCWrYKxmd4ggA5kZ9law5QcyTs2cWFb4KUz-dy08DWRX3B-YmaI921fbn0NMFrA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: kbord9agejmdl4r6dlvctun6tclv9vb0

GET
H2

200

UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B631
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...

0
41 B

32ms
32ms

Image
text/html

185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOTl1_fnLX3xUE8D-HSW8-o&google_cver=1&google_push=ASkJ3Fa1zUT5DwlliANabAWWggkzx-b578w744KHl8sOzHVGb2fnl3hMaExbDNoF1GnzAF40Jx4Y8JZOCpHRyutdo_TExtoYRQHKE-oRRwy8sDrsv17cZDuOLLGEjM6ejVOPBSUlkvR_hI0aLALQrs1EGDo&rdf=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2086013297301324&output=html&h=250&adk=1428705548&adf=725742198&pi=t.aa~a.768717372~rp.2&w=304&fwrn=4&fwrnh=100&lmt=1669652145&rafmt=1&to=qs&pwprc=2324655530&format=304x250&url=https%3A%2F%2Fbezalela.com%2F&ea=0&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1669652145789&bpp=1&bdt=2529&idt=-M&shv=r20221110&mjsv=m202211100101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D7060e401b9db3043-22499fbfeed7003d%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg&gpic=UID%3D00000b89dd67acf0%3AT%3D1669652144%3ART%3D1669652144%3AS%3DALNI_MaUtinX_UMYulUSglY8BRsTrariHg&prev_fmts=0x0%2C1200x280%2C368x280&nras=4&correlator=1007807982019&frm=20&pv=1&ga_vid=905617894.1669652145&ga_sid=1669652145&ga_hid=136232034&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1049&ady=1578&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42531705%2C44774606&oid=2&pvsid=3145931905725765&tmod=1591088752&uas=0&nvt=1&eae=4&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=48
Protocol: H2
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 28 Nov 2022 16:15:46 GMT
content-length: 0
content-type: text/html; charset=UTF-8

Redirect headers

location: /AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEOTl1_fnLX3xUE8D-HSW8-o&google_cver=1&google_push=ASkJ3Fa1zUT5DwlliANabAWWggkzx-b578w744KHl8sOzHVGb2fnl3hMaExbDNoF1GnzAF40Jx4Y8JZOCpHRyutdo_TExtoYRQHKE-oRRwy8sDrsv17cZDuOLLGEjM6ejVOPBSUlkvR_hI0aLALQrs1EGDo&rdf=1
date: Mon, 28 Nov 2022 16:15:45 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B631
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEO9ZWUqWtYrd-zLaky7vr50&google_cver=1&google_push=ASkJ3FaJEEbtlJc4e_v2ywDDM1hN1sAlV4EjcGNX4ZoO4Jfs6GbZCBRnGJavpa8yQUGFJ1FAXcS...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUU4tMUctQUJXMg==&google_push=ASkJ3FaJEEbtlJc4e_v2ywDDM1hN1sAlV4EjcGNX4ZoO4Jfs6GbZCBRnGJavpa8yQUGFJ1FAXcSFiOj6XRrSYKqbwTfbcFshEJZuU...

170 B
188 B

73ms
34ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUU4tMUctQUJXMg==&google_push=ASkJ3FaJEEbtlJc4e_v2ywDDM1hN1sAlV4EjcGNX4ZoO4Jfs6GbZCBRnGJavpa8yQUGFJ1FAXcSFiOj6XRrSYKqbwTfbcFshEJZuUjJfNcl7g1nd4UO5hoaH4VAPwLwaylj7wcJ_gZFKQzBW6b9q9Y1QEio

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEIwWlMxUU4tMUctQUJXMg==&google_push=ASkJ3FaJEEbtlJc4e_v2ywDDM1hN1sAlV4EjcGNX4ZoO4Jfs6GbZCBRnGJavpa8yQUGFJ1FAXcSFiOj6XRrSYKqbwTfbcFshEJZuUjJfNcl7g1nd4UO5hoaH4VAPwLwaylj7wcJ_gZFKQzBW6b9q9Y1QEio
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 78e3bdce5107450057bade54d54a0a7e
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B631
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_push=AS...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3Fbp9CQ2h8YojVxG8fgqx02MfZrxBWvvq...

