urlscan.io logo urlscan.io
SecurityTrails logo

mysillysquirts.com Open in urlscan Pro
194.1.147.10  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://mysillysquirts.com/
Effective URL: https://mysillysquirts.com/
Submission: On February 15 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 56 IPs in 12 countries across 39 domains to perform 309 HTTP transactions. The main IP is 194.1.147.10, located in Chicago, United States and belongs to WPX, BG. The main domain is mysillysquirts.com.
TLS certificate: Issued by R3 on January 15th 2023. Valid for: 3 months.
This is the only time mysillysquirts.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 194.1.147.44 210250 (WPX)
33 194.1.147.10 210250 (WPX)
4 2a01:7e00:1::... 63949 (AKAMAI-AP...)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2a04:4e42:41::84 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 23.206.208.183 16625 (AKAMAI-AS)
2 2606:4700:440... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
3 13.224.195.78 16509 (AMAZON-02)
1 13.225.78.44 16509 (AMAZON-02)
1 104.18.10.47 13335 (CLOUDFLAR...)
2 13.225.78.71 16509 (AMAZON-02)
1 13.225.78.19 16509 (AMAZON-02)
2 13.224.189.5 16509 (AMAZON-02)
1 34.120.133.55 396982 (GOOGLE-CL...)
2 35.71.131.137 16509 (AMAZON-02)
4 18.66.23.210 16509 (AMAZON-02)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
2 44.207.220.40 14618 (AMAZON-AES)
1 13.224.189.13 16509 (AMAZON-02)
5 35.186.236.140 15169 (GOOGLE)
1 104.18.24.185 13335 (CLOUDFLAR...)
1 141.95.33.111 16276 (OVH)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.82 16276 (OVH)
48 2a00:1450:400... 15169 (GOOGLE)
20 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 79.125.109.97 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 37.157.4.29 198622 (ADFORM)
2 85.14.248.91 24961 (MYLOC-AS ...)
11 21 142.250.201.194 15169 (GOOGLE)
6 12 185.80.39.216 27381 (CASALE-MEDIA)
6 9 185.83.142.19 29990 (ASN-APPNEX)
2 6 34.246.236.161 16509 (AMAZON-02)
26 2a00:1450:400... 15169 (GOOGLE)
1 37.157.5.71 198622 (ADFORM)
6 142.251.208.130 15169 (GOOGLE)
6 2600:9000:214... 16509 (AMAZON-02)
25 2600:1f13:800... 16509 (AMAZON-02)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
13 2606:4700::68... 13335 (CLOUDFLAR...)
2 34.149.12.213 15169 (GOOGLE)
1 142.250.27.155 15169 (GOOGLE)
2 34.98.64.218 396982 (GOOGLE-CL...)
2 104.111.217.42 16625 (AKAMAI-AS)
1 1 2a05:d018:d29... 16509 (AMAZON-02)
2 2 213.155.156.165 1299 (TWELVE99 ...)
1 1 104.18.25.185 13335 (CLOUDFLAR...)
1 1 34.247.9.207 16509 (AMAZON-02)
3 3 213.19.147.44 3356 (LEVEL3)
2 2 13.248.245.213 16509 (AMAZON-02)
309 56
1    194.1.147.44 (Chicago, United States)

ASN210250 (WPX, BG)
PTR: wpx.net
mysillysquirts.com
33    194.1.147.10 (Chicago, United States)

ASN210250 (WPX, BG)
PTR: wpx.net
mysillysquirts.com
4    2a01:7e00:1::b903:5c4c (London, United Kingdom)

ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG)
monu.delivery
1    2a00:1450:4001:828::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
4    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a04:4e42:41::84 (Vienna, Austria)

ASN54113 (FASTLY, US)
s.pinimg.com
2    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
region1.analytics.google.com
1    2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    23.206.208.183 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-208-183.deploy.static.akamaitechnologies.com
ct.pinterest.com
2    2606:4700:4400::6812:220a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
8    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    13.225.78.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-44.fra2.r.cloudfront.net
get.s-onetag.com
1    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    13.225.78.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-71.fra2.r.cloudfront.net
onetag-geo.s-onetag.com
1    13.225.78.19 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-19.fra2.r.cloudfront.net
signal-beacon.s-onetag.com
2    13.224.189.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-5.fra2.r.cloudfront.net
signal-segments.s-onetag.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
4    18.66.23.210 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-23-210.vie50.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
1    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
2    44.207.220.40 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-207-220-40.compute-1.amazonaws.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
1    13.224.189.13 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-13.fra2.r.cloudfront.net
signal-floors.s-onetag.com
5    35.186.236.140 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 140.236.186.35.bc.googleusercontent.com
imps.monu.delivery
1    104.18.24.185 (None, )

ASN13335 (CLOUDFLARENET, US)
as-sec.casalemedia.com
1    141.95.33.111 (Germany)

ASN16276 (OVH, FR)
PTR: ns3203177.ip-141-95-33.eu
lb.eu-1-id5-sync.com
2    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
5    2a00:1450:400d:80d::2001 (Ireland)

ASN15169 (GOOGLE, US)
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
id5-sync.com
48    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
20    2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
8    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    79.125.109.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-79-125-109-97.eu-west-1.compute.amazonaws.com
protected-by.clarium.io
2    2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    37.157.4.29 (Denmark)

ASN198622 (ADFORM, DK)
track.adform.net
2    85.14.248.91 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
m.exactag.com
21    142.250.201.194 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s35-in-f2.1e100.net
cm.g.doubleclick.net
12    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
dsum-sec.casalemedia.com
9    185.83.142.19 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
6    34.246.236.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-236-161.eu-west-1.compute.amazonaws.com
fw.adsafeprotected.com
pixel.adsafeprotected.com
26    2a00:1450:400d:805::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    37.157.5.71 (Denmark)

ASN198622 (ADFORM, DK)
s1.adform.net
6    142.251.208.130 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s42-in-f2.1e100.net
googleads4.g.doubleclick.net
6    2600:9000:214f:fe00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
25    2600:1f13:800:7781:1ff7:f8bb:5daf:de82 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
2    2a02:26f0:3500:d::1732:83d6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
cdn.doubleverify.com
13    2606:4700::6810:c40 (United States)

ASN13335 (CLOUDFLARENET, US)
c.bannerflow.net
2    34.149.12.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.12.149.34.bc.googleusercontent.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
1    142.250.27.155 (United States)

ASN15169 (GOOGLE, US)
PTR: ra-in-f155.1e100.net
bid.g.doubleclick.net
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
us-u.openx.net
2    104.111.217.42 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-217-42.deploy.static.akamaitechnologies.com
sync.teads.tv
1    2a05:d018:d29:3601:428e:df6b:6d4d:d1e4 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    213.155.156.165 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-165.teliacarrier-cust.com
d5p.de17a.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
1    34.247.9.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-9-207.eu-west-1.compute.amazonaws.com
ads.yieldmo.com
3    213.19.147.44 (Castricum, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
sync.targeting.unrulymedia.com
2    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
Apex Domain
Subdomains		 Transfer
73 googlesyndication.com
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 137
425 KB
45 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 77
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 186
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 205
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 313
bid.g.doubleclick.net — Cisco Umbrella Rank: 710
319 KB
37 adsafeprotected.com
fw.adsafeprotected.com — Cisco Umbrella Rank: 753
static.adsafeprotected.com — Cisco Umbrella Rank: 571
dt.adsafeprotected.com — Cisco Umbrella Rank: 531
pixel.adsafeprotected.com — Cisco Umbrella Rank: 679
237 KB
34 mysillysquirts.com
mysillysquirts.com
649 KB
26 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 270
464 KB
14 casalemedia.com
as-sec.casalemedia.com — Cisco Umbrella Rank: 1530
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 533
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 421
10 KB
13 bannerflow.net
c.bannerflow.net — Cisco Umbrella Rank: 8783
562 KB
9 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 203
10 KB
9 monu.delivery
monu.delivery — Cisco Umbrella Rank: 24006
imps.monu.delivery — Cisco Umbrella Rank: 29353
159 KB
7 s-onetag.com
get.s-onetag.com — Cisco Umbrella Rank: 3923
onetag-geo.s-onetag.com — Cisco Umbrella Rank: 4837
signal-beacon.s-onetag.com — Cisco Umbrella Rank: 5249
signal-segments.s-onetag.com — Cisco Umbrella Rank: 8097
signal-floors.s-onetag.com — Cisco Umbrella Rank: 15360
21 KB
7 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 285
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 477
53 KB
5 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1354
1 KB
5 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4596
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 doubleverify.com
cdn.doubleverify.com — Cisco Umbrella Rank: 476
rtb0.doubleverify.com — Cisco Umbrella Rank: 687
rtbc-eu3.doubleverify.com — Cisco Umbrella Rank: 16495
23 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 183
192 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
279 KB
3 adform.net
track.adform.net — Cisco Umbrella Rank: 3849
s1.adform.net — Cisco Umbrella Rank: 8330
20 KB
3 pinterest.com
ct.pinterest.com — Cisco Umbrella Rank: 802
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6232
adservice.google.de — Cisco Umbrella Rank: 9006
1 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
region1.google-analytics.com — Cisco Umbrella Rank: 2506
20 KB
3 gstatic.com
fonts.gstatic.com
66 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 337
951 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 518
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 4255
651 B
2 teads.tv
sync.teads.tv — Cisco Umbrella Rank: 1222
344 B
2 openx.net
us-u.openx.net — Cisco Umbrella Rank: 420
418 B
2 exactag.com
m.exactag.com — Cisco Umbrella Rank: 11824
2 KB
2 amazon.dev
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev — Cisco Umbrella Rank: 671
456 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 927
id5-sync.com — Cisco Umbrella Rank: 396
17 KB
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
656 B
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1375
100 KB
2 pinimg.com
s.pinimg.com — Cisco Umbrella Rank: 738
21 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 918
576 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 642
592 B
1 yahoo.com
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 422
716 B
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1014
405 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 787
362 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 605
13 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 43
1 KB
309 39
Domain Requested by
48 pagead2.googlesyndication.com securepubads.g.doubleclick.net
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
tpc.googlesyndication.com
pagead2.googlesyndication.com
mysillysquirts.com
www.googletagservices.com
s0.2mdn.net
34 mysillysquirts.com 1 redirects mysillysquirts.com
26 s0.2mdn.net mysillysquirts.com
s0.2mdn.net
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
25 dt.adsafeprotected.com 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
21 cm.g.doubleclick.net 11 redirects googleads.g.doubleclick.net
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
20 tpc.googlesyndication.com securepubads.g.doubleclick.net
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
tpc.googlesyndication.com
mysillysquirts.com
s0.2mdn.net
13 c.bannerflow.net s0.2mdn.net
c.bannerflow.net
12 dsum-sec.casalemedia.com 6 redirects googleads.g.doubleclick.net
9 ib.adnxs.com 6 redirects googleads.g.doubleclick.net
8 googleads.g.doubleclick.net 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
mysillysquirts.com
8 securepubads.g.doubleclick.net monu.delivery
securepubads.g.doubleclick.net
6 static.adsafeprotected.com 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
mysillysquirts.com
6 googleads4.g.doubleclick.net mysillysquirts.com
5 protected-by.clarium.io 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
mysillysquirts.com
5 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com securepubads.g.doubleclick.net
cdn.confiant-integrations.net
5 imps.monu.delivery mysillysquirts.com
4 pixel.adsafeprotected.com 1 redirects 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
4 www.googletagservices.com 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
4 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
4 www.googletagmanager.com mysillysquirts.com
www.googletagmanager.com
4 monu.delivery mysillysquirts.com
monu.delivery
3 c.amazon-adsystem.com monu.delivery
c.amazon-adsystem.com
3 ct.pinterest.com s.pinimg.com
mysillysquirts.com
3 fonts.gstatic.com fonts.googleapis.com
2 eb2.3lift.com 2 redirects
2 sync.1rx.io 2 redirects
2 d5p.de17a.com 2 redirects
2 sync.teads.tv googleads.g.doubleclick.net
2 us-u.openx.net googleads.g.doubleclick.net
2 cdn.doubleverify.com mysillysquirts.com
2 fw.adsafeprotected.com 1 redirects mysillysquirts.com
2 m.exactag.com 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
2 track.adform.net 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
s1.adform.net
2 www.google.com tpc.googlesyndication.com
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
2 adservice.google.com securepubads.g.doubleclick.net
2 adservice.google.de securepubads.g.doubleclick.net
2 prod.us-east-1.cxm-bcn.publisher-services.amazon.dev c.amazon-adsystem.com
2 match.adsrvr.org js-sec.indexww.com
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
2 signal-segments.s-onetag.com get.s-onetag.com
2 onetag-geo.s-onetag.com get.s-onetag.com
signal-beacon.s-onetag.com
2 cdn.confiant-integrations.net monu.delivery
cdn.confiant-integrations.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 s.pinimg.com mysillysquirts.com
s.pinimg.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 ssum-sec.casalemedia.com 1 redirects
1 pr-bh.ybp.yahoo.com 1 redirects
1 bid.g.doubleclick.net 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
1 rtbc-eu3.doubleverify.com cdn.doubleverify.com
1 rtb0.doubleverify.com mysillysquirts.com
1 s1.adform.net mysillysquirts.com
1 id5-sync.com cdn.id5-sync.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 as-sec.casalemedia.com js-sec.indexww.com
1 signal-floors.s-onetag.com get.s-onetag.com
1 cdn.id5-sync.com mysillysquirts.com
1 api.rlcdn.com js-sec.indexww.com
1 signal-beacon.s-onetag.com get.s-onetag.com
1 js-sec.indexww.com monu.delivery
1 get.s-onetag.com monu.delivery
1 www.google.de mysillysquirts.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.googleapis.com mysillysquirts.com
309 65

