qooh.me Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://qooh.me/kendotent1
Submission: On January 14 via manual (January 14th 2024, 11:29:02 am UTC) from US — Scanned from CH

Summary HTTP 77 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 15 IPs in 4 countries across 11 domains to perform 77 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is qooh.me.
TLS certificate: Issued by E1 on December 9th 2023. Valid for: 3 months.

This is the only time qooh.me was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
13	2a06:98c1:312... 2a06:98c1:3121::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2.19.85.55 2.19.85.55	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
9	213.227.153.220 213.227.153.220	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	146.75.122.132 146.75.122.132	54113 (FASTLY) (FASTLY)
3	213.227.153.223 213.227.153.223	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:401... 2a00:1450:4010:c01::5e	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:e8a... 2600:1f18:e8a:cd06:e361:a2ce:b047:17c	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
77	15

13 2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)

qooh.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.85.55 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-55.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 213.227.153.220 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: v182.ce13.ams-01.nl.leaseweb.net

b1t-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 146.75.122.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

zem.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.227.153.223 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

b1-eudc1.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4010:c01::5e (Finland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:e8a:cd06:e361:a2ce:b047:17c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	341 KB
13	qooh.me qooh.me	83 KB
12	zemanta.com b1t-eudc1.zemanta.com — Cisco Umbrella Rank: 20340 b1-eudc1.zemanta.com — Cisco Umbrella Rank: 25373	1 KB
12	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209	140 KB
5	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1933	32 KB
4	gstatic.com csi.gstatic.com	369 B
3	outbrainimg.com zem.outbrainimg.com — Cisco Umbrella Rank: 3835	41 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 570	17 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	cheqzone.com obs.cheqzone.com — Cisco Umbrella Rank: 9285	3 KB
77	11

	Domain	Requested by
13	qooh.me	qooh.me
12	pagead2.googlesyndication.com	qooh.me pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	b1t-eudc1.zemanta.com	googleads.g.doubleclick.net widgets.outbrain.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net qooh.me pagead2.googlesyndication.com tpc.googlesyndication.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com qooh.me
5	widgets.outbrain.com	googleads.g.doubleclick.net widgets.outbrain.com qooh.me
4	csi.gstatic.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
3	securepubads.g.doubleclick.net	googleads.g.doubleclick.net
3	b1-eudc1.zemanta.com	qooh.me
3	zem.outbrainimg.com	googleads.g.doubleclick.net qooh.me
3	www.googletagservices.com	googleads.g.doubleclick.net qooh.me
2	ssl.google-analytics.com	qooh.me
1	www.google.com	tpc.googlesyndication.com
1	obs.cheqzone.com
77	14

This site contains links to these domains. Also see Links.

Domain
horizonminers.com

Subject Issuer	Validity	Valid
qooh.me E1	`2023-12-09` - `2024-03-08`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2023-12-14` - `2024-12-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.zemanta.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-08-16` - `2024-09-05`	a year	crt.sh
*.outbrainimg.com R3	`2023-11-28` - `2024-02-26`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh
*.cheqzone.com ZeroSSL ECC Domain Secure Site CA	`2023-11-25` - `2024-02-23`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-12-11` - `2024-03-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://qooh.me/kendotent1
Frame ID: 215A68EC986E2C793F731EF709DCA0B4
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html
Frame ID: 5EEF5348C91D585E13722DF4A5A66FE3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737518&bpp=130&bdt=385&idt=360&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=8265698246302&rume=1&frm=20&pv=2&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=374
Frame ID: 8FB399C8603DDCCC0DAA2A3CD45D3552
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737521&bpp=128&bdt=388&idt=377&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1003&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380
Frame ID: 6293945F86AD921E35292EEB7B4EA48A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737522&bpp=127&bdt=389&idt=380&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Frame ID: 48812641DB92AA8C4B2C8107D867EB00
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&adk=1812271804&adf=3025194257&lmt=1705231737&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737657&bpp=1&bdt=523&idt=250&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3666114337%2C7328249135%2C1032866731&nras=1&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257
Frame ID: D0623C93893C65DEE3C8247CBD6147B3
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html
Frame ID: B772B21FAC2CEE0D9CE09EBD6E5804BA
Requests: 1 HTTP requests in this frame

Frame: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Frame ID: C1DF4305EBE7F8ED9554FAEBEF84EB05
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 433DAB063182850898AB9FA40507885C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4362884F48F5A3B07CB1437A0E2BAAC3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Qoohme

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

15
IPs

4
Countries

854 kB
Transfer

2382 kB
Size

9
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://horizonminers.com/product/goldshell-kd-box-ii-horizonminers/
Title: https://horizonminers.com/product/goldshell-kd-box-ii-horizonminers/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request kendotent1 Show response
qooh.me/ 12 KB
4 KB 428ms
372ms Document
text/html 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qooh.me/kendotent1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/5.6.40
Resource Hash: e1addf7c91e087a246561ff3ea40593419acf5bfdbcdc22dda5b24911c2123a4

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 845589d2ca0c0e2b-MXP
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sun, 14 Jan 2024 11:28:57 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vZRMoLpdLHyqtU8C9qTIpwInHnaqQIrm%2BNYsPbuseByfZkgKqTDyCLQ20WEa3WVUxxdb7SiwHBRbSSoWERlJpUmQ4aHb%2BiOaYRZRXwFsWU1%2BEseywRnvq1lVCpdIUaVtirlemRDY"}],"group":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.6.40

GET
H2 200 main.css
qooh.me/css/ 51 KB
11 KB 356ms
355ms Stylesheet
text/css 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qooh.me/css/main.css
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 62bd121116b457d0864b2a9c58696ae8c520868df36b3ef414ec6142872ef472

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/kendotent1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=64177
etag: W/"5a02b0a3-fab1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rwdVg4lPJHhdqBjjtQihuJYL2aD%2FT7RmfOafb2Vy5PxnQRhrKFvBfnMuWAaXbqmVbNsF88NadB%2FYVzC4qQTH37zDWmOPylum5I2Ue9ztjkf8wC%2B1K7%2F7B8DKwzTg8UAm5YWgv5eQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=86400
cf-ray: 845589d51e9a0e2b-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery-1.9.1.js Show response
qooh.me/js/lib/ 142 KB
43 KB 360ms
360ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qooh.me/js/lib/jquery-1.9.1.js
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 549a75e349567add1be9f64d09b384dbd223cfd24bf1968699ba905b41a8ac23

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/kendotent1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=268381
etag: W/"5a02b0a3-4185d"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uiNcXROUu8iA61IhRB2dLmh6J7dEKD6PcEh0%2BxjG0eoxbrervwBmbuuVl8wibMFCBufFEMvq4JJHPuLXGK87qFje%2BYu7K3PKiaKsCvcjVQlaUdTyNpROmOHUMGfbU6Pe5vksuLlh"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 845589d51e9d0e2b-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 jquery.colorbox.js Show response
qooh.me/scripts/ 19 KB
6 KB 373ms
373ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qooh.me/scripts/jquery.colorbox.js
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a7119d4f8e5761d77f6e5fa97d237ba166209f37ae52514ab7cbc2c7020719b5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/kendotent1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=29920
etag: W/"5a02b0a3-74e0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fCxFkc3ru8lPZg0P%2FUPhThoMNVOsK0s%2BvLoHKdjp%2FObkGmI7Wo5U7WJKAS1aOsnCyptu6bgMdcwqOkRTIyYgiUEG9AeglYKqV5X8VWfDbKciLQfvuC8qqtHeVawQX1OOX0tr2r8n"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 845589d52ea00e2b-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 FacebookHelper.js Show response
qooh.me/js/ 4 KB
1 KB 341ms
341ms Script
application/javascript 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://qooh.me/js/FacebookHelper.js
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e0d3de97e09ca7befbaaae73167158ae334cc0117c61342b99448c0206e713ed

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/kendotent1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
content-encoding: br
cf-cache-status: REVALIDATED
cf-bgj: minify
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
server: cloudflare
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=5339
etag: W/"5a02b0a3-14db"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OEQWLoP3DRbeGTOUza6Icww0jEq90eBf9jMp%2FN4RiKmm7CrSCKG19GoijiyCemUH5Fz3emTi7QBxx0Ctf1PSIFiXCjoAqVa1EFGZ1hQDJNcQ0IZaM%2BjI5z7EWhO%2BpdwhDe1blS0K"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=86400
cf-ray: 845589d52ea10e2b-MXP
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 26 KB
11 KB 111ms
61ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f92ad8240b45989508ee2db42e8213dd8adbf8abf81b91f957c36ad625018bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10630
x-xss-protection: 0
server: cafe
etag: 15670806903534542530
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 11:28:57 GMT

GET
H3 200 photo_default.png
qooh.me/images/ 1 KB
2 KB 351ms
351ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/photo_default.png
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3fbd6dbee061c92bfef462e6c78a0596808620a1d1463d6dd713e2eecc03a418

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/kendotent1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5a02b0a3-4e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lMU5t2xa36dkch2UEV98rNKXb%2FFBx0OngWuh9GR4N73cKhvgRHV%2BYDUfSNX7S%2FENXIhUUUbzhdafWUoi2Bt3Qt3LQ0j9LIkEJjhVj6XtOyGf%2FMPWzbLHYVj8bJfLtlIdhGbzTugu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d768e30e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 1257