170 B
188 B

33ms
33ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3Fbp9CQ2h8YojVxG8fgqx02MfZrxBWvvqLqGri03z8oEXX1MoqUYRIVVf3W2RaLjjwJ5vazvBUubPQH5xXAHg8bJPXoB2rHAhdFWwGnPnOtUS35mGLrMgMBMfl9KZPgW3LAhMrBIM1uRe5CmnoBNSHY

Requested by

Host: bezalela.com
URL: https://bezalela.com/

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:46 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8zKI44juEo7ufCY5zDhKjjPrykttMqZa%2BP5xfOO0kqc7Vkw1Ig5rkMrb3tHqIKW28mnDZOXZ7bzF0W3tJcTHal9rnLLwji7BlS9Ixkn0UMafbIvZypRsG41dmAq138Ya1KhSmf%2BSzzK8kw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOzBq-rFTbEAz2T3_9StPtw&google_hm=Y4TeskDLwzFUBODyPyTKpQAABHEAAAIB&google_nid=index&google_push=ASkJ3Fbp9CQ2h8YojVxG8fgqx02MfZrxBWvvqLqGri03z8oEXX1MoqUYRIVVf3W2RaLjjwJ5vazvBUubPQH5xXAHg8bJPXoB2rHAhdFWwGnPnOtUS35mGLrMgMBMfl9KZPgW3LAhMrBIM1uRe5CmnoBNSHY
cache-control: no-cache
cf-ray: 7714677e6e2a8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame B631 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B631 0
49 B 92ms
30ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LWY6C5pS6onye4qTXz_QqvmcAJ3kArptyUp5E_84mF4nLxTWXyUE2eD-MaP9LRUTAl08WtpA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 9E2A
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

40ms
38ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
expires: Mon, 28 Nov 2022 16:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 99A5
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

39ms
38ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
expires: Mon, 28 Nov 2022 16:15:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=ISO-8859-1
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:46 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf
fonts.gstatic.com/s/googlesans/v45/ Frame 87D2 44 KB
22 KB 70ms
24ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea77c0c7386fa8cedb0a4d1c5a983e4a8bbdbb15cec3eff233e1bb8c43b27a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 26 Nov 2022 09:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22537
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 09:36:57 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrzjJ5llpyw.ttf
fonts.gstatic.com/s/googlesans/v45/ Frame 87D2 44 KB
23 KB 99ms
56ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrzjJ5llpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6669102b34f9791e737413d49ca29a16f022000335b02370303c229a7c33d747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 23 Nov 2022 00:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23424
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:56:29 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf
fonts.gstatic.com/s/googlesans/v45/ Frame DF12 44 KB
23 KB 82ms
44ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62e83982fa97493f763b6dfe5768ea52fc6291e53188762effdb192085e8eb04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Fri, 25 Nov 2022 09:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 285268
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23573
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Nov 2023 09:01:18 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf
fonts.gstatic.com/s/googlesans/v45/ Frame DF12 44 KB
22 KB 73ms
35ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea77c0c7386fa8cedb0a4d1c5a983e4a8bbdbb15cec3eff233e1bb8c43b27a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 26 Nov 2022 09:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22537
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 09:36:57 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf
fonts.gstatic.com/s/googlesans/v45/ Frame B187 44 KB
22 KB 59ms
28ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrwEIJllpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cea77c0c7386fa8cedb0a4d1c5a983e4a8bbdbb15cec3eff233e1bb8c43b27a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Sat, 26 Nov 2022 09:36:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 196729
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22537
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:04:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 26 Nov 2023 09:36:57 GMT

GET
H3 200 4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrzjJ5llpyw.ttf
fonts.gstatic.com/s/googlesans/v45/ Frame B187 44 KB
23 KB 94ms
64ms Font
font/ttf 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v45/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrzjJ5llpyw.ttf

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6669102b34f9791e737413d49ca29a16f022000335b02370303c229a7c33d747