This site contains links to these domains. Also see Links.

Domain
serpfit.com
Subject Issuer Validity Valid
mysillysquirts.com
R3		 2023-01-15 -
2023-04-15		 3 months crt.sh
*.monu.delivery
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.pinterest.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-28 -
2023-08-08		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-01-27 -
2023-04-27		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.s-onetag.com
Amazon		 2022-12-04 -
2024-01-02		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-10-06 -
2023-10-05		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
Amazon RSA 2048 M02		 2022-12-27 -
2024-01-25		 a year crt.sh
imps.monu.delivery
GTS CA 1D4		 2023-02-03 -
2023-05-04		 3 months crt.sh
*.eu-1-id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
*.google.de
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
*.id5-sync.com
R3		 2023-01-25 -
2023-04-25		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M02		 2022-12-16 -
2024-01-14		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-02-01 -
2023-04-26		 3 months crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-20 -
2023-09-20		 a year crt.sh
*.exactag.com
Sectigo RSA Organization Validation Secure Server CA		 2022-04-01 -
2023-05-02		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-05-27		 4 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-01-31 -
2023-04-25		 3 months crt.sh
static.adsafeprotected.com
Amazon		 2022-08-06 -
2023-09-04		 a year crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-09 -
2023-12-03		 10 months crt.sh
*.doubleverify.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-05 -
2023-07-07		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
teads.tv
R3		 2023-01-20 -
2023-04-20		 3 months crt.sh

This page contains 28 frames:

Primary Page: https://mysillysquirts.com/
Frame ID: 150B80237EAEEE4DD5F5F72528A1BCE7
Requests: 98 HTTP requests in this frame

Frame: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Frame ID: 702748B2E2B2059373EB8AD87C9131B1
Requests: 1 HTTP requests in this frame

Frame: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 95F8B10F466AEDC4FD8AB800F31C25D0
Requests: 1 HTTP requests in this frame

Frame: https://ct.pinterest.com/ct.html
Frame ID: 6C1C3E4CE8D2DE584DB7CCE30E380DCA
Requests: 1 HTTP requests in this frame

Frame: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4B081988D656043008453ABD6AB52382
Requests: 30 HTTP requests in this frame

Frame: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 23AB162A0C3FAC3F43885D270CDA6203
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYuqmj3wEwAQ&v=APEucNVc02aS1KKZirjS8Ot-I3ptf-kmrnIbAX11abtUe5rEhsnswSW9WYYpUMSQkXiNqVhjWACv_blrlBMvlpFIFG91BhQBrgjivEUvOIzSUu4c7f9lVQ093CYkKM88Vw09rfAuuMNnBDKYRy7Ty3zh7Lu0X9LBSwM5lPQQbYyfoafLwf8fQzk
Frame ID: 577681F1DEF168679575A4914D78261A
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQh__jARinisWiATAB&v=APEucNUDFsH9e7JrRG5W4Cvw-Lcn6visBzqyo1f0PPsh2UrrWv8eSW6Q0UOurT4AjcKs544oJPiqXHv4POpnowiUn_Sarg-dfUu8cQKawpejgPM718FdXbPWrs41fIkDiP_RwlPyDqBb5iF2ETsqRx3dWIu_8gFmXJxv8DTgDwb0zu1Rba37l2Q
Frame ID: DD9C37E22A3A85345ECAD9655122EEDA
Requests: 5 HTTP requests in this frame

Frame: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CCA7648B29D4D45FDE3C880735A63262
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 07BE18CD39D67F8A4B8741026488CC25
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5C7AA38979E2BDF5F1782559177F7E4E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY_tXA3gEwAQ&v=APEucNVXLqeDjA4QW4hhj4Uzq6uAAUz6IWmtAZ_LERkgqX9oSxR4042ojA3D9biu47naLER_f7v7UkJvI6vuKXtOHAqE_IQ7RUZibs3e0shn9TvjU6iI6uss0d6t9cTUtltQsWv9z2pSdHY0dQP2_esyC83MITSfauLVaL-do8I5VhkwPADpWYM
Frame ID: 52542E9353515F166713110861E40BD2
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: B4F164193E756BF2ADA1C56B8EC76623
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CAFD12C07B41483EA7F4AEE5F6E0D441
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
Frame ID: DB605D90A350AC2FF4577ADDA4FE4840
Requests: 12 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 6E6EF5B640CC784BF7FC8A9434C63B9A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2522F888BC0888B84C8D9B197B1B6FD2
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/17474999534835728384/DE_mood_shutter_banner_2022_160x600_html5_banner-637897135634216291-3b9f46bc-82fc-48d7-b3c6-34cbae40dcfe.html
Frame ID: D640EB6CC76B161A583AFBA38842D4E3
Requests: 8 HTTP requests in this frame

Frame: blob://https://s0.2mdn.net/44cec9b3-28d3-4a4d-9b16-e19bfce94a19
Frame ID: 0C6A049A68F8FE54723FA7E3F0094FAA
Requests: 1 HTTP requests in this frame

Frame: https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2F56693ff3-bd27-4c66-8761-9d0f06ba053b.jpg&w=989&h=621&q=85&f=webp&rt=contain
Frame ID: F5369500E10E0A10D318D2C4E71ECD92
Requests: 7 HTTP requests in this frame

Frame: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0B09ACED090DB212CF7DC2571C1CEDD9
Requests: 47 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUD3bAYh38vSZPGXx5G2WYAyKf88l5OeRfdViT373F1R6LNJQKqOi_KUMMCv_qanI4XUzJ3BkzAeRKUluDX3r_4s9m4WmV-3iW0s42i1HddO7Lp7jX6fluZeaS2ZyY-kTECA9gQ1Y0NwHAjEPSUPdFdvozRFHBA4zfEHWRTsfa2L5Hijj8
Frame ID: 7898C1AA016D23732F066C9D35790259
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E5073CD5D1CD9D102FE414DF80CA8B7F
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 64637BE01B49308558C1402F987656F4
Requests: 9 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 31256A9111D0746E9006F8EB4A18EE1C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: F22A5ED030D34E6EDA85418A047E18BB
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
Frame ID: B46783C06D120F05ABF146B21197F6DF
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
Frame ID: BA372BB9D1AAFD7F629587D702817061
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

My Silly Squirts - Navigating Motherhood One Day at a Time!SearchToggle MenuSearchScroll to topScroll to topExpandToggle Menu CloseSearch

Page URL History Show full URLs

  1. http://mysillysquirts.com/ HTTP 301
    https://mysillysquirts.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

309
Requests

91 %
HTTPS

42 %
IPv6

39
Domains

65
Subdomains

56
IPs

12
Countries

3655 kB
Transfer

8826 kB
Size

34
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://mysillysquirts.com/ HTTP 301
    https://mysillysquirts.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 129
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG1ns822iD8-GYaZb5oI2WA&google_cver=1
Request Chain 130
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.0kX9UJa8vwejAZudlJFQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
Request Chain 131
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFTiCrAr4b9l59h_qTrOK_U&google_cver=1
Request Chain 132
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA4NjM2NTQ5NzE3MTY2OTU3MA%3D%3D
Request Chain 133
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOia2PZGep7tCMjdK6E71M&google_cver=1
Request Chain 134
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.0kX9UJa8vwejAZudlJFQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
Request Chain 135
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
Request Chain 136
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
Request Chain 140
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1
Request Chain 141
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.0kX9UJa8vwejAZudlJFQAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
Request Chain 142
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
Request Chain 143
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
Request Chain 170
  • https://fw.adsafeprotected.com/rfw/st/1333404/69076805/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=27496782&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=16627720464&bidurl=https://mysillysquirts.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gwQk9FMLTjKm_CRj7c6iBE&adContainerId=brand_safety_XyTtY5iBArqK7_UP3raIwAI&cbFunctionName=goog_wrapCb_XyTtY5iBArqK7_UP3raIwAI&true_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2Fpassback_728x90.js&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fmysillysquirts.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fmysillysquirts.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:e997eaa7-d5a7-ad98-6a71-7721cb79b40d,c:4jCNf5,sl:outOfView,em:true,fr:false,thd:1,mn:jsserver-primary-69f5898b7f-5fbz9,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:3,mot:0,app:0,maw:0,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17%7C18,idMap:14*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:0,renddet:DIV,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,tt:rjss,et:18,oid:95fbc6df-ad5e-11ed-9185-eab0906f8138,v:19.8.394,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
Request Chain 244
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJmP2G717kIu520GdeHEruo&google_cver=1
Request Chain 246
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
  • https://sync.teads.tv/um?eid=3&uid=CAESEIy9OSiW4JBnjX4qubN8-gA&google_cver=1
Request Chain 262
  • https://pixel.adsafeprotected.com/rfw/st/1352960/69430711/skeleton.js?bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=18516745436&bidurl=https://mysillysquirts.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRxjltMNd2McXH9qDSkUXh&adsafe_url=https%3A%2F%2Fmysillysquirts.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fmysillysquirts.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:73968860-c2da-549f-3c4a-9d611cfa7bdb,c:4jCNMD,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-946ffb567-mqlpn,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:grpm1,mtim:69,mot:0,app:0,maw:0,fm:tvXtgKQ+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:rjss,et:75,oid:9725ef7b-ad5e-11ed-8499-0e54c43792f1,v:19.8.394,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
  • https://static.adsafeprotected.com/skeleton.js?bundleId=
Request Chain 278
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ8SjQ8D0OIcN1j-mjLSrpA&google_cver=1&google_push=Aa02lx_qUM0RkeyxUnVKGI5jCoH0mOEYqCIFhhcvwHdgKebEyZHa1wZQyxFyPdFY3JRWZ0r-hOMSxuaxgoW0U3bnomx3nnYs71VTVA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_qUM0RkeyxUnVKGI5jCoH0mOEYqCIFhhcvwHdgKebEyZHa1wZQyxFyPdFY3JRWZ0r-hOMSxuaxgoW0U3bnomx3nnYs71VTVA&google_hm=eS1PWDZSb1A1RTJwRlJkOGFRTjF3Tm55OUQzaXJ6MjJGYX5B
Request Chain 279
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBONITp9ma-tJn2SCK6cBOk&google_cver=1&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K1uwOBuSUA HTTP 302
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBONITp9ma-tJn2SCK6cBOk&google_cver=1&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K1uwOBuSUA HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K1uwOBuSUA
Request Chain 280
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOybuuzQLOXM1Z0Ri755l3c&google_cver=1&google_push=Aa02lx8D2ZjM23L8-JMQ8_9z2WFWRdWfcwzDM4tDQvg4CGX1cjA5yBnFe0S0jhOMfmFXXFQ1UHfRtKipT70DqmN7UlcRALhHaShBlQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOybuuzQLOXM1Z0Ri755l3c&google_hm=Y-0kX9UJa8vwejAZudlJFQAABJQAAAAB&google_nid=index&google_push=Aa02lx8D2ZjM23L8-JMQ8_9z2WFWRdWfcwzDM4tDQvg4CGX1cjA5yBnFe0S0jhOMfmFXXFQ1UHfRtKipT70DqmN7UlcRALhHaShBlQ
Request Chain 281
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIu8w1O95TYzbYLigVcxBIM&google_cver=1&google_push=Aa02lx-gNtifjexKMfBMtg4x5zwtquauHsD-kB2QJ56PiUY-uFLrSbM0D3fcNJDHA2U1rt_NSM5qgNWwamBx6ugnkIHrZ8gcjMRCig HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aa02lx-gNtifjexKMfBMtg4x5zwtquauHsD-kB2QJ56PiUY-uFLrSbM0D3fcNJDHA2U1rt_NSM5qgNWwamBx6ugnkIHrZ8gcjMRCig&google_hm=Z2MzM2U1ZjdiMmZkOTcyYTViN2U=
Request Chain 282
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEEDg9bubbVbCBxa1XAPuXdo&google_cver=1&google_push=Aa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&cb=1676485729740 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-cfb0bc32-0a76-4620-9f19-9cea91e7a911-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA%26google_hm%3DA8-wvDIKdkYgnxmc6pHnqRE HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA&google_hm=A8-wvDIKdkYgnxmc6pHnqRE
Request Chain 283
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPwGPGvgAZPJQfC7uWJKPS0&google_cver=1&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05c6JSHThyXn0sVa42RSramg_y7XzcUcsGB06p1A HTTP 302
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05c6JSHThyXn0sVa42RSramg_y7XzcUcsGB06p1A&google_gid=CAESEPwGPGvgAZPJQfC7uWJKPS0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyMzc0NTY4NDU5MzczNjQ3OTQ5&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05c6JSHThyXn0sVa42RSramg_y7XzcUcsGB06p1A