GET
H3 200 bodyBg.png
qooh.me/images/ 3 KB
4 KB 30ms
30ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/bodyBg.png
Requested by: Host: qooh.me
URL: https://qooh.me/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 09d950567a1f8eb1adbc9fd8e16bd3a3ea0738fc1814f53582e512eff6a50c5a

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2971
etag: "5a02b0a3-d40"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1bIBNIUFEeWRfg3pBWFlN5ikbleGK8f20zJix5MAH2wS8ysvKKmLeWGPHJM0WMTi%2Bm7ktbr4%2B3xPn4Yzay4RphWgZTA2f9KR3i3l18YiECQk%2F9nwSrAufDX3ZPdoCI%2Fz0lfl9QWS"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d779030e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 3392

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 146 KB
50 KB 89ms
89ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

064a6c76b6f262b2ef04f10bbac035cbc03da68fb3f4db53767766db68e69bf2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51183
x-xss-protection: 0
server: cafe
etag: 6062497148557570776
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 11:28:57 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 74ms
21ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 14 Jan 2024 09:49:56 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 5941
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Sun, 14 Jan 2024 11:49:56 GMT

GET
H3 200 body-bg.png
qooh.me/images/ 3 KB
4 KB 29ms
28ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/body-bg.png
Requested by: Host: qooh.me
URL: https://qooh.me/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3154c36c867d443af5ac6bf35643ec6f144bc0548e224c25e66259767d744ea5

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 5216
etag: "5a02b0a3-df3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a31i4GmgX8%2Bf%2FPwG12UNaXmYSy7I0Az1HxAk4bQTSge%2BPyA9FZrVrVAgsgEiYKpa0QZ1bJFkPoqTz6oKt2VNLbKwd1A9d%2FXxpBtHGKMQqI4FMrxMAPosZDH0RCgJT8xA2tC1wTCc"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d789430e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 3571

GET
H3 200 logo.png
qooh.me/images/ 5 KB
5 KB 33ms
32ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/logo.png
Requested by: Host: qooh.me
URL: https://qooh.me/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1ce0cba7a42c7a59d3d7ae57bfe8fe657f2de70e27a71b37c3cba1c311e865b6

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2971
etag: "5a02b0a3-136e"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9VgK9ulo2Y3tFg65EbA4afwNgC8rBO5S2PiLNIhNyjJVgnXx33FFLrqm007dRQYEU%2BojEG2RVsjb7uyjnJRd2%2BwPkzYZDkyJN%2BXsLSDzRLcb%2Bc89%2FtXsAc%2BU%2FW6DX3W4AxfWev3R"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d789450e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 4974

GET
H3 200 content-bg-repeat.png
qooh.me/images/ 133 B
591 B 347ms
347ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/content-bg-repeat.png
Requested by: Host: qooh.me
URL: https://qooh.me/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c22cef5f0feadef84070444d9a8dd634a08052ed13d5063b90f1f42bedecd84d

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: REVALIDATED
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
etag: "5a02b0a3-85"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pIpHsQ3kIpcfq9C2hBr5OIt7Bjs5fV3TEcveNNBkoiiBOGss%2FFk15Kf9pWVyXe%2BMTG4w1w6BJS%2FQOPzPmUuIAm9qsRSBqL6EjNgZOPGh8ZZGJXoQjJsyNOlx461WFAyoP4EDr%2Fwu"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d789470e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 133

GET
H3 200 button-grey.png
qooh.me/images/ 242 B
697 B 28ms
28ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/button-grey.png
Requested by: Host: qooh.me
URL: https://qooh.me/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a4814d3116db4148ebd4a5bba756f2e6bfbfa7fd6f08f6322defab1017b028ef

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 1249
etag: "5a02b0a3-f2"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gd0oX8PuCfB6PSlH3MBwejzAIKfhPbGas4PMVtI%2BppzM%2BM3fsShvIzZ6F8SX%2Fb%2FnRbl%2BDBstfdHOecCRP2ebAHJ759JUHzpj%2FQYenFxWsaYJBbq0A2A0r7kAIV3rMp3iPSvJuIWw"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d799490e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 242

GET
H3 200 sidepanel-arrow.png
qooh.me/images/ 233 B
685 B 32ms
32ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/sidepanel-arrow.png
Requested by: Host: qooh.me
URL: https://qooh.me/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d921255f132c765306f6b28b46a5700b9e45c5a9951c38ae830aa8f19f655880

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2387
etag: "5a02b0a3-e9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iF7thG9dav4ftdyNgN4zQWvfdMjQC5ZoqsA2I3Z5i1S2mbrQmWClkIvwm31QrKSfTL7YBZznIWkEV1%2F3ZT5FcFnA40YAPtXCSfFb6%2BDo9qiwVG0oQyzbW4LF5Wo%2ByGGIJuHei2P2"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d7994a0e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 233

GET
H3 200 tag-btn.png
qooh.me/images/ 758 B
1 KB 29ms
29ms Image
image/png 2a06:98c1:3121::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://qooh.me/images/tag-btn.png
Requested by: Host: qooh.me
URL: https://qooh.me/css/main.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c06851aa6041915d2767b37507e293bd9aaedbd0c6941bc28a12f175873fcd7

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/css/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
cf-cache-status: HIT
last-modified: Wed, 08 Nov 2017 07:22:11 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 2388
etag: "5a02b0a3-2f6"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBErcla%2Bp%2FQKobnqwcjbQViSdNF7QNqKwLCZ1R7PzukNzuVQqWCnz4gpRAAcuDKICbYtqVl39i%2BkKvs4roJR0goHoVkKHunHMdRbITFjP3YeCO%2BJLwb9h%2FCwbVz2uR1ZRMzx%2F4i8"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=86400
accept-ranges: bytes
cf-ray: 845589d7994c0e6d-MXP
alt-svc: h3=":443"; ma=86400
content-length: 758

GET
H2 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
197 B 29ms
28ms Image
image/gif 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1861761211&utmhn=qooh.me&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Qoohme&utmhid=1740087769&utmr=-&utmp=%2Fkendotent1&utmht=1705231737613&utmac=UA-23732945-1&utmcc=__utma%3D3998191.1344398737.1705231738.1705231738.1705231738.1%3B%2B__utmz%3D3998191.1705231738.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1425782464&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:57 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 show_ads_impl_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 402 KB
136 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

77205bdcb09aa5518870a479cc9e538df24ab11713eef6454f47781cad7c0e2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:57 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139352
x-xss-protection: 0
server: cafe
etag: 10325995774829854704
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 11:28:57 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/ Frame 5EEF 9 KB
4 KB 71ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 53325
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 20:40:12 GMT
etag: 9219409622527106327
expires: Sat, 27 Jan 2024 20:40:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rum_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/ 56 KB
22 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/rum_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0de7c1baa53cac77e11a5e964537c7b2e020c1abd1f8eda3570444527900e197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 22:45:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 45792
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 22100
x-xss-protection: 0
server: cafe
etag: 8357267284043651653
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 22:45:45 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8FB3 43 KB
17 KB 444ms
443ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737518&bpp=130&bdt=385&idt=360&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=8265698246302&rume=1&frm=20&pv=2&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=374

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f28525bd770a7f6b434460627f6dfda3b37e1861b6b5fc86d132a6e615dcd2b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17216
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 11:28:58 GMT
expires: Sun, 14 Jan 2024 11:28:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6293 710 B
577 B 275ms
275ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=600&slotname=7328249135&adk=1396144952&adf=3041635956&pi=t.ma~as.7328249135&w=160&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737521&bpp=128&bdt=388&idt=377&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1003&ady=429&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=380

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b96e1e89f33f0c7f6f32f5728fa04fb267cc86a13f35a3a83298442b429fc366

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 356
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 11:28:58 GMT
expires: Sun, 14 Jan 2024 11:28:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4881 43 KB
17 KB 441ms
440ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737522&bpp=127&bdt=389&idt=380&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ab3dd9d0603989408a5c6662219d675bf69d93a9822afab099f3f8c192b7caa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 17267
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 11:28:58 GMT
expires: Sun, 14 Jan 2024 11:28:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D062 83 KB
24 KB 483ms
483ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&adk=1812271804&adf=3025194257&lmt=1705231737&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=404x945_l%7C404x945_r&format=0x0&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&pra=7&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&aslcwct=150&asacwct=25&aslmct=0.8&asamct=0.8&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737657&bpp=1&bdt=523&idt=250&shv=r20240109&mjsv=m202401080101&ptt=9&saldr=aa&abxe=1&prev_slotnames=3666114337%2C7328249135%2C1032866731&nras=1&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=257

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f428bd0f5c94566df54eceef63989e44c66e41ce9c18b8aa24942c0328ad8434