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Wed, 23 Nov 2022 00:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 487157
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23424
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 19:05:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
vary: Accept-Encoding
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Nov 2023 00:56:29 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 118ms
70ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221110&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e34275885740beb8b6f7ca67d3030e0c210ef2f8ceec411ad4c80c2bdfa5ae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=ISO-8859-1
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10941
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
17 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:48 GMT
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17314
x-xss-protection: 0
expires: Mon, 28 Nov 2022 16:15:48 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FDCA 13 KB
5 KB 23ms
21ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 757
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:03:11 GMT
expires: Tue, 28 Nov 2023 16:03:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3577 783 B
533 B 33ms
32ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

c0c84c9451db2a41aeffacc3b6b7f2222a309f249afa31851cf3446b5255d57c

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-rOtns2l6iqcQnA2CFFE4qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bezalela.com/
Upgrade-Insecure-Requests: 1
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'nonce-rOtns2l6iqcQnA2CFFE4qw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 28 Nov 2022 16:15:48 GMT
expires: Mon, 28 Nov 2022 16:15:48 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame FDCA 36 KB
16 KB 23ms
23ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 15:08:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4058
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 15:08:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3577 0
0 57ms
56ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221110&jk=3145931905725765&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame FDCA 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UMScxw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:48 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221110&jk=3145931905725765&bg=!VFelVxPNAAbvMpMzzzI7ACkAdvg8WlU6VbRHmfpSDyvcj2MlT-pFe94ranz_eo5oAmFwj9HE-Reo_QIAAABNUgAAAARoAQcKAPh6ehExUtJyw3ByWVJ4m9y9pdFcSU_KJ9dkfMYO0siaBSEXfDUZFTAMsxGr_EbqfGSwFTivIQSvkkOyc2hk04GUX5jimuUzTR4mUy8ENsS9x-mwA_QSIYlFsm3f2Mnk4uw9oqrWOS9r2abQ7FZHMBnKnUIJ8ny_rKBd7eTRiyCMcwYOg46H7p3HH_LLFGFa-BSgve3QXhJbw7Zw9LjsLc5Wl-cEObNI33O1NSEt-hWO0VmOk7U0iUquSPIT4duQZEilJWalauP2QYIBjcBI85FGMCkpFQxWtC6tnAgZ4W2CmLxKSzrur0juBdhaw2RviVbmKgxWM7vscZkCnQiXcqlb45RIP3YNMTNL13AHCVSpAKTSiePgnI_th8_xinN-yIG3-4_NOkvI7a-xNa1TzSTUReSDNT094f6OFJSdrFvG9a6i8vwSQMGrbQ-SuVO1UDHoC7ARSl2Lgym4qagYfNsCHNLOIuL9tyYrl33yTR950HQl1aQ_VcBPXPNbwkufzLmc74-J5l3knFJK-hyrp49k4v6f60UYIRhYDNfB4BXQItA9jGbiWrQTbLx9o-fiQGj6jBEU4L5SYiOTDnIOJLMsCaGc3i5qcgYA5ta0fPiZnf8jdZiJyavWprQD32FcumL9biDhBGYE-Zsj70QXPN4FqzN3ZDk-6BFMvxPUzYHzBR0YsDFYqGFQuS1scCm6Vp1yTQsmn9Az4IlyedJfgIPiNd2o2QSmvlDOuReiceTO-PDc5lw5ThcQ6ZEUP31Ln6jQ9GZ6e59fOvDYdXHXgtBeoEjiQi6da9vjicbjlao1MAVvaor1yAqdVWxU6gDbvjmJQDAIuRClbmDdzK-ncs4gpdH2ZU9L4bv9bqTdF916KYIRFZtQxTgCHkN9doQURwdgzi3qc38D2rv-yw92QBgxTrl7WTy6DuzqaND1G8dSR3KExY2S404j8eSf1MRk4tEEbTz-bMeJsF6nbu5zrVoVqXXIFx4V--FrHPYhv5Di2ezNqm5kXsY-sk6zoLi3dFREmseNbTIbobT5eJ5I_OTdX7XoH0ZNAFbxXTky02CW2uoJH-xi6PTJcoMF7ysZTrAuMD_mMdBbmErdSaEWHkNBo6ZTfK1p7c08qILWdtM3aafwBTYQKRUVvIC1ZaKCOhJqYOaefSsH7xJ9HQ4xxgKGbgwGMbLm9I9IGKswaGsfM-9G8bm9n3ezEE806DA-H6ddFPJtxZPR0Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
77 KB 90ms
39ms Script
application/javascript 2a00:1450:4001:80e::2008