309 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
mysillysquirts.com/
Redirect Chain
  • http://mysillysquirts.com/
  • https://mysillysquirts.com/
171 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 / PHP/7.4.33
Resource Hash
27e7544dfa3e95deb27a4de6657896384e1a303482fb3249aa9b50caa2b0bc03
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
br
content-security-policy
upgrade-insecure-requests
content-type
text/html; charset=UTF-8
date
Wed, 15 Feb 2023 18:27:56 GMT
expires
Wed, 11 Jan 1984 05:00:00 GMT
link
<https://mysillysquirts.com/wp-json/>; rel="https://api.w.org/" <https://mysillysquirts.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://mysillysquirts.com/>; rel=shortlink
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
server
WPX CLOUD/PAR02
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,Origin
wpx
1
x-cache-status
MISS
x-content-type-options
nosniff
x-edge-location
WPX CLOUD/PAR02
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

Connection
keep-alive
Content-Length
0
Content-Type
text/html; charset=UTF-8
Date
Wed, 15 Feb 2023 18:27:55 GMT
Server
WPX CLOUD/PAR02
X-Cache-Status
MISS
X-Edge-Location
WPX CLOUD/PAR02
cache-control
max-age=3600
content-security-policy
upgrade-insecure-requests
expires
Wed, 15 Feb 2023 19:28:43 GMT
location
https://mysillysquirts.com/
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Accept-Encoding,Origin
wpx
1
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-powered-by
PHP/7.4.33
x-redirect-by
WordPress
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
style.min.css
mysillysquirts.com/wp-includes/css/dist/block-library/ 		93 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
11616
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 16 Nov 2022 13:54:56 GMT
server
WPX CLOUD/PAR02
etag
"172a9-6374ebb0-f7b5749d7f5359aa;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:16 GMT
classic-themes.min.css
mysillysquirts.com/wp-includes/css/ 		217 B
770 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-includes/css/classic-themes.min.css?ver=1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
144
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Nov 2022 04:46:37 GMT
server
WPX CLOUD/PAR02
etag
"d9-6361f62d-476f512c41a261dd;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:16 GMT
client.css
mysillysquirts.com/wp-content/plugins/jquery-pin-it-button-for-images/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/jquery-pin-it-button-for-images/css/client.css?ver=3.0.6
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
573
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 16:46:27 GMT
server
WPX CLOUD/PAR02
etag
"7a7-5f7607e3-4b9c6a4a6c7a8bca;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
mailerlite_forms.css
mysillysquirts.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/ 		715 B
976 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/css/mailerlite_forms.css?ver=1.6.4
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
059a36bcdf44b177b7d4baefc30db58ea677f7721770d2ef66f959890fe50fdf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
208
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Feb 2023 16:46:14 GMT
server
WPX CLOUD/PAR02
etag
"2cb-63e3d1d6-52ceb56a145b5d5d;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Wed, 15 Feb 2023 19:58:49 GMT
style-frontend-pro.1.20.2.css
mysillysquirts.com/wp-content/plugins/social-pug/assets/dist/ 		99 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/social-pug/assets/dist/style-frontend-pro.1.20.2.css?ver=1.20.2
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
c942cb42cdacad001dce9355423b730fc36bbe1c332161a7bb7d2a8c748163d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
8612
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Oct 2022 10:45:07 GMT
server
WPX CLOUD/PAR02
etag
"18dcd-63493db3-40b4b4c841de0d35;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
global.min.css
mysillysquirts.com/wp-content/themes/kadence/assets/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/themes/kadence/assets/css/global.min.css?ver=1.1.32
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
3f5a33801c2430f432473ae8c2dbb94d907f8453627ef4e9b70354b25f7f7cad
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
4355
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 03 Feb 2023 04:41:22 GMT
server
WPX CLOUD/PAR02
etag
"51af-63dc9072-e99dfa95549b7d06;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 17 Feb 2023 22:54:25 GMT
header.min.css
mysillysquirts.com/wp-content/themes/kadence/assets/css/ 		27 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/themes/kadence/assets/css/header.min.css?ver=1.1.32
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4298
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 03 Feb 2023 04:41:22 GMT
server
WPX CLOUD/PAR02
etag
"6c84-63dc9072-4fe9c291d55b6876;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 17 Feb 2023 22:54:25 GMT
content.min.css
mysillysquirts.com/wp-content/themes/kadence/assets/css/ 		32 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/themes/kadence/assets/css/content.min.css?ver=1.1.32
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
5563
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 03 Feb 2023 04:41:22 GMT
server
WPX CLOUD/PAR02
etag
"7fcd-63dc9072-ab4c1f9ee7078098;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 17 Feb 2023 22:54:25 GMT
footer.min.css
mysillysquirts.com/wp-content/themes/kadence/assets/css/ 		18 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/themes/kadence/assets/css/footer.min.css?ver=1.1.32
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1664
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 03 Feb 2023 04:41:22 GMT
server
WPX CLOUD/PAR02
etag
"49c0-63dc9072-27e6602ae3be4658;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 17 Feb 2023 22:54:25 GMT
public.css
mysillysquirts.com/wp-content/plugins/recent-posts-widget-with-thumbnails/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/recent-posts-widget-with-thumbnails/public.css?ver=7.1.1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
a78f1a259351e5deda4a12bd3b8bbce4a708e4b926e57bd6bff269bbdcd95bbf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
419
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 30 Jul 2021 04:47:12 GMT
server
WPX CLOUD/PAR02
etag
"43c-61038450-99070447aedeada;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
row.style.build.css
mysillysquirts.com/wp-content/plugins/kadence-blocks/dist/blocks/ 		35 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/kadence-blocks/dist/blocks/row.style.build.css?ver=2.4.22
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
befab798297c137e96ff18b91a3d4e5dcc2ef46d6ebc418b710e07a5126f0376
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
MISS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3208
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 18 Nov 2022 04:46:21 GMT
server
WPX CLOUD/PAR02
etag
"8d0b-63770e1d-72d221ec815925ac;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Wed, 22 Feb 2023 18:28:45 GMT
column.style.build.css
mysillysquirts.com/wp-content/plugins/kadence-blocks/dist/blocks/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/kadence-blocks/dist/blocks/column.style.build.css?ver=2.4.22
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
85f408ff7768f84574fa9fab8baa9ec9fe43e22567e2be72daf4d13c346ddd8a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
MISS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
439
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 18 Nov 2022 04:46:21 GMT
server
WPX CLOUD/PAR02
etag
"5b8-63770e1d-36e7b6ab6aa71d89;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
text/css; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Wed, 22 Feb 2023 18:28:45 GMT
jquery.min.js
mysillysquirts.com/wp-includes/js/jquery/ 		88 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
30324
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 02 Nov 2022 04:46:38 GMT
server
WPX CLOUD/PAR02
etag
"15e54-6361f62e-6337dbcc5acb85ac;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
jquery-migrate.min.js
mysillysquirts.com/wp-includes/js/jquery/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
3995
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 09 Dec 2020 04:46:41 GMT
server
WPX CLOUD/PAR02
etag
"2bd8-5fd056b1-3ecf496ef09e80bb;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
js.cookie-2.1.3.min.js
mysillysquirts.com/wp-content/plugins/pixelyoursite/dist/scripts/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/pixelyoursite/dist/scripts/js.cookie-2.1.3.min.js?ver=2.1.3
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
803
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 16:46:21 GMT
server
WPX CLOUD/PAR02
etag
"6ad-63d15cdd-2f22bbba586e335b;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
jquery.bind-first-0.2.3.min.js
mysillysquirts.com/wp-content/plugins/pixelyoursite/dist/scripts/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/pixelyoursite/dist/scripts/jquery.bind-first-0.2.3.min.js?ver=6.1.1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
625
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 16:46:21 GMT
server
WPX CLOUD/PAR02
etag
"525-63d15cdd-777f3c4305716368;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
public.js
mysillysquirts.com/wp-content/plugins/pixelyoursite/dist/scripts/ 		95 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.3.2
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
cd9c5ea69ac96ce024e9a182e2f7776d9e86d03f34deb18672b7a16252d828ae
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
15249
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 16:46:21 GMT
server
WPX CLOUD/PAR02
etag
"17dbb-63d15cdd-dad5dea172d42ea4;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Wed, 15 Feb 2023 21:40:01 GMT
public.js
mysillysquirts.com/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/ 		11 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=4.2.0
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
d1a14b38c6142bb633e0b0b854f322084ae8843510cb7f23e19813d1b7d6b05d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
1931
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Jan 2023 04:16:08 GMT
server
WPX CLOUD/PAR02
etag
"2ab2-63ca1588-d9cacd02f8e04ea0;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
801778-915b-41c9-97ff-b61f612dd271.js
monu.delivery/site/4/c/ 		45 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software
nginx /
Resource Hash
f448b5138be7634e7e3f16e9ddec3fdc6c265aaf05b1f741f99b2aa26b852165