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 24041
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 11:28:58 GMT
expires: Sun, 14 Jan 2024 11:28:58 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame 8FB3 53 KB
14 KB 98ms
30ms Script
application/x-javascript 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737518&bpp=130&bdt=385&idt=360&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=8265698246302&rume=1&frm=20&pv=2&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=374
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0e8f5c8758acebc09c4a61e849f9660dabd288a987a3e92c8050595b7b13e15f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: gzip
content-length: 13619
last-modified: Wed, 10 Jan 2024 08:55:10 GMT
server: AkamaiNetStorage
etag: "e51cdad90fc599ec1c75f4ab5c85985e:1704877617.522678"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sun, 14 Jan 2024 15:28:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8FB3 3 KB
1 KB 78ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737518&bpp=130&bdt=385&idt=360&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=8265698246302&rume=1&frm=20&pv=2&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=374

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 8FB3 20 KB
9 KB 73ms
22ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8FB3 205 KB
65 KB 199ms
131ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 11:28:58 GMT

GET
H2 200 widget.js Show response
widgets.outbrain.com/n2d/widget/ Frame 4881 53 KB
14 KB 111ms
53ms Script
application/x-javascript 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/n2d/widget/widget.js
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737522&bpp=127&bdt=389&idt=380&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 0e8f5c8758acebc09c4a61e849f9660dabd288a987a3e92c8050595b7b13e15f

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: gzip
content-length: 13619
last-modified: Wed, 10 Jan 2024 08:55:10 GMT
server: AkamaiNetStorage
etag: "e51cdad90fc599ec1c75f4ab5c85985e:1704877617.522678"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sun, 14 Jan 2024 15:28:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4881 3 KB
1 KB 83ms
43ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737522&bpp=127&bdt=389&idt=380&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame 4881 20 KB
8 KB 63ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4881 205 KB
65 KB 119ms
62ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 11:28:58 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/ 162 KB
55 KB 72ms
71ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/reactive_library_fy2021.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

470c5beb140e9110bbacd1c085f69f91dfd48bebeb68121b9d04fc99a6cd45ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56406
x-xss-protection: 0
server: cafe
etag: 28618469722007822
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 11:28:58 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 8FB3 990 B
1 KB 28ms
27ms Image
image/svg+xml 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737518&bpp=130&bdt=385&idt=360&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=8265698246302&rume=1&frm=20&pv=2&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=374
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 13 Feb 2024 11:28:58 GMT
date: Sun, 14 Jan 2024 11:28:58 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC5426LWPP3V27I2ULXTUWQCNXASOIAXUIJPWS2I7INBOKLR7BMPRLRQANODCHBHBWLHGMXJYO5D3GQVYPNWOG75HCJWSJOWLL6XZGHTDRYNEYD6OYQ35ZEQBG7H5GCO3LSTYBAIX56NNXVTSZ6HOV... Frame 8FB3 26 B
151 B 97ms
31ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC5426LWPP3V27I2ULXTUWQCNXASOIAXUIJPWS2I7INBOKLR7BMPRLRQANODCHBHBWLHGMXJYO5D3GQVYPNWOG75HCJWSJOWLL6XZGHTDRYNEYD6OYQ35ZEQBG7H5GCO3LSTYBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NEP4ZDG7REX544SPBB46WNBCNDQJF7VNTMFMZCQVQWEVMEZGPNB2SHHPH33FGGGKFSZ376IXCJ3TB3UCWI2B7HT7X5VI3YBGPCIQGVPU4Z2CR63D5QKGHXMNKCEEHLRCWJ4USHLQPULIZWIKBVD3MCWPYA3NCTOSSH6A4W3R4M3W6HN6QOET3ID2CVN33OQVDA/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737518&bpp=130&bdt=385&idt=360&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=8265698246302&rume=1&frm=20&pv=2&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=374
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 11:28:58 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 61a2690855dd92e18654f0c72d187f4dcc.jpg
zem.outbrainimg.com/p/srv/sha/da/01/64/ Frame 8FB3 10 KB
10 KB 80ms
23ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/da/01/64/61a2690855dd92e18654f0c72d187f4dcc.jpg?fit=crop&crop=center&w=180&h=90&fm=jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

91bc5e8a105645881fb41b7f6fff8539ef7381aca91b111314bca39af30db759

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 3736675
x-cache: HIT, HIT, HIT
x-imgix-id: c5af6a4f3290a72c170d254eaf85a687be069bb6
cross-origin-resource-policy: cross-origin
content-length: 10220
x-served-by: cache-sjc1000137-SJC, cache-fra-etou8220037-FRA, cache-fra-etou8220105-FRA
x-imgix-render-farm: 01.140328
last-modified: Sat, 02 Dec 2023 05:31:04 GMT
server: imgix
x-timer: S1705231739.519709,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 188

GET
DATA 200
OK truncated
/ Frame 8FB3 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 93c4755dfc75877e5e8f1811d9fbf81f66afc43f831a7a98eef20a5181b7653c

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ Frame 4881 990 B
1 KB 28ms
27ms Image
image/svg+xml 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

expires: Tue, 13 Feb 2024 11:28:58 GMT
date: Sun, 14 Jan 2024 11:28:58 GMT
last-modified: Tue, 05 Dec 2023 07:28:21 GMT
server: AkamaiNetStorage
etag: "5ab8e16b5f46213840bcd403e349419c:1701762077.100249"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 990
access-control-request-headers: X-OB-STG,X-OB-PRD

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC542I52X2XSJK4T7PXTUWQCNXASOIAHK7RWGOBZYOKHZOA57KRQZNMCOZI75PUTY2PHLFZWI45AQF5TBDYN4K2L5Z3EVBFT5VLFB7G73J4L6Z4J7BL733I6UNNZTJOBFXUY4BAIX56NNXVTSZ6HOV... Frame 4881 26 B
151 B 94ms
32ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC542I52X2XSJK4T7PXTUWQCNXASOIAHK7RWGOBZYOKHZOA57KRQZNMCOZI75PUTY2PHLFZWI45AQF5TBDYN4K2L5Z3EVBFT5VLFB7G73J4L6Z4J7BL733I6UNNZTJOBFXUY4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NACA73CSYGCR23ORA3G6LOCVFFFQFTKEFH4QVMXT36KNZEJ4S3LZKH5OTGUBJQCOKVZ2E2WRUP4HRTGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJE3PCL4X3M5NKP5CH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6AVZN7Q6EQFOBJ4Q/?
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737522&bpp=127&bdt=389&idt=380&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 11:28:58 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 6a4aed7f7d2ac843e3134ae1ad9a31f124.png
zem.outbrainimg.com/p/srv/sha/b2/09/07/ Frame 4881 8 KB
8 KB 46ms
25ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/b2/09/07/6a4aed7f7d2ac843e3134ae1ad9a31f124.png?fit=crop&crop=edges&thomcrop&w=180&h=90&fm=jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

beccd9a0f0499a1355ae0d47915240d1261427829f350a026775c09e9fd719c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 750114
x-cache: MISS, MISS, HIT
x-imgix-id: cfd3ec5c742cec9154064b56306563670c0f594e
cross-origin-resource-policy: cross-origin
content-length: 7773
x-served-by: cache-sjc1000101-SJC, cache-fra-etou8220038-FRA, cache-fra-etou8220105-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 05 Jan 2024 19:07:04 GMT
server: imgix
x-timer: S1705231739.519916,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10

GET
DATA 200
OK truncated
/ Frame 4881 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f5a0e72ced143fba78e93d5ff8e97825e4abb5f8cdb71062020ea3cdceeb0313

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/ Frame B772 9 KB
4 KB 21ms
21ms Document
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

age: 39587
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4173
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 00:29:11 GMT
etag: 9219409622527106327
expires: Sun, 28 Jan 2024 00:29:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 viewability-pixel.js Show response
widgets.outbrain.com/viewability-pixel/ Frame C1DF 4 KB
2 KB 28ms
28ms Script
application/x-javascript 2.19.85.55
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.85.55 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-85-55.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-request-headers: X-OB-STG,X-OB-PRD
date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: gzip
content-length: 1594
last-modified: Tue, 26 Sep 2023 12:16:31 GMT
server: AkamaiNetStorage
etag: "706f86c4827fab44c1c97efcf7add178:1695730691.134216"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
expires: Sun, 14 Jan 2024 15:28:58 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C1DF 3 KB
1 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/window_focus_fy2021.js

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68956
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 16:19:42 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/ Frame C1DF 20 KB
8 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 19:20:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58127
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 27 Jan 2024 19:20:11 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame C1DF 205 KB
65 KB 127ms
126ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66227
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1704891455226136"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 14 Jan 2024 11:28:58 GMT

GET
H2 200 81466f84c26c86d2fcdea514024cefd413.jpg
zem.outbrainimg.com/p/srv/sha/fd/fb/17/ Frame C1DF 22 KB
22 KB 23ms
23ms Image
image/jpeg 146.75.122.132
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://zem.outbrainimg.com/p/srv/sha/fd/fb/17/81466f84c26c86d2fcdea514024cefd413.jpg?w=160&h=600&fit=crop&crop=optimized&q=45