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B37SEF79NQ

Requested by

Host: bezalela.com
URL: https://bezalela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 -, , ASN (),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

afe0b20e7352034c0ee2079637e7397fd3e7df5490758ecf3b593829c7a45bba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date: Mon, 28 Nov 2022 16:15:49 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Mon, 28 Nov 2022 16:15:49 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
345 B 182ms
29ms Ping
text/plain 2001:4860:4802:34::36

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B37SEF79NQ&gtm=2oeb90&_p=136232034&cid=905617894.1669652145&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1669652150&sct=1&seg=0&dl=https%3A%2F%2Fbezalela.com%2F&dt=noti%20juegos%20%E2%80%93%20Bienvenidos&en=page_view&_fv=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B37SEF79NQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 -, , ASN (),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bezalela.com/
User-Agent: ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

pragma: no-cache
date: Mon, 28 Nov 2022 16:15:50 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bezalela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: onetag-sys.com
URL: https://onetag-sys.com/match/?int_id=106&redir=1&google_gid=CAESECZdhZUK1MNiEeR7PHyu3yw&google_cver=1&google_push=ASkJ3FYp2I2VmnfW0TtoKZMfZJwbxbFxtLaWKIMoYarX-DPIrb6jpeC57zt6UTggIaFUKnanFkYcQTC9vpTyIW7Bn0IB7D0T_Dq5W-vKSB9yyE1_UHWr1StGcObxW8PpdtmNselHu90gFQNpCMAVQ2C_vwv6pic

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIm_kHjpa9TULTJh7kLgkcY&google_cver=1&google_push=ASkJ3FYyEHdBSsTcWoAdXzhIKGKPFxyIZkd2YCXZtScftmQh3rfRzkTJU0YXQyAXu6xyQG6lXTpygfMwgN6HwHk7E3ycueH3T131wETaB6NAGo1uEooNgq8L4wdGGVbWaHgTmisMt7ervLz3BYTr5NvVaYPI