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdt5mwi-D5vqYtJ0hadf2w4JHma12HyfdlKgmp2f9EMEkuusXNNbwCT7bMcIq5B3mISe6kQVBW2nPbhu7NKmh78TfnrvUhfT
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1676444506230220
content-type
application/javascript
x-goog-hash
crc32c=1Fmqkg==, md5=UbechVO+S9UmLMSWa6TVeQ==
cache-control
max-age=7200
x-goog-stored-content-length
46029
expires
Wed, 15 Feb 2023 20:28:45 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Lato:regular,700,600%7CLora:600&display=swap
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a7c122973f24656e61080ffbe922eb09243089409e039f18c1b3bd8333dcd44c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 15 Feb 2023 18:28:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 15 Feb 2023 18:28:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 15 Feb 2023 18:28:44 GMT
js
www.googletagmanager.com/gtag/ 		113 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-149766563-1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
525cd4aed7867b7d5f12fc09a4b1915ee7760fdace4b23a6f32079f4de1e829f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45186
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Feb 2023 18:28:45 GMT
cropped-My-Silly-Squirts-logo_2017-2.png
mysillysquirts.com/wp-content/uploads/2017/12/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2017/12/cropped-My-Silly-Squirts-logo_2017-2.png
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
190ee7df80d389e9170254bfe08802a4fff521bb2cec0af88e4b006438199b0c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
18984
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 01 Dec 2017 05:14:50 GMT
server
WPX CLOUD/PAR02
etag
"4a28-5a20e54a-a3eef25f387c76cc;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Wed, 22 Mar 2023 11:41:35 GMT
wp-emoji-release.min.js
mysillysquirts.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4619
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 May 2022 04:47:13 GMT
server
WPX CLOUD/PAR02
etag
"48b9-628db4d1-945104511007ba4e;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
auto_image_alt.js
mysillysquirts.com/wp-content/plugins/auto-image-alt/js/ 		573 B
865 B 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/auto-image-alt/js/auto_image_alt.js?ver=1.1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
90b91e17c86159aaf7840b1a00bfe8633968d7ee6ff706cf57b2bb46e676b099
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
227
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Oct 2022 17:41:24 GMT
server
WPX CLOUD/PAR02
etag
"23d-63499f44-5481123f998dd95f;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:16 GMT
jpibfi.client.js
mysillysquirts.com/wp-content/plugins/jquery-pin-it-button-for-images/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/jquery-pin-it-button-for-images/js/jpibfi.client.js?ver=3.0.6
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
4624
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 01 Oct 2020 16:46:27 GMT
server
WPX CLOUD/PAR02
etag
"38ac-5f7607e3-429dcf63d369fe95;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:16 GMT
front-end-free.1.20.2.js
mysillysquirts.com/wp-content/plugins/social-pug/assets/dist/ 		26 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/social-pug/assets/dist/front-end-free.1.20.2.js?ver=1.20.2
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
bf3030e55842d6b828713d9c2ceb06f9700d0ae9c60c9d03a33a7e5cf8ce3669
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
7224
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 14 Oct 2022 10:45:07 GMT
server
WPX CLOUD/PAR02
etag
"6981-63493db3-bae44378cfa5c786;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sat, 18 Feb 2023 16:33:17 GMT
navigation.min.js
mysillysquirts.com/wp-content/themes/kadence/assets/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/themes/kadence/assets/js/navigation.min.js?ver=1.1.31
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
515046f17366202aff636868d8a4f17021a2c5e47311ec0889bd7c1b8c5d7974
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
4090
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 03 Feb 2023 04:41:22 GMT
server
WPX CLOUD/PAR02
etag
"454a-63dc9072-6f5d3cc4c2b7ecb3;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 16 Feb 2023 11:38:14 GMT
jquery.validate.min.js
mysillysquirts.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mysillysquirts.com/wp-content/plugins/official-mailerlite-sign-up-forms/assets/js/jquery.validate.min.js?ver=6.1.1
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
094e00b708e00a1de8c8fe1c172a1319792657720d8cc18a96232f7f2e862036
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains; preload
wpx
1
content-security-policy
upgrade-insecure-requests
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
6513
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 08 Feb 2023 16:46:14 GMT
server
WPX CLOUD/PAR02
etag
"5417-63e3d1d6-f42dc6a6e105210f;br"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=604800
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Thu, 16 Feb 2023 11:38:13 GMT
xdomain_cookie.min.js
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software
nginx /
Resource Hash
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycdtuW0YGB1pnGIcWDS-Lg6FSYmzb7mUma9q4FQJRWc_6jtaqJ6DG2v_pPp1ZOEwFyUIMGB5kOnoZ2xr8u0uSSKv0Jg
transfer-encoding
chunked
x-cache
HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
connection
close
last-modified
Tue, 25 Aug 2020 07:36:03 GMT
server
nginx
vary
Accept-Encoding
x-goog-generation
1598340963244234
content-type
application/javascript
x-goog-hash
crc32c=PYpHKQ==, md5=thaqbm5dIRiPqROaEv/m/g==
cache-control
max-age=31104000, public
x-goog-stored-content-length
4733
expires
Sat, 10 Feb 2024 18:28:45 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,600%7CLora:600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mysillysquirts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 17:08:09 GMT
x-content-type-options
nosniff
age
91236
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:48:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 17:08:09 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v23/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,600%7CLora:600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mysillysquirts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 22:22:26 GMT
x-content-type-options
nosniff
age
72379
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 26 Apr 2022 15:56:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 14 Feb 2024 22:22:26 GMT
0QI6MX1D_JOuGQbT0gvTJPa787zAvBJBkq0.woff2
fonts.gstatic.com/s/lora/v26/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lora/v26/0QI6MX1D_JOuGQbT0gvTJPa787zAvBJBkq0.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Lato:regular,700,600%7CLora:600&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d782dc1a9a1a6c144dbbc94b9cd857906292d7046c5d6e76970b65fb8c76661
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://mysillysquirts.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 08:50:17 GMT
x-content-type-options
nosniff
age
34708
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19968
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:04:47 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 08:50:17 GMT
Toddler-Busy-Book_cover-page-768x605.jpg
mysillysquirts.com/wp-content/uploads/2023/02/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2023/02/Toddler-Busy-Book_cover-page-768x605.jpg
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
aaa81b5b1d908aefaf9297d91835ef637e3cc7811f2cdd204399709157d734ba
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
MISS
content-length
74490
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 09 Feb 2023 19:22:17 GMT
server
WPX CLOUD/PAR02
etag
"122fa-63e547e9-241e94bacaacbfe3;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:28:45 GMT
Expired-food-768x498.jpg
mysillysquirts.com/wp-content/uploads/2023/02/ 		95 KB
96 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2023/02/Expired-food-768x498.jpg
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
04f457622b521b6628a1893ef349d684142f1347b42d421ed32df455fde5d5a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
MISS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
97739
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 04 Feb 2023 13:39:12 GMT
server
WPX CLOUD/PAR02
etag
"17dcb-63de6000-84fe5a033336ed2f;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:28:45 GMT
Single-Birthday-coupon-768x576.jpg
mysillysquirts.com/wp-content/uploads/2023/01/ 		60 KB
61 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2023/01/Single-Birthday-coupon-768x576.jpg
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
3cbd9986a12de5e80817a9553551a8a64932a9628aa655e024f3b267c43a189d
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
MISS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
61399
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 25 Jan 2023 21:04:06 GMT
server
WPX CLOUD/PAR02
etag
"efd7-63d19946-aa5debeab8d3d33d;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:28:45 GMT
Dressed-in-a-clown-costume-768x572.jpg
mysillysquirts.com/wp-content/uploads/2023/01/ 		73 KB
73 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2023/01/Dressed-in-a-clown-costume-768x572.jpg
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
d01ecaa00e08527e12c5ac05aa3644bdd642fbe8aaf9484ddf5a9ee45c7b91b6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
MISS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
74280
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 20 Jan 2023 21:39:19 GMT
server
WPX CLOUD/PAR02
etag
"12228-63cb0a07-edb5525bffb2e22d;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:28:45 GMT
walking-oreo-pie-768x645.jpg
mysillysquirts.com/wp-content/uploads/2023/01/ 		88 KB
89 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2023/01/walking-oreo-pie-768x645.jpg
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
a00a7fab86e0a099ecadf538bf7bb08539c70e3e396d2ff76a2c9534c86203a7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
MISS
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
90098
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 16 Jan 2023 19:34:38 GMT
server
WPX CLOUD/PAR02
etag
"15ff2-63c5a6ce-ed5e37d9c1dd8e7a;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sun, 16 Apr 2023 18:28:45 GMT
Pin-poke-web-version-2-768x426.jpg
mysillysquirts.com/wp-content/uploads/2023/01/ 		38 KB
39 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2023/01/Pin-poke-web-version-2-768x426.jpg
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
65339f5360bbd30dac5f70be8647ab688610b1978c2bc96f271d0b3db0dc1087
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
content-length
39076
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 14 Jan 2023 14:25:12 GMT
server
WPX CLOUD/PAR02
etag
"98a4-63c2bb48-2023c0d304699703;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Fri, 14 Apr 2023 08:39:20 GMT
mug_Marie-230x300.jpg
mysillysquirts.com/wp-content/uploads/2017/11/ 		14 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mysillysquirts.com/wp-content/uploads/2017/11/mug_Marie-230x300.jpg
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
194.1.147.10 Chicago, United States, ASN210250 (WPX, BG),
Reverse DNS
wpx.net
Software
WPX CLOUD/PAR02 /
Resource Hash
071a0b2f09882caaad233b142c9fe60cee4a3af7df793c1aa3e53563be08b555
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:56 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests
wpx
1
x-edge-location
WPX CLOUD/PAR02
x-cache-status
HIT
alt-svc
h3=":443"; ma=2592000, h3-29=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q043=":443"; ma=2592000, quic=":443"; ma=2592000; v="43,46"
content-length
14782
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 28 Nov 2017 20:07:38 GMT
server
WPX CLOUD/PAR02
etag
"39be-5a1dc20a-603857df5bfa3673;;;"
vary
Accept-Encoding,Origin
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
public, max-age=5184000
permissions-policy
geolocation=(), microphone=(), accelerometer=(), gyroscope=(), magnetometer=(), interest-cohort=()
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
expires
Sun, 02 Apr 2023 07:39:35 GMT
801778-915b-41c9-97ff-b61f612dd271.js
monu.delivery/sitesplit/d3/0.4.5/4/c/ 		506 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/sitesplit/d3/0.4.5/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software
nginx /
Resource Hash
e08d52bff02cf2523795b9ce64c67d68a71d2b63d5a4374e43d5cd2ad11d3e6f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
gzip
age
0
x-guploader-uploadid
ADPycds7e9KX-jnGbIjIrJrIrbuD40l2n8ZAlkJi4xTzrJDLqr0sJJ3-2XFGg1HEVpflCXQX9ktYGiYmwQ9oiDuEW9HvWw
transfer-encoding
chunked
x-cache
MISS
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
connection
close
server
nginx
vary
Accept-Encoding
x-goog-generation
1676444508471699
content-type
application/javascript
x-goog-hash
crc32c=zGlD/w==, md5=990kYzsUo1tWP9WEPwHaJg==
cache-control
max-age=7200
x-goog-stored-content-length
517223
expires
Wed, 15 Feb 2023 20:28:45 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9X8EGH6XFX
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/wp-content/plugins/pixelyoursite/dist/scripts/public.js?ver=9.3.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9c0d62a5e43109561498558c4abf27b4ea0f9d2c5935aa7d5e94c3ac572b1a76
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79982
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Feb 2023 18:28:45 GMT
core.js
s.pinimg.com/ct/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/core.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/wp-content/plugins/pixelyoursite-pinterest/dist/scripts/public.js?ver=4.2.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b6f8057e240a65dc3ed044f6249e4a12d5e9d2c4f8e18e0f44f9603ee5a03ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
x-cdn
fastly
etag
"20dcf873ff1608d745dceb84d6857da6"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=7200
alt-svc
h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts
1
content-length
1146
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PCY5P3Z08Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149766563-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a4459835f4ca7e099998eea006d88efa4863a8c61395103cfa69f963be0aaeaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79702
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Feb 2023 18:28:45 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149766563-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 15 Feb 2023 18:12:04 GMT
last-modified
Tue, 10 Jan 2023 21:29:14 GMT
server
Golfe2
age
1001
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20085
expires
Wed, 15 Feb 2023 20:12:04 GMT
js
www.googletagmanager.com/gtag/ 		226 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-9X8EGH6XFX&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-149766563-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5fc95e0959b11a7ee1abe2107ed1daf4d67da7f6e99f962c486a817c9029db99
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79960
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 15 Feb 2023 18:28:45 GMT
collect
region1.google-analytics.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-9X8EGH6XFX&gtm=45je32d0&_p=1447808498&cid=1837310906.1676485725&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676485725&sct=1&seg=0&dl=https%3A%2F%2Fmysillysquirts.com%2F&dt=My%20Silly%20Squirts%20-%20Navigating%20Motherhood%20One%20Day%20at%20a%20Time!&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.link_attribution=false&ep.anonymize_ip=false&ep.debug_mode=false
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9X8EGH6XFX
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
256 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PCY5P3Z08Q&gtm=45je32d0&_p=1447808498&_gaz=1&cid=1837310906.1676485725&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1676485725&sct=1&seg=0&dl=https%3A%2F%2Fmysillysquirts.com%2F&dt=My%20Silly%20Squirts%20-%20Navigating%20Motherhood%20One%20Day%20at%20a%20Time!&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCY5P3Z08Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PCY5P3Z08Q&cid=1837310906.1676485725&gtm=45je32d0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PCY5P3Z08Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:45 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PCY5P3Z08Q&cid=1837310906.1676485725&gtm=45je32d0&aip=1&z=1523719212
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:45 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
208 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1447808498&t=pageview&_s=1&dl=https%3A%2F%2Fmysillysquirts.com%2F&ul=en-us&de=UTF-8&dt=My%20Silly%20Squirts%20-%20Navigating%20Motherhood%20One%20Day%20at%20a%20Time!&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=248621533&gjid=283346090&cid=1837310906.1676485725&tid=UA-149766563-1&_gid=1167543487.1676485726&_r=1&gtm=457e32d0&z=1512647733
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mysillysquirts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:45 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
xdomain_cookie.html
monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/ Frame 7027 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.html
Requested by
Host: monu.delivery
URL: https://monu.delivery/assets/scripts/vendors/xdomain/1.0.8a/xdomain_cookie.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a01:7e00:1::b903:5c4c London, United Kingdom, ASN63949 (AKAMAI-AP Akamai Technologies, Inc., SG),
Reverse DNS
Software
nginx /
Resource Hash
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
872
cache-control
max-age=31104000 public
connection
close
content-encoding
gzip
content-type
text/html
date
Wed, 15 Feb 2023 18:28:45 GMT
expires
Sat, 10 Feb 2024 18:28:45 GMT
last-modified
Tue, 25 Aug 2020 07:36:09 GMT
server
nginx
transfer-encoding
chunked
vary
Accept-Encoding
x-cache
HIT
x-goog-generation
1598340969597109
x-goog-hash
crc32c=84qDrg== md5=UK93eCDb5GkYdLDTqpa2gw==
x-goog-metageneration
1
x-goog-storage-class
STANDARD
x-goog-stored-content-encoding
identity
x-goog-stored-content-length
3440
x-guploader-uploadid
ADPycdv8Lfslyr6xys1RcKTteifxS66RGU47wGdYgrZIZhRl-jJlWThXIPCmFyB7As_GxizskdRTvziId8OcaPm8iOhByw
main.57992c41.js
s.pinimg.com/ct/lib/ 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.pinimg.com/ct/lib/main.57992c41.js
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/core.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:41::84 Vienna, Austria, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
fdb328bff496e603b8fbd56d9b59114b5e4aeb7c5cf7a550563e5dc95cc25f33