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

146.75.122.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

30b3f67a0971aa7d2464d3c388d0c7c7f505c71740141687d5d3c13e65d093fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
via: 1.1 varnish
x-content-type-options: nosniff
age: 490399
x-cache: HIT, MISS, HIT
x-imgix-id: c14decb2ce99f62c581548c0de29fb4014803c43
cross-origin-resource-policy: cross-origin
content-length: 22794
x-served-by: cache-sjc10040-SJC, cache-fra-eddf8230133-FRA, cache-fra-etou8220105-FRA
x-imgix-render-farm: 01.140328
last-modified: Mon, 08 Jan 2024 19:15:38 GMT
server: imgix
x-timer: S1705231739.570128,VS0,VE0
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 2

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4881 0
23 B 64ms
64ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAOtoesWjZZIbjNjktw-pp4TAAtesnIJuyur8vP0QwI23ARABIABg9QWCARdjYS1wdWItMTA0NjEwODM2MjQzNjUwNsgBCagDAcgDAqoE2gFP0MCooUWCOnXXibUEj9F3yzTm6J3q3krQxCaLyj_EIzo4IHtI-TciT2ea4kJ8FNilcN_wAFQv7fUoaRRZ1omSbZr_5hkxMauMk-2GEx47Jn8UqATo1ZnK7R5IjGUoRkdKjoeRmGQ6ztCut0S41xucOgI3wYUBgHC10gQNN1Qz-IJaxCVPm3UWh2IEa-xiBlgxSVbZS-JGRTjpnC7j5AStEGlIVw7IZ7vs3Gq5NQwYWgwBhkjAqE6GJfnWTbXWaEr4QrQc8tj6TRjodHKBBDinbyc5s9WZMZQTPoAG94Xl-IydkJiWAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOligh_-f49yDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMDQ2MTA4MzYyNDM2NTA2GAA&sigh=qcQvFdi8RUU&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_HiHrT9KFyDS27iJETI_SleaZ2emLkABsGynmvR5wjhNA0yw2TIyIse5jEdKVFO1IDe9PYIWe3aFPeolCl9ze5YNi5oLDhUlbukcYAQ&cbvp=2&vis=1

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=1032866731&adk=783448745&adf=417859931&pi=t.ma~as.1032866731&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737522&bpp=127&bdt=389&idt=380&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&prev_slotnames=3666114337%2C7328249135&correlator=8265698246302&rume=1&frm=20&pv=1&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=1107&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=383
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 14 Jan 2024 11:28:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Jan 2024 11:28:58 GMT

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/1b9f4815-b2d0-11ee-800b-4ccbd57ac73f/ZaPFegAADZIA-SwMAAETqRZ6SfsDWvux3L2hiQ/JHPXTLSESHAQKQ6KZY3M24ELHXCK6SXKOLWR2FX2Y3ZVLPQREYGVLMBQVHKYLXUTUIPPQS3... Frame 4881 0
99 B 92ms
31ms Image
text/plain 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/1b9f4815-b2d0-11ee-800b-4ccbd57ac73f/ZaPFegAADZIA-SwMAAETqRZ6SfsDWvux3L2hiQ/JHPXTLSESHAQKQ6KZY3M24ELHXCK6SXKOLWR2FX2Y3ZVLPQREYGVLMBQVHKYLXUTUIPPQS3H57AOY6TICXWGMDAYHB7BO2WGK5BOH7RANNVU7CCVCDB55HN7PUXZS2BSVXN3VCPG2BIZM2PTODUAKZOQ4QIGHZRTX2HGWRVBKJKW3DKZSYYLUI3VMJRY5RRBK7SP4XNKKO3FITZZ24YZIBUUDOFYMYK5UTQ3SMYTGZC7JUPS54KFPI4X4WZ2LRIDOBHAGBPGLNOPCZFW2YC4MBHYUEZ5N5DJL6YRW3NR64FOGPIYP5FIP6RJUFO55QILUCZ4FQSBJN7YKGLY7VCUCQZ7LI7L5HGAMBXB2UONMNMKKBON7P7MDWG5Z4LIVONPEKOMUG53EVD6PLUINQIEVXJJARIOP4JF3QTIDJIFMJ2JEL2Z5W3ZJ6KOHBZEHPEEXFLYSZ7XWB32M4ZQL7VYMG3WMY27AWGZMJP4KUXBBDJ2JVJCG4PFG4D5WLAT23GNWQC4VWHJGAJCLOXJNGYCKKLR6U/?amtw=&cbvp=2
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 14 Jan 2024 11:28:58 GMT
Content-Length: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 4881 65 KB
24 KB 79ms
22ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1465
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24615
x-xss-protection: 0
server: cafe
etag: 10902498161188913397
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 12:04:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 8FB3 0
23 B 66ms
65ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CxE4hecWjZZSvPJ3X5LcP9byL4A7XrJyCbsrq_Lz9EMCNtwEQASAAYPUFggEXY2EtcHViLTEwNDYxMDgzNjI0MzY1MDbIAQmoAwHIAwKqBNoBT9BIHLX0kYFZlvGNjWOqyI0xSOaEVXPj0Zb92Dcn6MvuBqwBHYJtfTial4k4KnKe9GSl8Q-aqZtmCBHAl4evbbdRBznc5Yfgqwom8meSYH4BsbcQbmEM6VxygBlt0zKkfs4tLlEmz2_VJ014XZLlZbTdk20mUF-u-QRlRoa-WrIWHX07LeyiC4RHC6X46OrzQkpjrwPnFpDcYBcBAwegVLwx30Y1NG80g-7FvSTGdEJYz23gbvuNLK7tBOFeNJGh7ThabVUpLFuQd4lWKQWTSOqYjV8jSa_GCRmABsWc98Dw7rPrvAGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIBhEAEyAooCOgSAQIBASL39wTpY7aX-n-PcgwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMTA0NjEwODM2MjQzNjUwNhgA&sigh=ifhjZZ1TFkg&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_m_zLbvDEY45GClt_kxQjHk-l9QHGctYH_IusNyBpSZFunIT4G7mUCR1QFvDNG6IA3vT7c-sBk1X7vs6fxzf_EKVpkbQQxIXa-uwYAQ&cbvp=2&vis=1

Requested by

Host: qooh.me
URL: https://qooh.me/kendotent1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1046108362436506&output=html&h=90&slotname=3666114337&adk=1608794313&adf=532506735&pi=t.ma~as.3666114337&w=728&lmt=1705231737&url=https%3A%2F%2Fqooh.me%2Fkendotent1&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1705231737518&bpp=130&bdt=385&idt=360&shv=r20240109&mjsv=m202401080101&ptt=5&saldr=sd&abxe=1&correlator=8265698246302&rume=1&frm=20&pv=2&ga_vid=1853367805.1705231738&ga_sid=1705231738&ga_hid=1740087769&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=120&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C95320889%2C31061691%2C31061693&oid=2&pvsid=4458737761665948&tmod=1944682697&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=374
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 14 Jan 2024 11:28:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 14 Jan 2024 11:28:58 GMT

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/1b9cc538-b2d0-11ee-bf2d-8826e02d6a8a/ZaPFeQAPF5QA-SudAALedWb5FqB3Y4JJWF14gg/CN6EVOSJCU66QH74LDS646BUJJX6KVTGXCWRHTX2Y3ZVLPQREYG3G7OXZZW6LR3BHB7ZX2N... Frame 8FB3 0
99 B 90ms
31ms Image
text/plain 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/1b9cc538-b2d0-11ee-bf2d-8826e02d6a8a/ZaPFeQAPF5QA-SudAALedWb5FqB3Y4JJWF14gg/CN6EVOSJCU66QH74LDS646BUJJX6KVTGXCWRHTX2Y3ZVLPQREYG3G7OXZZW6LR3BHB7ZX2NYTR37DM532QMFCYCXL27NWBGDYGD3LTUUND6YSTCKEQ5H6RDU4K4YNXJLBZ5LXSDXZOT67D3BRXNP2FBAF5HVSPFGH5RKBJNIQPFDA6ADZ66EOK7VLEZLE6BSQDV3BQ6BKMUTLGEYHRGCVZZ4V2VZQMHO5PT2JXBX3VEO7M7MH7RQU3MLQML7RK6KOX4ZMPDZ3JZ6YNJSVHCDJGR567FRJVF24M5LDMB3PAFZDAO7CDAHTPPSAEIKDIUCQ3QLBUZ4KG5CH4PF5X3RCMXLXRPFV4ADI25HPAQCSBM25TQ65BKIO2224FDVP2FG3LZT5VELOVORZ3A2I27OS2DTIVRPFGEER3VX75JDRMAQZZ2EC4IHKQF5MALKRQJ242VRYV362F56FK2NYEFN4QK5I62QXSNFSTXKDPVSM7YNV43JLPD7LPWUY46F4RR7UN2AIGG4OGOYV5KYTWZZ2NMLLQ/?amtw=&cbvp=2
Requested by: Host: qooh.me
URL: https://qooh.me/kendotent1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 14 Jan 2024 11:28:58 GMT
Content-Length: 0