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

21 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.bezalela.com/	1970-01-20 17:09:08	Name: __gads Value: ID=7060e401b9db3043-22499fbfeed7003d:T=1669652144:RT=1669652144:S=ALNI_MYl3bYQlv9dtLSYyYXkjdWoJOJ_Sg
.bezalela.com/	1970-01-20 17:09:08	Name: __gpi Value: UID=00000b89dd67acf0:T=1669652144:RT=1669652144:S=ALNI_MaUtinX_UMYulUSglY8BRsTrariHg
.doubleclick.net/	1970-01-20 17:09:08	Name: IDE Value: AHWqTUlhr32-cocrFPU55FKSgoYZBmnV2q9Q6NiDj4ye8o3zJBf3eTMo7dvMm-ij89s
.3lift.com/	1970-01-20 09:57:08	Name: tluid Value: 2389838665428707178821
.mathtag.com/	1970-01-20 17:13:27	Name: uuid Value: 56866384-deb3-4500-b57f-295e4381d2eb
.mathtag.com/	1970-01-20 08:30:44	Name: mt_mop Value: 4:1669652147
.casalemedia.com/	1970-01-20 16:33:08	Name: CMID Value: Y4TeskDLwzFUBODyPyTKpQAA
.casalemedia.com/	1970-01-20 09:57:08	Name: CMPS Value: 1137
.casalemedia.com/	1970-01-20 09:57:08	Name: CMPRO Value: 1137
.turn.com/	1970-01-20 12:06:44	Name: uid Value: 7087962054368077657
.casalemedia.com/	1970-01-20 09:57:08	Name: CMTS Value: 5170
.innovid.com/	1970-01-20 09:57:08	Name: uuid Value: 5f4421e9-b294-4355-9180-e38242f1a41c-20221128 11:15:46
.e.dlx.addthis.com/	1970-01-20 17:17:46	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:17:46	Name: na_id Value: 2022112816154700012516086973
.addthis.com/	1970-01-20 17:17:46	Name: na_tc Value: Y
.addthis.com/	1970-01-20 17:17:46	Name: uid Value: 6384deb38ccf2ebd
.addthis.com/	1970-01-20 17:17:46	Name: ouid Value: 6384deb3000101e6fe0f8f7c6f44e30b284c596da7ca4d12e017
.dlx.addthis.com/	1970-01-20 08:30:44	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 08:30:44	Name: na_sr Value: 20221128
.dlx.addthis.com/	1970-01-20 07:47:32	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 08:30:44	Name: na_sc_e Value: 0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEIm_kHjpa9TULTJh7kLgkcY&google_cver=1&google_push=ASkJ3FYyEHdBSsTcWoAdXzhIKGKPFxyIZkd2YCXZtScftmQh3rfRzkTJU0YXQyAXu6xyQG6lXTpygfMwgN6HwHk7E3ycueH3T131wETaB6NAGo1uEooNgq8L4wdGGVbWaHgTmisMt7ervLz3BYTr5NvVaYPI Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
adservice.google.com
adservice.google.de
ag.innovid.com
bezalela.com
cm.g.doubleclick.net
cms.quantserve.com
dclk-match.dotomi.com
e.dlx.addthis.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
match.adsrvr.org
odr.mookie1.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.rubiconproject.com
r.turn.com
region1.google-analytics.com
rtb.openx.net
ssum-sec.casalemedia.com
sync.mathtag.com
tpc.googlesyndication.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
googlecm.hit.gemius.pl
onetag-sys.com
104.18.33.19
142.250.186.130
162.0.232.43
185.29.132.245
185.64.190.78
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2a00:1450:4001:80b::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2003
2a02:fa8:8806:13::1400
2a05:d01c:1d8:8102:ae06:c39a:c9e8:4832
34.98.67.61
35.186.253.211
52.223.40.198
69.173.144.138
69.192.160.219
76.223.111.18
01d7c9a6f7c2b8c9290aba44c16c812337398880d14cfcbbb402fd7b153661b1
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
034a56fa7c084ac553d91c2ee747155c9e3b08042dab9bd8d716342771a910bb
0433d7d149554b39a8dda1dc44f7a33a6d977ed0b93074d161686ad6967821c5
0758ee77b9ab1ea5723bcce88784275ef290c15c2db1e506657a3c99c9d0b4a6
09f07203e44f242a7ef21726b98dc433bda2606c1645c63532424387ff4f9f79
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0e53271d35fcf08dbaa80ea3ac5a170ea42bb61fe3ce733a69e424c6a8690df5
0ef4fd8c7e91c83e0f0a0e6918d907f08dd580fbf868e657e379fce4c7f2239d
1469f5e0ebcb18b1b28ad6da9d645ad3b44dfc67f120d7b064f9b19a9e3f2996
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
241cf154bcd01b8a533e0756dce1547e6212069c93cf927d336ba91dff8dd064
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b68491bcf04c1a52df469b4b19f9096588fba79f809c1e4617db63420e3c18c
2c19d105106bf6f55dd15da3523b88f88921e03cf54e1efaa138922fc12397c5
2cc4bafdbedf0e9bf3a34d9958bb01c53a1a2d4e9ace8f94d4a86a2942d71775
3a663467e111fd2237a1bc5255e8d702b099f29cb553ecab24efe98cbf898b5d
414dd6732f8bc04b8cf1988b7005397d87287fb025c41d84c5b045abe0ff0947