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
gzip
x-cdn
fastly
etag
"a2989b2a8a5c2cde42b6a5ab4aadbe8c"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
X-CDN
vary
Accept-Encoding, Origin
cache-control
max-age=1209600
alt-svc
h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
fastly-restarts
1
content-length
19688
/
ct.pinterest.com/user/ 		539 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/user/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&cb=1676485725806&dep=2%2CPAGE_LOAD
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.57992c41.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
x-cdn
akamai
akamai-grn
0.ccd5ce17.1676485725.40da5607
x-envoy-upstream-service-time
5
content-length
375
x-pinterest-rid
9957004398310241
pin-unauth
dWlkPU9UWTROMlJtTVdFdE56aGhOQzAwTVRWaExXRm1aVFF0WkRVMU56QTVaRGxtWmpZMg
pragma
no-cache
referrer-policy
origin
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mysillysquirts.com
access-control-expose-headers
Epik,Pin-Unauth
cache-control
no-cache,no-store,must-revalidate,max-age=0
access-control-allow-credentials
true
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
ct.pinterest.com/v3/ 		0
279 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ct.pinterest.com/v3/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmysillysquirts.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1676485725807
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:45 GMT
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
referrer-policy
origin
x-cdn
akamai
akamai-grn
0.ccd5ce17.1676485725.40da5608
access-control-allow-origin
*
cache-control
no-cache,no-store,must-revalidate,max-age=0
x-envoy-upstream-service-time
1
content-length
0
x-pinterest-rid
8072545288422388
expires
Sat, 01 Jan 2000 00:00:00 GMT
config.js
cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/ 		139 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce6dce07167681173c599eb6dca7d9eba82c47a28a8ab5f7f98db7c83dbea39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 18:15:34 GMT
server
cloudflare
x-amz-request-id
PDMZ3GE3SW9T7EKR
age
184
etag
W/"3c71b21b6558d779ac88beee05c800e7"
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
79a01aeb5c4d35ee-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
spQtRzfxJ3E2yhdxaOAdpvSfCjFQs6cNDnBcCuUfeVJZSL+Z//VV41EXNC2YVW83rEAttrlydV0=
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		76 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c954d37e5b86135acdbe6dda998a807b48613368136175bd424d37dad216b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26789
x-xss-protection
0
server
sffe
etag
"1483 / 759 of 1000 / last-modified: 1676462737"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 15 Feb 2023 18:28:46 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		193 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 17:57:25 GMT
content-encoding
gzip
via
1.1 75a13c74495137fb5435dc4030981df6.cloudfront.net (CloudFront), 1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
last-modified
Wed, 08 Feb 2023 21:24:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
1881
x-amz-server-side-encryption
AES256
etag
W/"0d9f2b192f61b596888847da998647d3"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
N4_qinFJeBbCdG7hAqYHwUzlcK_c1S6HMcOf265SDVmYhiETtqTJfQ==
tag.min.js
get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-44.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aad848c59e502b6ea83d79937e65320f50e5a7be59a7ad7170bcf2c65c9f1867

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 14:31:30 GMT
x-amz-version-id
ACIvD1WyilwRNpceF1wYlW8kq6B1sMIy
content-encoding
gzip
last-modified
Mon, 13 Feb 2023 14:31:05 GMT
server
AmazonS3
via
1.1 56fad5a50ef67bd961b9722ed0931838.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"5251dc69b5c928ab80ebced0146aee3c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=86400
age
14236
x-amz-cf-id
2_tUOZhCrBtNh1oTCKZxkE6TM0aWkFHVGSkOHtMg12inK6pjLlqIyA==
182762-63174106385307.js
js-sec.indexww.com/ht/p/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Requested by
Host: monu.delivery
URL: https://monu.delivery/site/4/c/801778-915b-41c9-97ff-b61f612dd271.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:45 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 18:15:14 GMT
server
cloudflare
age
719
etag
W/"903c51-930a-5f4c10fc58870"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
79a01aeb5ab99bfa-FRA
expires
Wed, 15 Feb 2023 22:28:45 GMT
/
onetag-geo.s-onetag.com/ 		555 B
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-71.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA2-C2
x-amzn-requestid
679db631-757a-41b1-8cfa-4eb46735653b
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
AZKewHUBiYcFhjw=
content-length
555
x-amz-cf-id
ogSccc-XncW-hq8Rd6-0pb7NKfmjO5o98mv_cCrOeBJBUIUe8rQpMg==
beacon.min.js
signal-beacon.s-onetag.com/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://signal-beacon.s-onetag.com/beacon.min.js
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.19 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-19.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
SQDb2i9Q5YZSPn9JZMj9axyuCi9GAOZD
content-encoding
gzip
via
1.1 e5b93012e2bfb81dc9846f43efd610a6.cloudfront.net (CloudFront)
date
Wed, 15 Feb 2023 05:14:10 GMT
last-modified
Wed, 10 Aug 2022 09:56:11 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
47677
x-amz-server-side-encryption
AES256
etag
W/"588a5c88fba4ca02dace48040384e257"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
hFeQseerUOy49YRoBv27dgPQt8xNa3IDwG7iM7TBb5msfYJFtV68-g==
%2F
signal-segments.s-onetag.com/desktop/mysillysquirts.com/ 		2 KB
562 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/mysillysquirts.com/%2F
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-5.fra2.r.cloudfront.net
Software
/
Resource Hash
82e8472d8aacbf7aefc29c5dd3cc8cc07c2a80c2de1a09a7aaab5b4ec150746d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 13:08:17 GMT
content-encoding
gzip
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
19229
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
fPcQsGMX1tOpxKoZoEBM0ozFDI90SoCoC0gDiakKijdeqnAyWde8GA==
apigw-requestid
AYbiQg-kCYcEMGg=
mysillysquirts.com
signal-segments.s-onetag.com/desktop/ 		2 KB
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-segments.s-onetag.com/desktop/mysillysquirts.com
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.5 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-5.fra2.r.cloudfront.net
Software
/
Resource Hash
82e8472d8aacbf7aefc29c5dd3cc8cc07c2a80c2de1a09a7aaab5b4ec150746d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:23:43 GMT
content-encoding
gzip
via
1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
age
302
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400, public
x-amz-cf-id
yqfXt8y8SuyJyGlJzRRkrb8IKbOv0o8DvxXofAO4rPMM5undjUeGNA==
apigw-requestid
AZJviiJOiYcEKMg=
identity
api.rlcdn.com/api/ 		44 B
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://mysillysquirts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://mysillysquirts.com
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
rid
match.adsrvr.org/track/ 		63 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=182762
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
097507e149e448fc4db409df7d37142498651d27d5f7a5cd5a25bf1959d72b5a

Request headers

Referer
https://mysillysquirts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://mysillysquirts.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Fri, 17 Mar 2023 18:28:46 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		742 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fmysillysquirts.com&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
Server /
Resource Hash
f514543170b7d33d558d367a0047faf7d003acddeb3857f2cb929d6bfb5af190