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame 8FB3 65 KB
24 KB 72ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1465
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24615
x-xss-protection: 0
server: cafe
etag: 10902498161188913397
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 12:04:33 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 4881 0
45 B 176ms
54ms Ping
image/gif 2a00:1450:4010:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrdey6gl&chm=1&ctx=2&gqid=ecWjZeu6OJ2JwuIP6KW54A0&qqid=CJLAg6Dj3IMDFQws-QAdqRMBKA&met.4=fb.ci~lb.fw~ol.im~bdt.-lh~bpp.-75~idt.-4~dtd.-1~dt.-ao&met.3=492.ck~492.ck~113.lg_1~112.lf_2&met.1=1.lrdey5v6~6.0~7.0~8.0~9.0~10.0~12.0~13.c9~14.ch~15.cb~16.ia~17.ib~18.ib~19.ih~20.ih~21.il~22.gs~23.gs&met.7=CAUQCBgBMMEDOJ4FaAFwuQN4n4kBgAHzhgGIAaDXArABAbgBAw~CBsQCiDBAzh2~CBwQChgBIMIDKMIDMIUEOENo6gNwgQR42ESAAaxCiAHUoQGwAQG4AQM~CB4QChgBIMIDKMIDMJUEOFRo6gNwlQR4gAyAAdQJiAGBFbABAbgBAw~CCoQChgBIMIDKMIDMOQEOKIBUMYDWPsDYN4DaPsDcLkEeN-HBIABs4UEiAGS5wywAQG4AQM~CBsQBiC6BDgc~CBsQBiC6BDhf~CBsQAiDJBDgw~CCEQBhgBIJ0FKJ0FMN8FOEJongVw3gV4rAKwAQG4AQM~CBsQBiCeBThc~CCgQChgBIJ4FKJ4FMIIGOGRQpgVY1wVguwVo1wVw7QV408IBgAGnwAGIAcyEBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c01::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 8FB3 0
225 B 166ms
54ms Ping
image/gif 2a00:1450:4010:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrdey6gw&chm=1&ctx=2&gqid=ecWjZYvcN7iJwuIPiOeMeA&qqid=CNTPgqDj3IMDFZ0r-QAddd4C7A&met.4=fb.cl~lb.fp~ol.jo~bdt.-l4~bpp.-6t~idt.-f~dtd.-1~dt.-af&met.3=492.cm_1~492.cn~113.m4~112.m3_1&met.1=1.lrdey5ut~6.0~7.0~8.0~9.0~10.0~12.1~13.cc~14.cj~15.ce~16.jm~17.jm~18.jm~19.jm~20.jm~21.jo~22.fp~23.fp&met.7=CAUQCBgBMMMDOMQFaAFwvAN47IgBgAHAhgGIAcTXArABAbgBAw~CBsQCiDEAzhn~CBwQChgBIMQDKMQDMI4EOEpQxQNY9gNg2QNo9gNwjQR42ESAAaxCiAHUoQGwAQG4AQM~CB4QChgBIMQDKMQDMKEEOF1o9gNwkgR4gAyAAdQJiAGBFbABAbgBAw~CCoQChgBIMQDKMQDMLAFOOwBaIgEcIsFeN-HBIABs4UEiAGS5wywAQG4AQM~CBsQBiCwBDgc~CBsQBiCxBDhi~CBsQAiCyBDhS~CCEQBhgBIMQFKMQFMIcGOENoxQVwhgZ4rAKwAQG4AQM~CCgQChgBIMYFKMYFMJkGOFNo5AVwjgZ408IBgAGnwAGIAcyEBLABAbgBAw
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c01::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 116ms
72ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240109&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

59167352b1c2399a1552bf5e3b3459010625de1511a82cf84276e8328f09fb57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12249
x-xss-protection: 0

GET
H/1.1 200
OK /
b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC542AYJU3MN4676HDXTUWQCNXASOICVRYG3WI4NVC3EEWDTR3Y746VWQI2BM4D7YIWHQFN3HBA6RJ5VIMX6745FNSDATVQBTRRCINJLDGTG4N2LVAWBS5QTAZH5AVCI2KZ2GBAIX56NNXVTSZ6HOV... Frame C1DF 26 B
151 B 30ms
30ms Image
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1t-eudc1.zemanta.com/t/imp/impression/6WC6C2BNMC542AYJU3MN4676HDXTUWQCNXASOICVRYG3WI4NVC3EEWDTR3Y746VWQI2BM4D7YIWHQFN3HBA6RJ5VIMX6745FNSDATVQBTRRCINJLDGTG4N2LVAWBS5QTAZH5AVCI2KZ2GBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NLGWFCC5OCBM4WGOD6F3VA4ZUEXT6BLZWPVCW56R7ZE3JE3ZUAYKKH5OTGUBJQCOKR4SGRWLPTK3EPGXRUHVET6LSZ3CQVVU3PRTYIBDGEBBWJDCHWM7VWZJS73FX5PDFYWFMGVOLB6ZLCYLLEGAEHZXIDXQ46DSYHWCDMKMC6Q2VEPYONDQ4RA7XMT4HPGJRQ/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Sun, 14 Jan 2024 11:28:58 GMT
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

GET
H2 200 show_pla
obs.cheqzone.com/ Frame C1DF 3 KB
3 KB 467ms
245ms Image
image/gif 2600:1f18:e8a:cd06:e361:a2ce:b047:17c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/show_pla?id=93700&ch=%7B%22tag_id%22%3A%221812271804%22%2C%22page_url%22%3A%22https%3A%2F%2Fqooh.me%2Fkendotent1%22%2C%22z_pub_id%22%3A%22qooh.me%22%2C%22z_ad_id%22%3A%22158342657%22%2C%22ob_publ_id%22%3A%220%22%2C%22ob_ad_id%22%3A%220%22%2C%22ssp%22%3A%22googleadx_display%22%7D
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd06:e361:a2ce:b047:17c Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 14 Jan 2024 11:28:59 GMT
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 1685
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame C1DF 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4b5eaf519344946b2a1d9d35d55a13426815b7d244d3aa831373723e538846f

Request headers

accept-language: de-CH,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rum.js Show response
securepubads.g.doubleclick.net/pagead/js/ Frame C1DF 65 KB
24 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/js/rum.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:04:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1465
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24615
x-xss-protection: 0
server: cafe
etag: 10902498161188913397
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600
timing-allow-origin: *
expires: Sun, 14 Jan 2024 12:04:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame C1DF 0
19 B 64ms
64ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CzYgZesWjZbN4vIDktw_E-q3IBNesnIJuyur8vP0QwI23ARABIABg9QWCARdjYS1wdWItMTA0NjEwODM2MjQzNjUwNsgBCagDAcgDAqoE2wFP0F5kBSdWXLFYgTryTinPMZwuywfOqCQujTOD3dVXbscjzTwdnj2Dw6Wh5tyg3uV88242QaW7UgAYGDIMpa8BDnEkRZqzcggihmrd30XIwYjAElmUqZaPviijEvSfyXw_GnPxZ67zDIctdeLv7Di32FDK9P0vkp0uGBPK1iX63sdMHN1JCa2J497ObqJtsn9PhIbSEdDP3E8ipBgPjzotPWPs_usczZ7ZtfT_2rgRu1nuV85u_3hs4o-8jg2GdnwbZitsycQWcWyvbE5QtRpvsdnWILYyUE3lDQuABp7NiM_T_Nz6S6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgGEQATICigI6BIBAgEBIvf3BOljx2_-f49yDA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0xMDQ2MTA4MzYyNDM2NTA2GAA&sigh=KV-taOX0eUE&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_odTlByK3DEQxUuemVFQC5I75d1WsxCqpQ0tUgm-jHrpQFNfNn40Q18kK32vfgRpDAqb11qXC5sLsGWn_pNbuqbCIaEt-mTn3tJkYAQ&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240109/r20110914/zrt_lookup_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 14 Jan 2024 11:28:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK /
b1-eudc1.zemanta.com/bidder/win/googleadx_display/1ba06181-b2d0-11ee-805f-6d2d69be0630/ZaPFegAAPDMA-QA8AAt9RNLsPmcTYrbmWmsspA/6BFE7FQ2EAC4FD523HXZT6MIZDQ5UFPIVOREOKH2Y3ZVLPQREYGX7AFYIDMPEY3JE7H27L6... Frame C1DF 0
99 B 32ms
31ms Image
text/plain 213.227.153.223
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b1-eudc1.zemanta.com/bidder/win/googleadx_display/1ba06181-b2d0-11ee-805f-6d2d69be0630/ZaPFegAAPDMA-QA8AAt9RNLsPmcTYrbmWmsspA/6BFE7FQ2EAC4FD523HXZT6MIZDQ5UFPIVOREOKH2Y3ZVLPQREYGX7AFYIDMPEY3JE7H27L66CJVNERAMSOINGCKSJ3TDOOHOORTZWFSOOUKXDK4PHXGWEU3M2B2BD7CJJ23C7HQDNYYD7YTWJ4S3DLODHGJKGJMUMN7IZJ25PLWELMUV6PN3UI3VMJRY5RRBK7SP4XNKKO3FITZZ24YZIBUUDOFYMYK5UTQ3SMYTGZC7JUPS54KHR3QM54YZ6H2HP7WDTJSFB5JDNI2ZWAS7JGCWY32P2B2BVCHBAJ2GZNQE2OLDPYRSS5MZN2TCFTNK3PEUELUYN6NPWM745Z4BAJA7LZVHZMY37Z2CSROCG6ZDRN3MGUU4Z22TOYZCDTKMYJNFCPPDA5QQ5CKKRXEMQNWKW53ADQQ5CWN7CSXMB5NDWRXP75DGTRFFUHIYWXUBM64VYDIPKEDVLAAMCAEBY6L5MUE65ZFG2SODIR45D564AMQCHRHMCUPL2U247DKYUH75KBIND3EXXK6VF7LWUY2WTY/?amtw=&cbvp=2
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.223 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Connection: keep-alive
Date: Sun, 14 Jan 2024 11:28:58 GMT
Content-Length: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C1DF 0
45 B 80ms
55ms Ping
image/gif 2a00:1450:4010:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&puid=1~lrdey6jb&chm=1&ctx=2&gqid=ecWjZZWHOf6LwuIPmoSXiAY&qqid=CLOdhKDj3IMDFTwA-QAdRH0LSQ&met.4=fb.6~lb.1f~ol.58~bdt.-13e~bpp.-ou~idt.-hx~dtd.-hq~dt.-ov&met.3=492.8_1~492.8~494.5f~113.68_1~113.68~112.67_1&met.1=1.lrdey6d4~14.1~15.0~16.1~17.1~18.1~19.1~20.1~21.1~1.lrdey6br~6.0~7.1~8.1~9.1~10.1~11.1~12.1~13.m~14.n~15.13~16.1r~17.1r~18.1r~19.6l~20.6l~21.6l&met.7=CCgQCBgBMAE4AQ~CBsQCiAJOB0~CB4QChgBIAkoCTAjOBpoCnAieIAMgAHUCYgBgRWwAQG4AQM~CBwQChgBIAkoCTAiOBloCnAfeNhEgAGsQogB1KEBsAEBuAED~CCoQChgBIAkoCTCuATilAWgKcIgBeN-HBIABs4UEiAGS5wywAQG4AQM~CBsQBiAKOB4~CBsQAiC9ATgf~CCgQChgBIMEBKMEBMN0BOBxowQFw1gF408IBgAGnwAGIAcyEBLABAbgBAw~CCgQCBgBMBc47AFoAXAWePkigAHNIIgBwEegAc___________wGwAQG4AQM
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/js/rum.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c01::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:58 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401080101/show_ads_impl_fy2021.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 14 Jan 2024 11:28:58 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 433D 13 KB
5 KB 22ms
21ms Document
text/html 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