4243adcb808891e3fc4b1cc82e4ab4b42d8446171107c9d8ce8753029c6db64d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
49a914e88f33cc8a82890afc9adf7bd225c9336329ff90fda5b2ea69f9b3504b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51170295d6d1a3f4da52845bb57a32d6f9176d778c929d9a0897cff98515d8ef
53eaa58cf4e7fc8d68a3b557ad8f67b8b6613e7431e87a6ca896948c53ef2d35
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
597978bca0f97e5bb3f70452c24f8a0c93db7f7229433c2a54706b85cdd39aa6
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5bc215a872ab9aaae4d909e40ad5ce96594678b55b22717351cea7929bb97a6c
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62e83982fa97493f763b6dfe5768ea52fc6291e53188762effdb192085e8eb04
63cd4ed47ce00200b3eabfa26dc16c929823095b567ab71b30c6238e6a013f1d
6596a1e2c00a9382621eecdd04431e99c4638499a25fe64389d690a05d838a15
6669102b34f9791e737413d49ca29a16f022000335b02370303c229a7c33d747
6c5affb9c896c0f6b998a59046e4cc5836c3214dfab4233c4aa30de321bb4aea
73f69ebf80c73bb2f8d60c92b38c1f58fb889df13edc145471abf91ae0fd621c
794b9e10816a6252aef7eb75ced45cf53dd47eafe1773ab94c141727132460b8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
820e169ce24824066d9973fd4b6561aae9dcd6dbef6435da905d5a1d6482997c
84c19fc7ec4bcb7528f721721bb79c9a8f0ec7c557b8c136ca713944f11e7c46
8563a9d08eecbb41965521ca0bc40e33a394e4c55789ae383e2a8168fdc5590d
884d2cd5ba1b567924c3d174d5cb03f9ad49777bd3c4aa97ce01567acdcdf587
890198226d0fa2755e670f66e533d7d78e52eca75788b2023029ad6407ad4664
8a17db44ec5e656a0a27b74532c4105d13af1be688bc9275901638a009574f99
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e34275885740beb8b6f7ca67d3030e0c210ef2f8ceec411ad4c80c2bdfa5ae4
941358761d5567124991033fd858b1074f29d3bda397cd97c88ac4dadefba104
977bfd62b77c18d12947313b6f552c23da5f5549a9f3cb57060012f284ea6592
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b9ec224581f50957f28f5a7e99d88ea867a2cc154113c482fdb2a53f5be925f
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a2653eac85c0e5d5cd119bcf4245d02143d64f5b2eac7aba62f73dc94424111f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7a3a9ccda18793e070f9a8b44cf4f6104cb467454be8204d939aeb3f7dc01b8
a8501a1e8e1770b01ea157c8ac042aae8dad296b12e3c9afc9350215df8653f8
a96f5c4227f2a6c1e667989eb234ea2c898c259c7f68b269129109c2df6536c8
af735813266cdf52a38a6e1583a86066db357469ceded2d7ea8335b298d73d65
afe0b20e7352034c0ee2079637e7397fd3e7df5490758ecf3b593829c7a45bba
bb0778617179b9be943f97825e023725f1878afc2296e18e6fa8ccbace56a255
bb862ded7817e5f802b88080afd3ee32c121e22d7cb066efbf107b52ae1538a4
bbeb9bef20e45478eff214445fd7c36c62f1cbdda84fefc809e475ad1372a6fc
c0c84c9451db2a41aeffacc3b6b7f2222a309f249afa31851cf3446b5255d57c
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cea77c0c7386fa8cedb0a4d1c5a983e4a8bbdbb15cec3eff233e1bb8c43b27a7
d73ac596655d8231cfec7c0afb7fa0446c4554c06a1335be709a35f5606cabee
d7eff2d3185c4035edbe18b653f9da26c2d872e03c92419542ed524d569fe81b
e00add38134eac2fb8e8e9c09cbfff7bbe57952b210322eb2eecb0a21fc055eb
e07bdf1fafeaec64eaef59e0143abed9464a53d99f5871c2654314d5f91b4a49
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e24e9e2616193ef0e677a8ac558a22e3535224de1567f391ccce6fb523bb3a
e50f9ccd2d6582a58ba1879fa578e60d25fea4c5eedc07deafd14482b2403181
e8d4954aaa953694d03feda01dd98ae4852e9c9d3f8f1140a620d1ef0c928345
ed200a085b2fc5d71c22a7bb89b02c1c5645525ca2492b0a86fb8e788d710538
f0b722c48c52082cd77261574e22a5251fe37ea4b291b1441134145bab9b2063
f158b8591a08b6c02bb345ae96dd62f0c632f7f635bb4a5f449fce24bdc11789
f1d5583d4c00ebe19c7be536e72ab8234c1f926023cb5a1fd5edbe9c912f0f49
fb8ae89425975edcb51e27066d10da53ab837cdd7dfde080c2ba4e4f44dde7f8
ff4bd34aa98a0214833619d3d751838db015722dfbbec15cd14dadc66cd67869

bezalela.com Open in urlscan Pro 162.0.232.43 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

91 %HTTPS

59 %IPv6

26 Domains

31 Subdomains

23 IPs

5 Countries

5077 kBTransfer

6447 kBSize

21 Cookies

2 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bezalela.com Open in urlscan Pro
162.0.232.43 Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

91 %
HTTPS

59 %
IPv6

26
Domains

31
Subdomains

23
IPs

5
Countries

5077 kB
Transfer

6447 kB
Size

21
Cookies

152 HTTP transactions
2 data transactions