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 15:36:58 GMT
via
1.1 b6d1611761652d7a383651f2bf480596.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
10308
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
742
x-amz-cf-id
oYRoON9Hx8JVmp_0PB2uZ6HxvUTLzAp6BQdbGqcUUxb1n3emoNCWhQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmysillysquirts.com%2F&pid=QB5aLcxNrirQO&cb=0&ws=1600x1200&v=23.203.336&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-387cadb1-2eed-426d-ac3b-8640b24449c9-ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22562356047%2FGJD01M%2FGJD01M-DDP.B%22%7D%5D&schain=1.0%2C1!monumetric.com%2C4c801778-915b-41c9-97ff-b61f612dd271%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
K5R1N2WG3MV8FGX5K4PW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wnn7MZuC98qbQSb12uH5SSkxVUtMeOLbPPkin1MNI48vJFXlkpEEGQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmysillysquirts.com%2F&pid=QB5aLcxNrirQO&cb=1&ws=1600x1200&v=23.203.336&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-a1e9bf92-6f8a-4c43-b80a-a7f474d6db64-ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22562356047%2FGJD01M%2FGJD01M-DDA.C%22%7D%5D&schain=1.0%2C1!monumetric.com%2C4c801778-915b-41c9-97ff-b61f612dd271%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
J12QPZ8FH0EZBJPTGQC1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
sjiPalHpuFzC-IiXHQb_wBsHiq3GW-2QCaVXlHQ4euWgs12E7FFKdQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmysillysquirts.com%2F&pid=QB5aLcxNrirQO&cb=2&ws=1600x1200&v=23.203.336&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-2b61d745-99fa-4edb-92c9-f8d4c1b463a9-ad%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F20842576%2C22562356047%2FGJD01M%2FGJD01M-DDH.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C4c801778-915b-41c9-97ff-b61f612dd271%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
T2N2A3HY3PSH7E7526SZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
jiZQH9QxyX5JokmUp_GxPwNiGoXrM8r0MKfHuRjEm_NJXV5xbYmhgQ==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fmysillysquirts.com%2F&pid=QB5aLcxNrirQO&cb=3&ws=1600x1200&v=23.203.336&t=1100&slots=%5B%7B%22sd%22%3A%22mmt-8bda25ee-78fb-4011-bbad-88eceafbd53e-ad%22%2C%22s%22%3A%5B%22300x250%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F20842576%2C22562356047%2FGJD01M%2FGJD01M-DDR.A%22%7D%5D&schain=1.0%2C1!monumetric.com%2C4c801778-915b-41c9-97ff-b61f612dd271%2C1%2C%2C%2C&pubid=76b6d1d8-9f58-4ac7-a92e-f3232afccc8a&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.23.210 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-23-210.vie50.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
VIE50-P1
x-amz-rid
4NNRJXW04Z868W5WPA37
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
KilQv2Ow5pyFo__3ao-qJICMnWJnLONaF6ueLEryioT9GORzIJ23kw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-195-78.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-amz-version-id
zv0zkgF8NnUlHbYAYVWZBKSRYlhapW6k
content-encoding
gzip
via
1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
date
Wed, 15 Feb 2023 09:01:04 GMT
x-amz-cf-pop
FRA2-C1
age
34063
x-cache
Hit from cloudfront
last-modified
Wed, 08 Feb 2023 10:05:52 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
9H9_-4pCgfv0V2-Rn5fZ6Y66GzdKNTq01JgTbd2HsJl8L5rhLmtN-A==
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 		216 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/OOh3bTrtb2nHyOwGk2LTO5SWo54/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::6812:220a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 21 Dec 2022 15:47:15 GMT
server
cloudflare
x-amz-request-id
ZTEVH34PFEG5J8DC
age
1257165
etag
W/"fa407ba001f2ac06196124f41d523471"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
79a01aebed4935ee-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
9bEoS8gJkggVC32ZB1KX/RKZKus+h7u+amY8Xwswss3UxvvOMl0voUZQhwRnJjScPnREG9l6F+xxZeMHKe5++w==
id5-api.js
cdn.id5-sync.com/api/1.0/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 13 Feb 2023 11:21:55 GMT
server
cloudflare
x-amz-request-id
096K3226QDY3KGD8
age
952
etag
W/"7586740695219e27c1483ac351f18884"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
79a01aec6e3ebbb9-FRA
x-amz-id-2
era4u+9xJ3DV9FOuPQL4pVQhoUtc57Bv4W0UTfUT0Mb/QzJFBhIdV3+z6hzoUFB2ECdEsEMBN1o=
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ 		0
456 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-220-40.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mysillysquirts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Wed, 15 Feb 2023 18:28:46 GMT
content-length
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
recordVendorsLoaded
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod.us-east-1.cxm-bcn.publisher-services.amazon.dev/v1/recordVendorsLoaded
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.207.220.40 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-207-220-40.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://mysillysquirts.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
1800
allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
content-length
0
date
Wed, 15 Feb 2023 18:28:46 GMT
vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
pubads_impl_2023020901.js
securepubads.g.doubleclick.net/gpt/ 		386 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
980c5d3f2c9d21b9c5ddd170f98a7a3f77a8e96cf2406ed205d5ce339aeabf91
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:10:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1077
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
133132
x-xss-protection
0
last-modified
Thu, 09 Feb 2023 09:35:45 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 15 Feb 2024 18:10:49 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		781 B
383 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=mysillysquirts.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
27d55c2b35aae45faf6f364c70c8ac453c18d8726cc1bc26b6c178dd28d6a83a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
358
x-xss-protection
0
expires
Wed, 15 Feb 2023 18:28:46 GMT
mmt-387cadb1-2eed-426d-ac3b-8640b24449c9-ad%252B%2526mmt-a1e9bf92-6f8a-4c43-b80a-a7f474d6db64-ad%252B%2526mmt-2b61d745-99fa-4edb-92c9-f8d4c1b463a9-ad%252B%2526mmt-8bda25ee-78fb-4011-bbad-88eceafbd5...
signal-floors.s-onetag.com/mysillysquirts.com/ 		0
284 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://signal-floors.s-onetag.com/mysillysquirts.com/mmt-387cadb1-2eed-426d-ac3b-8640b24449c9-ad%252B%2526mmt-a1e9bf92-6f8a-4c43-b80a-a7f474d6db64-ad%252B%2526mmt-2b61d745-99fa-4edb-92c9-f8d4c1b463a9-ad%252B%2526mmt-8bda25ee-78fb-4011-bbad-88eceafbd53e-ad
Requested by
Host: get.s-onetag.com
URL: https://get.s-onetag.com/e599ac32-ea3f-46fa-a00b-60b8e4861a70/tag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.189.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-189-13.fra2.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
via
1.1 9e62923882d737ac8cd27f0d1b1c24ce.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-cache
Error from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=7200, public
content-length
0
apigw-requestid
AZKexjPhiYcEPIA=
x-amz-cf-id
_Avz-HaPCMNkQDAn_f9MyD4HTmniBHcGg49F8iSS9DGvzyGXf_ajgA==
/
onetag-geo.s-onetag.com/ 		555 B
960 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onetag-geo.s-onetag.com/
Requested by
Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-71.fra2.r.cloudfront.net
Software
/
Resource Hash
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
via
1.1 c0c6d7afa25d841027d75444425d2010.cloudfront.net (CloudFront), 1.1 a10d58b5ce965502cc34c5b27682fe22.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6, FRA2-C2
x-amzn-requestid
679db631-757a-41b1-8cfa-4eb46735653b
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
x-amz-apigw-id
AZKewHUBiYcFhjw=
content-length
555
x-amz-cf-id
Gx5uGh5ZO69Yf5RChrQiXzQLO_C2Q3ITTaYyPeNGCp-qJbdIlBXBrA==
mmt.gif
imps.monu.delivery/ 		37 B
535 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=a5b06549-967e-42d2-bfa4-a5af1bcd5441&a=s.d&u=387cadb1-2eed-426d-ac3b-8640b24449c9
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:18:07 GMT
age
1617039
x-guploader-uploadid
ADPycdtE_GiAWBD1JCwNb4N7PB-ODl8c1C02aGtwXPNRrs-L8i6UkHQPfziXgm38iVt3KGo-IvIqetmfazVFFoXB8ePPvNysyzQz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jan 2024 01:18:07 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=a5b06549-967e-42d2-bfa4-a5af1bcd5441&a=s.d&u=a1e9bf92-6f8a-4c43-b80a-a7f474d6db64
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:18:07 GMT
age
1617039
x-guploader-uploadid
ADPycdtE_GiAWBD1JCwNb4N7PB-ODl8c1C02aGtwXPNRrs-L8i6UkHQPfziXgm38iVt3KGo-IvIqetmfazVFFoXB8ePPvNysyzQz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jan 2024 01:18:07 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=a5b06549-967e-42d2-bfa4-a5af1bcd5441&a=s.d&u=2b61d745-99fa-4edb-92c9-f8d4c1b463a9
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:18:07 GMT
age
1617039
x-guploader-uploadid
ADPycdtE_GiAWBD1JCwNb4N7PB-ODl8c1C02aGtwXPNRrs-L8i6UkHQPfziXgm38iVt3KGo-IvIqetmfazVFFoXB8ePPvNysyzQz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jan 2024 01:18:07 GMT
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=a5b06549-967e-42d2-bfa4-a5af1bcd5441&a=s.d&u=8bda25ee-78fb-4011-bbad-88eceafbd53e
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:18:07 GMT
age
1617039
x-guploader-uploadid
ADPycdtE_GiAWBD1JCwNb4N7PB-ODl8c1C02aGtwXPNRrs-L8i6UkHQPfziXgm38iVt3KGo-IvIqetmfazVFFoXB8ePPvNysyzQz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jan 2024 01:18:07 GMT
headerstats
as-sec.casalemedia.com/ 		0
501 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://as-sec.casalemedia.com/headerstats?s=504384&u=https%3A%2F%2Fmysillysquirts.com%2F&v=3
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/182762-63174106385307.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.24.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://mysillysquirts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FoO0R%2FJncQ33pG2CmPgCPOARrohQYHmzfNiKXaTdxbrHZrogtJOfsmALhYhOkx5d35HolW6qc3eNAi8JbtQu%2Bz4e3UtYaSeRnvW9PZhKkDPQWW%2BaWCX30jbEuyWhmI3fHBKQNwhx0UY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
79a01aed2a622bd1-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.33.111 , Germany, ASN16276 (OVH, FR),
Reverse DNS
ns3203177.ip-141-95-33.eu
Software
/
Resource Hash
d60d8d04c537e3536054a8a33a7983b9890f016e6e95b852ab7481ed2cc3a3f4
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mysillysquirts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mysillysquirts.com
date
Wed, 15 Feb 2023 18:28:46 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mysillysquirts.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mysillysquirts.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		16 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1919316167716064&correlator=2116125297062138&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fif&iu_parts=20842576%3A22562356047%2CGJD01M%2CGJD01M-DDR.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250%7C160x600&ifi=1&adks=1474514220&didk=107701221&sfv=1-0-40&prev_scp=pos%3D1%26monu%3D300x250-160x600_A1%26directDeals%3Dsticky_pillar%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D18__chrome&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1676485726264&lmt=1676485726&dlt=1676485724805&idt=1364&adxs=-300&adys=950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmysillysquirts.com%2F&frm=20&vis=1&psz=300x-1&msz=300x-1&fws=512&ohw=0&ga_vid=1837310906.1676485725&ga_sid=1676485726&ga_hid=1447808498&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d673a7d525e7aa67ad153cfda260a432e00f0c2e5fb3951d69b5eb00cec5f9e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7201
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 95F8 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Thu, 15 Feb 2024 18:28:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		571 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1919316167716064&correlator=3132786373150246&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fif&iu_parts=20842576%3A22562356047%2CGJD01M%2CGJD01M-DDP.B&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=2&adks=3395801634&didk=457604123&sfv=1-0-40&prev_scp=pos%3D2%26monu%3D728x90_B2%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D18__chrome&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1676485726280&lmt=1676485726&dlt=1676485724805&idt=1364&adxs=436&adys=2213&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmysillysquirts.com%2F&frm=20&vis=1&psz=748x110&msz=728x0&fws=4&ohw=1600&ga_vid=1837310906.1676485725&ga_sid=1676485726&ga_hid=1447808498&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5b138e591d4963439fbf4da64464c34b1de65c70c33364bc76e9b0beee25db07
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		15 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1919316167716064&correlator=2346379632361149&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fif&iu_parts=20842576%3A22562356047%2CGJD01M%2CGJD01M-DDH.A&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=3&adks=3351771011&didk=3586578448&sfv=1-0-40&prev_scp=pos%3D1%26monu%3D728x90_A1%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D18__chrome&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1676485726290&lmt=1676485726&dlt=1676485724805&idt=1364&adxs=436&adys=249&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmysillysquirts.com%2F&frm=20&vis=1&psz=748x110&msz=728x0&fws=4&ohw=1600&ga_vid=1837310906.1676485725&ga_sid=1676485726&ga_hid=1447808498&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
04ffd366d650b62aa1dacc3b0a2f59f20246fadef0e62f1c15dcdcea70888708
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7084
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		18 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1919316167716064&correlator=3108522332167400&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fif&iu_parts=20842576%3A22562356047%2CGJD01M%2CGJD01M-DDA.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=4&adks=1354456381&didk=3733884656&sfv=1-0-40&prev_scp=pos%3D3%26monu%3D728x90_B3%26directDeals%3Dsticky_bottom%26amznbid%3D2%26amznp%3D2%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D18__chrome&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie_enabled=1&abxe=1&dt=1676485726301&lmt=1676485726&dlt=1676485724805&idt=1364&adxs=436&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmysillysquirts.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&ga_vid=1837310906.1676485725&ga_sid=1676485726&ga_hid=1447808498&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4c0f9b6be5eb7a9f798714bce96f09e728ea6b4c9241a25a0fa050847b18e5e3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8068
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
1013.json
id5-sync.com/g/v2/ 		216 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1013.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
25751a093fd9dc0f95cec625d6ee019d8fa20dfe69650e265241547ffb6f4cc8
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://mysillysquirts.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://mysillysquirts.com
date
Wed, 15 Feb 2023 18:28:45 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
mmt.gif
imps.monu.delivery/ 		37 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imps.monu.delivery/mmt.gif?s=a5b06549-967e-42d2-bfa4-a5af1bcd5441&a=p.l&u=4c801778-915b-41c9-97ff-b61f612dd271
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.236.140 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
140.236.186.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Sat, 28 Jan 2023 01:18:07 GMT
age
1617039
x-guploader-uploadid
ADPycdtE_GiAWBD1JCwNb4N7PB-ODl8c1C02aGtwXPNRrs-L8i6UkHQPfziXgm38iVt3KGo-IvIqetmfazVFFoXB8ePPvNysyzQz
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37
last-modified
Wed, 12 Jul 2017 09:13:19 GMT
server
UploadServer
etag
"455005e2f4b8ecc484500fab08619f70"
x-goog-generation
1499850799559224
x-goog-hash
crc32c=1zd0wQ==, md5=RVAF4vS47MSEUA+rCGGfcA==
content-type
image/gif
cache-control
public, max-age=31536000
x-goog-stored-content-length
37
accept-ranges
bytes
expires
Sun, 28 Jan 2024 01:18:07 GMT
ct.html
ct.pinterest.com/ Frame 6C1C 		565 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ct.pinterest.com/ct.html
Requested by
Host: s.pinimg.com
URL: https://s.pinimg.com/ct/lib/main.57992c41.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.208.183 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-208-183.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains ; preload