accept-ranges: bytes
age: 54856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 13 Jan 2024 20:14:42 GMT
expires: Sun, 12 Jan 2025 20:14:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4362 829 B
1 KB 81ms
31ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

eb9762ded811468609d1269031480b6a60570a99dbc54efea9d050e6af495f20

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-H9sKY0NKQklajW_hE7Ezag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://qooh.me/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept-language: de-CH,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-H9sKY0NKQklajW_hE7Ezag' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 14 Jan 2024 11:28:59 GMT
expires: Sun, 14 Jan 2024 11:28:59 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js Show response
pagead2.googlesyndication.com/bg/ Frame 433D 39 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/MCFrRHZE15CKjvM6RLwmjguI7mqh03m56A7oA9GJNi8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Jan 2024 16:19:44 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68954
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15229
x-xss-protection: 0
last-modified: Wed, 03 Jan 2024 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jan 2025 16:19:44 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4362 0
0 55ms
55ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240109&jk=4458737761665948&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 433D 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-jDyvg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Jan 2024 11:28:59 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC5426LWPP3V27I2ULXTUWQCNXASOIAXUIJPWS2I7INBOKLR7BMPRLRQANODCHBHBWLHGMXJYO5D3GQVYPNWOG75HCJWSJOWLL6XZGHTDRYNEYD6OYQ35ZEQBG7H5GCO3LSTYBAIX56NNXVTSZ6HOVWAHYFI... Frame 8FB3 26 B
257 B 32ms
32ms Fetch
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC5426LWPP3V27I2ULXTUWQCNXASOIAXUIJPWS2I7INBOKLR7BMPRLRQANODCHBHBWLHGMXJYO5D3GQVYPNWOG75HCJWSJOWLL6XZGHTDRYNEYD6OYQ35ZEQBG7H5GCO3LSTYBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NEP4ZDG7REX544SPBB46WNBCNDQJF7VNTMFMZCQVQWEVMEZGPNB2SHHPH33FGGGKFSZ376IXCJ3TB3UCWI2B7HT7X5VI3YBGPCIQGVPU4Z2CR63D5QKGHXMNKCEEHLRCWJ4USHLQPULIZWIKBVD3MCWPYA3NCTOSSH6A4W3R4M3W6HN6QOET3ID2CVN33OQVDA/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 14 Jan 2024 11:28:59 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC5426LWPP3V27I2ULXTUWQCNXASOIAXUIJPWS2I7INBOKLR7BMPRLRQANODCHBHBWLHGMXJYO5D3GQVYPNWOG75HCJWSJOWLL6XZGHTDRYNEYD6OYQ35ZEQBG7H5GCO3LSTYBAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 357ms
297ms Preflight 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC5426LWPP3V27I2ULXTUWQCNXASOIAXUIJPWS2I7INBOKLR7BMPRLRQANODCHBHBWLHGMXJYO5D3GQVYPNWOG75HCJWSJOWLL6XZGHTDRYNEYD6OYQ35ZEQBG7H5GCO3LSTYBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NEP4ZDG7REX544SPBB46WNBCNDQJF7VNTMFMZCQVQWEVMEZGPNB2SHHPH33FGGGKFSZ376IXCJ3TB3UCWI2B7HT7X5VI3YBGPCIQGVPU4Z2CR63D5QKGHXMNKCEEHLRCWJ4USHLQPULIZWIKBVD3MCWPYA3NCTOSSH6A4W3R4M3W6HN6QOET3ID2CVN33OQVDA/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Sun, 14 Jan 2024 11:28:59 GMT