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

akamai-grn
0.ccd5ce17.1676485726.40da5ce2
cache-control
max-age=86400
content-encoding
gzip
content-length
323
content-type
text/html; charset=utf-8
date
Wed, 15 Feb 2023 18:28:46 GMT
referrer-policy
origin
strict-transport-security
max-age=31536000 ; includeSubDomains ; preload
vary
Accept-Encoding
x-cdn
akamai
x-envoy-upstream-service-time
1
x-pinterest-rid
2511565848332474
sodar
pagead2.googlesyndication.com/getconfig/ 		15 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023020901&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3220add1221254466cf862b633c75f713d8a053465f77f44729cec279334b786
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11295
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 18:28:46 GMT
container.html
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4B08 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Thu, 15 Feb 2024 18:28:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
container.html
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 23AB 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Thu, 15 Feb 2024 18:28:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5776 		624 B
504 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYuqmj3wEwAQ&v=APEucNVc02aS1KKZirjS8Ot-I3ptf-kmrnIbAX11abtUe5rEhsnswSW9WYYpUMSQkXiNqVhjWACv_blrlBMvlpFIFG91BhQBrgjivEUvOIzSUu4c7f9lVQ093CYkKM88Vw09rfAuuMNnBDKYRy7Ty3zh7Lu0X9LBSwM5lPQQbYyfoafLwf8fQzk
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Wed, 15 Feb 2023 18:28:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 4B08 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 18:28:46 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B08 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-B-YaUEn7o4tkWULJM2LMgnRAcqhu_Zjdl4vjDgQi3_4Sib9aIR5wVB08X8jGD9pTBkPHexcMHj-wkScQqqIeZh1T_rXslBzD028Q34a1wd-mkidbg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B08 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15085085495913454583&x=1&ct=76
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4B08 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
26535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 4B08 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4B08 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48832
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676324880006035"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 18:28:46 GMT
pixel
protected-by.clarium.io/ Frame 4B08 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31gpb5c4ib&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTYyMzU2MDQ3L0dKRDAxTS9HSkQwMU0tRERILkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LTJiNjFkNzQ1LTk5ZmEtNGVkYi05MmM5LWY4ZDRjMWI0NjNhOS1hZCJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D&sb=undefined&cb=7477091&h=mysillysquirts.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.109.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-109-97.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame DD9C 		624 B
826 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQh__jARinisWiATAB&v=APEucNUDFsH9e7JrRG5W4Cvw-Lcn6visBzqyo1f0PPsh2UrrWv8eSW6Q0UOurT4AjcKs544oJPiqXHv4POpnowiUn_Sarg-dfUu8cQKawpejgPM718FdXbPWrs41fIkDiP_RwlPyDqBb5iF2ETsqRx3dWIu_8gFmXJxv8DTgDwb0zu1Rba37l2Q
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Wed, 15 Feb 2023 18:28:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 23AB 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27798
x-xss-protection
0
server
cafe
etag
12162329123218539290
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 18:28:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23AB 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AB-MsQ5yKZnyb96zqFiZClJxNLiEOQLi0iscIA0gbFNso92vR9z7eIyBmLtuRz30N2GIFrfSVfGD1rJQAhohzRodG40P3BjP3DMkraaunhZ58l9KE
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23AB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=3110893445594159991&x=1&ct=76
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 23AB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
26535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 23AB 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 23AB 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48832
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676324880006035"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 18:28:47 GMT
pixel
protected-by.clarium.io/ Frame 23AB 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6MTYweDYwMA==&v=5&s=v31gpb5c4jj&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTYyMzU2MDQ3L0dKRDAxTS9HSkQwMU0tRERSLkEiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LThiZGEyNWVlLTc4ZmItNDAxMS1iYmFkLTg4ZWNlYWZiZDUzZS1hZCJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D&sb=undefined&cb=2320709&h=mysillysquirts.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZNVFl3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzY3MjU1MDEwLCJ3IjoiMTYwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.109.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-109-97.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
container.html
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CCA7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Thu, 15 Feb 2024 18:28:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 07BE 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26536
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 11:06:30 GMT
expires
Thu, 15 Feb 2024 11:06:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 5C7A 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
a4aa71df16656f9b0e83e10e3fa189756733d1b591b46c26d461f38f3e08cb33
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-F1KMU1WYdIFkt4Xnf3dKlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-F1KMU1WYdIFkt4Xnf3dKlA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Wed, 15 Feb 2023 18:28:46 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
pixel
googleads.g.doubleclick.net/xbbe/ Frame 5254 		624 B
505 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY_tXA3gEwAQ&v=APEucNVXLqeDjA4QW4hhj4Uzq6uAAUz6IWmtAZ_LERkgqX9oSxR4042ojA3D9biu47naLER_f7v7UkJvI6vuKXtOHAqE_IQ7RUZibs3e0shn9TvjU6iI6uss0d6t9cTUtltQsWv9z2pSdHY0dQP2_esyC83MITSfauLVaL-do8I5VhkwPADpWYM
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Wed, 15 Feb 2023 18:28:46 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame CCA7 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27790
x-xss-protection
0
server
cafe
etag
3677590245327912432
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 18:28:47 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCA7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CYUnSv4Z9dXn1NuESCCZiqFKBahrfWYJbaHIy9ZoamazbDB6m7BbVKAa4DkZpzj3ntZiYsABTx6NknZjNvJaUDbjt3x1TiZG-XI3oxcfqHVSqrPbU
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCA7 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=1828637404939897717&x=1&ct=77
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:46 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
track.adform.net/adfscript/ Frame CCA7 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfscript/?bn=60824992;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=466627326&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CIoGiXiTtY6aUFYqTjuwPif2vyAqO87DGa8_BkZLwEJ64iLaDAxABINjV2CtglbqAgpgHoAGR_tGiA8gBCakC_EL8qeLssT6oAwGqBPUBT9CMJO4kkp23aki9NvrbXTDpqd89x5v9rONVLD0e17LtcEk069h654sWbCgOJaBk3IRQatqOXgSUH3LBH7owtGZonLVWjGd8FEKM-PCccW7blq-7XKD3rplkhWwKkIB954Qz2IH9IslSv-7CfMW5gtBGddj38mNHg5Id56F1-S3k3sjKVoiOlazlYLbYeI2-ZHgGRo-PtRF2T-hS9ugu2dtmIgixnImOfgXugUK-k1EXMDfaFXh6mGvFK6iEFld04UD5Idye1GD0df5rHLdmSWG0qAdfOmVgBN3unDSKzWukCuIVQ54rBAH22pso7xque7fzdRDABIyG8OaABOAEA5AGAaAGTYAH14GuXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzcyMjM0NDE4Nzk2MjQ4N4AKA5gLAcgLAYAMAbAT0KGLEtATANgTCtgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSTADUE5ymNfMRvs53Tm_D0yjXBcK6U-pc62oSNwRUzFxNZ3s_MZaz8iHXPWvOA5QJ2oIhdAMt91_Buh2lIrx3Iywj5_5G6Ycm7VbIdCkYAQ&sig=AOD64_206-WuUHFx_ubJybfAi8ZDPIa97g&client=ca-pub-3944954862316283&dbm_c=AKAmf-AIcCjZlJk9ZC-rzbkO_D-WxZdxeznIseW8RH8EYYdeYKWbQXzZzLAmVtN9cd-nJQFY5G9K4IGn0Hkw-KbpVsl6GNHmuPuXuGWA1rGa6840ZV3vu8Yx5xgv3jZJHHaa_eKbb1crLLJ5xQ8khYEDMBK_PGTmyMk_U-8LuI1qCptSEyDWc4E&cry=1&dbm_d=AKAmf-B_bNVQB_GRYPkQ8YtaSCvOo479dRCViiz1XkB7bfQjwjE6gKei0JS4EorVe9M2g9FsCldbbAgN3hTxSXaX93na-OLwWt-IgP4xX3vjKlaxr9HWedBvT7GPITavBUwm9AdeVdO8NhI-64OzDZayV5fnhRWp2eJwcTbE6ULpddvHb0AYHOABs1T2V6kneHl1H_sCAD_LVZaD5j_xAWeZPFQNL3Q0Il31x-_Nk4Yxt-GptxDP8_MS8nxXvnocRXJ0QvZZLE54Imb5kbG_nkQ4_K0AKFV8nEXswrzMeueyoaj3cnLWC4fl3DfP9yvaajIsahkiu_wuDPp3lZ02RiIJujG47ffQ5Pb7E2MMq5dty_Nib1KjscQ4H5hnTXAfN6Ip9ZKPRhn4g8pt-yr-M0i3YJZLLvYoHQzj8Hq5dn48px6146zFIQqaftVbX6ZluClFZK0L0L12u_wHvzHbGGmz0Qsx0SXtDN9GzSuar7HuGguVxWKuzN6Mo2b6h6M7Z7WRm0SJE5zHOQ-sDaFbCg0CVfoFjze5Fes6tDJnfOagJ4GuYfy8kaA&adurl=