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542I52X2XSJK4T7PXTUWQCNXASOIAHK7RWGOBZYOKHZOA57KRQZNMCOZI75PUTY2PHLFZWI45AQF5TBDYN4K2L5Z3EVBFT5VLFB7G73J4L6Z4J7BL733I6UNNZTJOBFXUY4BAIX56NNXVTSZ6HOVWAHYFI... Frame 4881 26 B
257 B 31ms
31ms Fetch
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542I52X2XSJK4T7PXTUWQCNXASOIAHK7RWGOBZYOKHZOA57KRQZNMCOZI75PUTY2PHLFZWI45AQF5TBDYN4K2L5Z3EVBFT5VLFB7G73J4L6Z4J7BL733I6UNNZTJOBFXUY4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NACA73CSYGCR23ORA3G6LOCVFFFQFTKEFH4QVMXT36KNZEJ4S3LZKH5OTGUBJQCOKVZ2E2WRUP4HRTGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJE3PCL4X3M5NKP5CH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6AVZN7Q6EQFOBJ4Q/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/n2d/widget/widget.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 14 Jan 2024 11:28:59 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542I52X2XSJK4T7PXTUWQCNXASOIAHK7RWGOBZYOKHZOA57KRQZNMCOZI75PUTY2PHLFZWI45AQF5TBDYN4K2L5Z3EVBFT5VLFB7G73J4L6Z4J7BL733I6UNNZTJOBFXUY4BAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 91ms
30ms Preflight 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542I52X2XSJK4T7PXTUWQCNXASOIAHK7RWGOBZYOKHZOA57KRQZNMCOZI75PUTY2PHLFZWI45AQF5TBDYN4K2L5Z3EVBFT5VLFB7G73J4L6Z4J7BL733I6UNNZTJOBFXUY4BAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NACA73CSYGCR23ORA3G6LOCVFFFQFTKEFH4QVMXT36KNZEJ4S3LZKH5OTGUBJQCOKVZ2E2WRUP4HRTGXRUHVET6LSZ3IKYCJ76C6C5DRCWOCUN2NWN4NC5GBUTP2Z6LJE3PCL4X3M5NKP5CH3X2IQQGVWB4MDWCRXO75GSMMKOF6YDMY3H6AVZN7Q6EQFOBJ4Q/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Sun, 14 Jan 2024 11:28:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4881 42 B
64 B 61ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuyUsFZ-6jntOSuPwU5ppif6_EF6mFTTmoU_shRG4DDoQ2iLsrcKGqqz4FsF7vqOmdJtsYSrB5h8WmVSlJeCgF2YV4woyzROuLKgU0kPAOXYPE9CwtwEu0C&sig=Cg0ArKJSzKvoT2VwHkOFEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=783448745&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705231737906&rpt=666&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 60ms
60ms Image
text/html 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240109&jk=4458737761665948&bg=!3t2l3ZLNAAaumcC-jpk7ADQBe5WfOEVKhwCqpz8mGuyWLX4XDVl4lzUz1LfxwV1XtmHCAuBfsDDIFvuxlT8bmKLw7LgVAgAAAEFSAAAAAmgBBwoAnt8WfrkMUSORgE7AurqA0HNS6w-9Q35GeQwo3fczsVKtGBXV4WL4nyCnU2o6I1bMVd1mNH4sADvI6VYBi2e_TzrktfPwdMz0GhP2nItPRz2Afsz1kcs7txXegPd8sACutm94U83nUfddQremOYhY3qoyeTdcoMfloyEVFhsZ1hvH4nGml5BRNTzCCOleaSNwkDZRkv6eQVTroFE584BBmQKtnVAEUGDYI-021KM3QvNXNiY_tTmEOuC9Nv8VHnj9uKSSqDRZ-YFGDFGOha8Hf7q0_7dOnvS8Th8f5apdtpkeFWeL5GFYcYd4AlTyZKSdw3iM0N4Et3-1SWvjsx3oRDxJBv2TSocJct6UUNuLy7mwPDTL1yIVhwXuOz6O03tLPoTfkfiyBLPahUMZObDVYeIGlg97kEokxj5iNiU8kffE6kv9TrQ_w7V4gVwWdsytgbYzcIB0a9GQ8XEIFRKTng5INCrlnESyh3oXf60a7SqHufbZhO_ptPY0wR8Wo0hKiIFucu8YfD9ioQwGhJozvbC-KpAUh35LgdfPuJ_KzixgJnU1lE_7tDaQ4hyvdlih4JKVFBsQoLWTNjDNchXwZexzXTsRGg5lCvyd-1Xs-2ENihAaJyKam9q-rNC_7t6AQ5f2DzzN6NF8GHq8BrlbKVPLfNx5jTk_MCw-k-qNug4G16OmwxxZ7DDbQuVK1Sw1WoXxHv8y0l_jEZ1PK9PLwIvEi-L6Q-GS-cFSA2LJRjqc8U2iQi1CtW2FDbR9btoCe5mKU64TI4uqdYrbeYLMJvHjn8x0gZJBkSCaNQgxga3RifHs_GoTWfbIg60wGADSGQUbLZmKFwxOKqOHIbVMBapjxnMgf_2RVR17uRTSTVAJYT8zcpxNMysfzCajhZNNCdQJ0ASlzpGdlHFgWy86V2nofQiruYWreVfueaDb0bmweCz08Y24gBkeSVaw_KWeHJ9EqUH23gM-Q-kNv25vRC2T9Ixi0ZQQv6gxYY179lFLU7Aw4Cg-9VwNToMBxAD6t_DVGezyQiPwJyVx7BhG7zdjgJn_0VShL-YsV6hNpG_azyA2GTKvgGsU5G_Li-KxxWvciSjWizgFZibU0S7M9y-ytQFJ5Bx8coekcZC_LQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8FB3 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvPZmj_W7J2Er5ycypBReZczDl8whb-YK6B2AymKxtRZWw177lo44UTUODy2EVPCTwJdJObduP2MQOTi2bRKTL6shmsBwmilQ930JE9TcfLm2ra-eZQgS5C&sig=Cg0ArKJSzKquq9kYFVVuEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1608794313&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705231737893&rpt=707&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542AYJU3MN4676HDXTUWQCNXASOICVRYG3WI4NVC3EEWDTR3Y746VWQI2BM4D7YIWHQFN3HBA6RJ5VIMX6745FNSDATVQBTRRCINJLDGTG4N2LVAWBS5QTAZH5AVCI2KZ2GBAIX56NNXVTSZ6HOVWAHYFI... Frame C1DF 26 B
257 B 29ms
29ms Fetch
image/gif 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542AYJU3MN4676HDXTUWQCNXASOICVRYG3WI4NVC3EEWDTR3Y746VWQI2BM4D7YIWHQFN3HBA6RJ5VIMX6745FNSDATVQBTRRCINJLDGTG4N2LVAWBS5QTAZH5AVCI2KZ2GBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NLGWFCC5OCBM4WGOD6F3VA4ZUEXT6BLZWPVCW56R7ZE3JE3ZUAYKKH5OTGUBJQCOKR4SGRWLPTK3EPGXRUHVET6LSZ3CQVVU3PRTYIBDGEBBWJDCHWM7VWZJS73FX5PDFYWFMGVOLB6ZLCYLLEGAEHZXIDXQ46DSYHWCDMKMC6Q2VEPYONDQ4RA7XMT4HPGJRQ/?
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/viewability-pixel/viewability-pixel.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://googleads.g.doubleclick.net/
accept-language: de-CH,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Date: Sun, 14 Jan 2024 11:28:59 GMT
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 26
Content-Type: image/gif

OPTIONS
H/1.1 204
No Content /
b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542AYJU3MN4676HDXTUWQCNXASOICVRYG3WI4NVC3EEWDTR3Y746VWQI2BM4D7YIWHQFN3HBA6RJ5VIMX6745FNSDATVQBTRRCINJLDGTG4N2LVAWBS5QTAZH5AVCI2KZ2GBAIX56NNXVTSZ6HOVWAHYFI... Frame 0
0 32ms
32ms Preflight 213.227.153.220
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL: https://b1t-eudc1.zemanta.com/t/imp/view/6WC6C2BNMC542AYJU3MN4676HDXTUWQCNXASOICVRYG3WI4NVC3EEWDTR3Y746VWQI2BM4D7YIWHQFN3HBA6RJ5VIMX6745FNSDATVQBTRRCINJLDGTG4N2LVAWBS5QTAZH5AVCI2KZ2GBAIX56NNXVTSZ6HOVWAHYFITV5I5U3JAXEES3NLGWFCC5OCBM4WGOD6F3VA4ZUEXT6BLZWPVCW56R7ZE3JE3ZUAYKKH5OTGUBJQCOKR4SGRWLPTK3EPGXRUHVET6LSZ3CQVVU3PRTYIBDGEBBWJDCHWM7VWZJS73FX5PDFYWFMGVOLB6ZLCYLLEGAEHZXIDXQ46DSYHWCDMKMC6Q2VEPYONDQ4RA7XMT4HPGJRQ/?
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.227.153.220 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS: v182.ce13.ams-01.nl.leaseweb.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: HEAD, GET, OPTIONS
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Max-Age: 600
Connection: keep-alive
Date: Sun, 14 Jan 2024 11:28:59 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame C1DF 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvIjwvc1vgt0OONpSGyZKTcLtoeKOfGYcDN4DYCR7PBF4s3EJkahjpeaN_Vj5iN34V_68URh1JrxUXYCqQ1Goec5OvBjH3An1X_Pl0W9w225L45PN7LfXv9&sig=Cg0ArKJSzM6Pgkkp4B8TEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240110&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1705231738552&rpt=186&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ 0
54 B 67ms
67ms Ping
image/gif 2a00:1450:4010:c01::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~lrdey5vi&c=4458737761665948&e=44759875%2C44759926%2C31080330%2C42531705%2C95320376%2C31061691%2C31061693&ctx=1&met.3=1113.mp_2~1113.ms~1113.mt~164.qb~165.q9_2~164.qc~165.qb~164.qc~165.qc~166.q1_j~1001.qk__1~164.ql~165.qk_1~1032.wp~326.wr_1~832.wu~868.wu~216.wp_6~215.wp_6~843.wn_7~889.wz~639.x5~1032.x9~326.x9~832.xa~868.xa~216.x9_1~215.x9_1~889.xb~639.xc~1032.xd~326.xd~832.xd~868.xd~216.xd_1~215.xd_1~889.xf~639.xh~1032.xh~326.xh~832.xi~868.xi~216.xh~215.xh~889.xp~639.xq~112.xt_2~168.157_3~168.15a~168.15a~168.15a~168.15a~168.15a~168.15a~168.15b_3~168.15e~168.15e~168.15e_3~168.15h~168.15h~168.15h~168.15h~168.15h~168.15h_1~168.15h_1~168.15i~168.15i~168.15i~168.15i~429.1bi~168.1cv~168.1cv~168.1cv~168.1cv~168.1cw~168.1cw~168.1cw~168.1cw~168.1cw~168.1cw~168.1cw~168.1dd~168.1dd~168.1dd~168.1dd~168.1dd~168.1dd~168.1dd~168.1dd~168.1dd~168.1dd~168.1dd~210.1e0~1032.1e1~326.1e1~832.1e1~868.1e1~164.1e0_1~165.1e0_1~466.1e0_1~522.1e0_1~525.1e1_2~639.1e3~168.1gu~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~168.1gv~273.1kn~113.1ks_1&met.7=CBsQCMABj-yl5wQ~CBsQByCxAzjmAsABkevQqgU~CBsQCiCxAzjsAsAB9bGWjAg~CBsQCiCxAzj8AsAB29bmsws~CBsQCiCxAzjXAsABytSa4Qs~CAIQChgBILEDKLEDMKQEOHNQsgNY4wNgxgNo4wNwoAR4slWAAYZTiAH1zAGwAQG4AQPAAciYvJEG~CBsQBiDBAzi_BcABhcmo7As~CBsQAiCoBjgfwAGL76iiDA~CAEQChgBILMGKLMGMKUHOHJotAZwjAd4m5IDgAHvjwOIAcSRCbABAbgBA8AB3o6_mwE~CBsQCiC2BjhSwAH73pGQAQ~CBsQAiC3BjgfwAGArvTPAQ~CBsQAiC3BjgiwAHbw9KTCA~CBsQAiC3BjjcAsABi5aivQg~CBsQAiC5BjgdwAGTqtyOAQ~CBsQAiC5BjgiwAHG0Ikg~CBsQAiC5BjgfwAGY-ICYCg~CBsQBiCRBzgewAHKh5-EDw~CAMQChgBILIHKLIHMI4JON0BaLIHcLgIeITDCIAB2MAIiAHnjBmwAQG4AQPAAZXHzMoP~CCgQBRgBILwHKLwHMIUIOElQvQdY7gdg0Qdo7wdwhAh4-SKAAc0giAHAR7ABAbgBA8ABi-rPtw8~CBwQChgBIJ0JKJ0JMLUJOBhonQlwsgl4gK8BgAHUrAGIAeLBA7ABAbgBA8AB7tvI6gw~CAUQBRgBILAJKLAJMMULOJQCaLEJcMMLeJAFgAHkAogBxgWwAQG4AQPAAZDHsvAI~CAUQBRgBIKgJKKgJMOsMOMMDaKkJcOQMeOyIAYABwIYBiAHE1wKwAQG4AQPAAZDHsvAI~CAUQBRgBILUJKLUJMPYMOMEDaLUJcO4MeJ-JAYAB84YBiAGg1wKwAQG4AQPAAZDHsvAI~CAUQBRgBIL4JKL4JMKoNOOwDaL4JcKENeJW-AYAB6bsBiAHHlgWwAQG4AQPAAZDHsvAI~CBwQChgBIK4NKK4NMIQOOFZorw1w9g14grsDgAHWuAOIAcGNCrABAbgBA8ABuYjNzQI~CCgQBRgBIIoOKIoOMKEOOBdoiw5woA54-SKAAc0giAHAR7ABAbgBA8AB09j4iQU~CBsQCDj4D8ABj-yl5wQ~CCcQDRgBIPgPKPgPMO0QOHVQ-A9YoxBg-A9ooxBw7BB4hWKAAdlfiAHqfrABAbgBA8AB8_LLrgs~CCcQChgBIO0QKO0QML0ROE_AAeLBm9oF~CCcQBRgBIL8RKL8RMN8ROCDAAZmVn6AL~CBsQBRgBIMERKMERMJoSOFnAAc_G2uIB~CBwQBhgBIMAWKMAWMP0WOD3AAaHZ1rIJ&met.1=1.lrdey4xp~6.0~7.b~8.b~9.b~10.1l~11.u~12.1l~13.bx~14.g7~15.c0~16.mu~17.mu~18.n8~19.1ko~20.1ko~21.1ko~22.nl~23.nl
Requested by: Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20240109/r20110914/rum_fy2021.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4010:c01::5e , Finland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-CH,de;q=0.9
Referer: https://qooh.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 14 Jan 2024 11:28:59 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

200 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.qooh.me/	1970-01-20 18:26:36	Name: PHPSESSID Value: ebft6f7kjgt4ab28qjc8v94712
.qooh.me/	1970-01-21 03:16:31	Name: __utma Value: 3998191.1344398737.1705231738.1705231738.1705231738.1
.qooh.me/	1969-12-31 23:59:59	Name: __utmc Value: 3998191
.qooh.me/	1970-01-20 22:03:19	Name: __utmz Value: 3998191.1705231738.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.qooh.me/	1970-01-20 17:40:32	Name: __utmt Value: 1
.qooh.me/	1970-01-20 17:40:33	Name: __utmb Value: 3998191.1.10.1705231738
.qooh.me/	1970-01-21 03:02:07	Name: __gads Value: ID=bc5f4d5d18d514bf:T=1705231737:RT=1705231737:S=ALNI_MbQnOxwxTTCGqG_R2XrNabjtevjZA
.qooh.me/	1970-01-21 03:02:07	Name: __gpi Value: UID=00000cf61ce78c14:T=1705231737:RT=1705231737:S=ALNI_Ma-2YQS54Clbu7Q8VltAbht5N4GYg
.doubleclick.net/	1970-01-21 03:16:31	Name: IDE Value: AHWqTUmlujYirQnRkaQnzoMdAce2OrfgqcPlocukAkdfYQ85NzM9bozDqJgI75WOTb8

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

b1-eudc1.zemanta.com
b1t-eudc1.zemanta.com
csi.gstatic.com
googleads.g.doubleclick.net
obs.cheqzone.com
pagead2.googlesyndication.com
qooh.me
securepubads.g.doubleclick.net
ssl.google-analytics.com
tpc.googlesyndication.com
widgets.outbrain.com
www.google.com
www.googletagservices.com
zem.outbrainimg.com
146.75.122.132
2.19.85.55
213.227.153.220
213.227.153.223
2600:1f18:e8a:cd06:e361:a2ce:b047:17c
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:827::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2002
2a00:1450:4010:c01::5e
2a06:98c1:3121::3
064a6c76b6f262b2ef04f10bbac035cbc03da68fb3f4db53767766db68e69bf2
09d950567a1f8eb1adbc9fd8e16bd3a3ea0738fc1814f53582e512eff6a50c5a
0de7c1baa53cac77e11a5e964537c7b2e020c1abd1f8eda3570444527900e197
0e8f5c8758acebc09c4a61e849f9660dabd288a987a3e92c8050595b7b13e15f
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1ce0cba7a42c7a59d3d7ae57bfe8fe657f2de70e27a71b37c3cba1c311e865b6
2f6bea46c546f8965429c8793da815b8aa488ea358656607513811e6220f4583
30216b447644d7908a8ef33a44bc268e0b88ee6aa1d379b9e80ee803d189362f
30b3f67a0971aa7d2464d3c388d0c7c7f505c71740141687d5d3c13e65d093fa
3154c36c867d443af5ac6bf35643ec6f144bc0548e224c25e66259767d744ea5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3ab3dd9d0603989408a5c6662219d675bf69d93a9822afab099f3f8c192b7caa
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3fbd6dbee061c92bfef462e6c78a0596808620a1d1463d6dd713e2eecc03a418
470c5beb140e9110bbacd1c085f69f91dfd48bebeb68121b9d04fc99a6cd45ea
519813b606623a5ce910b2ee52ecd8a6b5d084fc5975d6950b5ac0867d902276
549a75e349567add1be9f64d09b384dbd223cfd24bf1968699ba905b41a8ac23
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
59167352b1c2399a1552bf5e3b3459010625de1511a82cf84276e8328f09fb57
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bd121116b457d0864b2a9c58696ae8c520868df36b3ef414ec6142872ef472
77205bdcb09aa5518870a479cc9e538df24ab11713eef6454f47781cad7c0e2d
7c06851aa6041915d2767b37507e293bd9aaedbd0c6941bc28a12f175873fcd7
7f92ad8240b45989508ee2db42e8213dd8adbf8abf81b91f957c36ad625018bb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
91bc5e8a105645881fb41b7f6fff8539ef7381aca91b111314bca39af30db759
93c4755dfc75877e5e8f1811d9fbf81f66afc43f831a7a98eef20a5181b7653c
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
a4814d3116db4148ebd4a5bba756f2e6bfbfa7fd6f08f6322defab1017b028ef
a7119d4f8e5761d77f6e5fa97d237ba166209f37ae52514ab7cbc2c7020719b5
b96e1e89f33f0c7f6f32f5728fa04fb267cc86a13f35a3a83298442b429fc366
beccd9a0f0499a1355ae0d47915240d1261427829f350a026775c09e9fd719c4
c22cef5f0feadef84070444d9a8dd634a08052ed13d5063b90f1f42bedecd84d
c4b5eaf519344946b2a1d9d35d55a13426815b7d244d3aa831373723e538846f
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
d921255f132c765306f6b28b46a5700b9e45c5a9951c38ae830aa8f19f655880
e0d3de97e09ca7befbaaae73167158ae334cc0117c61342b99448c0206e713ed
e1addf7c91e087a246561ff3ea40593419acf5bfdbcdc22dda5b24911c2123a4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e93b8c0ae5b5910b7107c8b455eda029935c56efa8de0be2443d8eabba207197
eb9762ded811468609d1269031480b6a60570a99dbc54efea9d050e6af495f20
ed88d5a1c97dc43c114c0b289b3b5abf077be44e8e8765a9ad777f94af433411
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f28525bd770a7f6b434460627f6dfda3b37e1861b6b5fc86d132a6e615dcd2b1
f428bd0f5c94566df54eceef63989e44c66e41ce9c18b8aa24942c0328ad8434
f5a0e72ced143fba78e93d5ff8e97825e4abb5f8cdb71062020ea3cdceeb0313

qooh.me Open in urlscan Pro 2a06:98c1:3121::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

71 %IPv6

11 Domains

14 Subdomains

15 IPs

4 Countries

854 kBTransfer

2382 kBSize

9 Cookies

1 Outgoing links

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

qooh.me Open in urlscan Pro
2a06:98c1:3121::3 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

71 %
IPv6

11
Domains

14
Subdomains

15
IPs

4
Countries

854 kB
Transfer

2382 kB
Size

9
Cookies

77 HTTP transactions
3 data transactions