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b9ba192210072d611d9b71e1e9a38d1af351804e8ebdd119568ed19fd0cd8060
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
cache-control
no-cache, no-store, must-revalidate, no-transform
content-length
2876
expires
-1
ai.aspx
m.exactag.com/ Frame CCA7 		43 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=466627326&rnd=1676485726346662
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 15 Feb 2023 18:28:46 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 15 Feb 2023 06:28:47 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1756
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame CCA7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
26535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame CCA7 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:30 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CCA7 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48832
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676324880006035"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 18:28:47 GMT
pixel
protected-by.clarium.io/ Frame CCA7 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31gpb5c4mi&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTYyMzU2MDQ3L0dKRDAxTS9HSkQwMU0tRERBLkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWExZTliZjkyLTZmOGEtNGM0My1iODBhLWE3ZjQ3NGQ2ZGI2NC1hZCJ9LCJkc3AiOjczLCJ0cF9jcmlkIjpudWxsfQ%3D%3D&sb=undefined&cb=9204535&h=mysillysquirts.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.109.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-109-97.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
pagead2.googlesyndication.com/bg/ Frame 07BE 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
33759
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14458
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:06:07 GMT
rum
dsum-sec.casalemedia.com/ Frame DD9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG1ns822iD8-GYaZb5oI2WA&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG1ns822iD8-GYaZb5oI2WA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQh__jARinisWiATAB&v=APEucNUDFsH9e7JrRG5W4Cvw-Lcn6visBzqyo1f0PPsh2UrrWv8eSW6Q0UOurT4AjcKs544oJPiqXHv4POpnowiUn_Sarg-dfUu8cQKawpejgPM718FdXbPWrs41fIkDiP_RwlPyDqBb5iF2ETsqRx3dWIu_8gFmXJxv8DTgDwb0zu1Rba37l2Q
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEG1ns822iD8-GYaZb5oI2WA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame DD9C
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.0kX9UJa8vwejAZudlJFQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQh__jARinisWiATAB&v=APEucNUDFsH9e7JrRG5W4Cvw-Lcn6visBzqyo1f0PPsh2UrrWv8eSW6Q0UOurT4AjcKs544oJPiqXHv4POpnowiUn_Sarg-dfUu8cQKawpejgPM718FdXbPWrs41fIkDiP_RwlPyDqBb5iF2ETsqRx3dWIu_8gFmXJxv8DTgDwb0zu1Rba37l2Q
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame DD9C
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEFTiCrAr4b9l59h_qTrOK_U&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEFTiCrAr4b9l59h_qTrOK_U&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQh__jARinisWiATAB&v=APEucNUDFsH9e7JrRG5W4Cvw-Lcn6visBzqyo1f0PPsh2UrrWv8eSW6Q0UOurT4AjcKs544oJPiqXHv4POpnowiUn_Sarg-dfUu8cQKawpejgPM718FdXbPWrs41fIkDiP_RwlPyDqBb5iF2ETsqRx3dWIu_8gFmXJxv8DTgDwb0zu1Rba37l2Q
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
AN-X-Request-Uuid
c2c1829f-c390-45de-98c1-11ef13747249
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEFTiCrAr4b9l59h_qTrOK_U&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame DD9C
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA4NjM2NTQ5NzE3MTY2OTU3MA%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA4NjM2NTQ5NzE3MTY2OTU3MA%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLan3wEQh__jARinisWiATAB&v=APEucNUDFsH9e7JrRG5W4Cvw-Lcn6visBzqyo1f0PPsh2UrrWv8eSW6Q0UOurT4AjcKs544oJPiqXHv4POpnowiUn_Sarg-dfUu8cQKawpejgPM718FdXbPWrs41fIkDiP_RwlPyDqBb5iF2ETsqRx3dWIu_8gFmXJxv8DTgDwb0zu1Rba37l2Q
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 15 Feb 2023 18:28:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
136896e0-75e3-40a1-ace9-151822b17cb5
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NjA4NjM2NTQ5NzE3MTY2OTU3MA%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5776
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOia2PZGep7tCMjdK6E71M&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOia2PZGep7tCMjdK6E71M&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYuqmj3wEwAQ&v=APEucNVc02aS1KKZirjS8Ot-I3ptf-kmrnIbAX11abtUe5rEhsnswSW9WYYpUMSQkXiNqVhjWACv_blrlBMvlpFIFG91BhQBrgjivEUvOIzSUu4c7f9lVQ093CYkKM88Vw09rfAuuMNnBDKYRy7Ty3zh7Lu0X9LBSwM5lPQQbYyfoafLwf8fQzk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEAOia2PZGep7tCMjdK6E71M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5776
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.0kX9UJa8vwejAZudlJFQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYuqmj3wEwAQ&v=APEucNVc02aS1KKZirjS8Ot-I3ptf-kmrnIbAX11abtUe5rEhsnswSW9WYYpUMSQkXiNqVhjWACv_blrlBMvlpFIFG91BhQBrgjivEUvOIzSUu4c7f9lVQ093CYkKM88Vw09rfAuuMNnBDKYRy7Ty3zh7Lu0X9LBSwM5lPQQbYyfoafLwf8fQzk
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5776
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYuqmj3wEwAQ&v=APEucNVc02aS1KKZirjS8Ot-I3ptf-kmrnIbAX11abtUe5rEhsnswSW9WYYpUMSQkXiNqVhjWACv_blrlBMvlpFIFG91BhQBrgjivEUvOIzSUu4c7f9lVQ093CYkKM88Vw09rfAuuMNnBDKYRy7Ty3zh7Lu0X9LBSwM5lPQQbYyfoafLwf8fQzk
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
AN-X-Request-Uuid
3f05d4f9-5b8b-4308-8e07-64ad9b0d3151
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5776
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNKOMxDkyTkYuqmj3wEwAQ&v=APEucNVc02aS1KKZirjS8Ot-I3ptf-kmrnIbAX11abtUe5rEhsnswSW9WYYpUMSQkXiNqVhjWACv_blrlBMvlpFIFG91BhQBrgjivEUvOIzSUu4c7f9lVQ093CYkKM88Vw09rfAuuMNnBDKYRy7Ty3zh7Lu0X9LBSwM5lPQQbYyfoafLwf8fQzk
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 15 Feb 2023 18:28:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
431ae13e-784a-480d-b2f6-824eb149aa6a
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B08 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=9303640504345&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B08 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=9303640504345&version=m202301230201&ct=76&x=1&cor=15085085495913454000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4B08 		94 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CIPVMWHQNjdGzvFQhmAj6rLGny6i6ppT9kVg3w9mLfL1_En90lsWVKYKHtqJhdoy1px0TfXhQ_GQi5F-wy_Unenuf066El2qY8XbOtPfMlqYGtMQvRggzgOlb_zpfggFXZi5TDteOPm0Z_FqiiQ0eUBmWCLqhS1YyhJZt-CFoc5GNV2vU&dbm_d=AKAmf-B0Fpu9jDdzFXek5Ne7QJRzIDa6xYtqSuMZfL_yp_V7cY0K207C_x1zfzu-u1D8VP0C_0ptU_3AKhie3vOfeqWnm_-1t2wZQhOPWcMEZdp7Q6uQjNlNMOeFmoHH_v04MyWRxeIwPtKqxMiYvl4_inyR1UfFobiTl0v6wZjSy0YjnYvQP4Y_X0j2RBWgazQFDbA_wunivP7ZuH2XILDqomYhxSGKmNRdvZXWSuej58VimRk5RVVoQRnjXkUwjR2tx43bAY8ELrmyJ4Q_xbFvzbamEDVdH7Y1Q-S9fM26AXhR5dk1MJBuVrJvE14pUZJs9QqzpnVknVOrUoccS5I14s3IPcM6h0aEkI33EgCZM_BWw3-pzkF7ActQqJBqYeOxWT_tO8ATrNMkvomGOHzamDP_cYF5PGnzgyNVlUJ7NcypGWxdFzCgdyEHpXVHv2OMfY5HJ1Bed55_GFt8_M6-Ttgtvf3kPUs4l0JidV2BL2CpR9twgM2bIYMgAz628yLOZPgYWDITZ7hngjMGd5A0GqGA4UhF1MzvOP0B2CKN1emxDoRyMCRRE226B35X7qi9cKRdfcGgzMPmXkrEwdxmDrxxUSpctymqsvyMSI18FPGSmTsWG5O6bB13VFlh9nx_YCt5mug2cWGKff0q3dmE43zhIgkliOIjK7WJRFkxx3JNjcuIzLaMMzjZLAp6l-CkazZ9ebx1J3mTnSUVBkdGiIeEGHdzIypOphE4N409rtow8T2MnBUggeW8fczkJkfPhSPM0AwMw_wZu9xF0wUNQGP0ycZ9oI75OaLe84WGgGrEt68rct5PQFLsEWf7tO252csZaYVLrxHIDXTtAJOsHLzhjScyXR1lmebJUI4gS7Iu9tXfEE4CQOlIqN8lN8x_2n_FG24cf-mjNsyLRGd2hkKGUnLzKwCkXOYKdTRlPa4uoycVxEuHJVlJIXy0hOO5pA8QTM1EMsdIHdM2xiAz5U9VM1CV0mVIIvAayEdlVWed_HpGXhacpIO-yNeEwyFlYDn7eynvPX6ZcYmhLePtXQo0jVtx2-iudHYfltBymm7HtJrlOEu9ciziVIwlUWG_GAb2BJj51FCVl34me1-9-cCsHq9aXrem7piaI7CoUH1PAgtyntCkWOmse1dCXMtSE4F_ae9aa330W83HeD6wBeGDunpd02uv3fQBSaVEdDiqY6MFtpHED3XU8ePU2D9lGyBRzUagVeblOY7ldls4NIw-eKXS0zylQJ-3tIPti1qoND0ADkBZVokTxXW9zbV3XtwVv37PHJ39EDUtzUiwacwlnYrfPW3F2ldx1TrLDP0W3FgDSemYTIBnglBT_Xb4_doADz37PIipSUFEAVj8UKrw3nuFsmmjw6JqR0YpdBAGLrSbbYW9HETYg0EeTnWEQOi8hxQ34oYfcF2u5MWB4mH7dQrn1nmTHu5d8mhFnsoXvHUS1LBXtXj6T8kDY4fpQ1_O9fbzwqaGFLCUwB_6qo8ViT1-tsE1ck82FzdyUBpYOhFf8iCLXiKuWjvLLQtm-d4yAHKjGLox0YbrpMtmcPNBlIEQEl4evBQTXPYnbGsN7qyb7AOeqT0AHd1JWrFilr2BRBRoWRt-VK9Fc-Bzgy1GPh3kTeLCuJdOFk22HanSjFIiOgmp_eAZ-0SECJdEPSax9JPqcy-Fx6lhpaHUgsae_zldWzdc-gDIAUvIjlTvUOz3lTX5yHGyC6nEP3AJ-wjVI4irDMbChDL00vwV0h2TeX0cMdbLwUK8AQXGtgC0fbPi8CWYDYNLHatygQPVchCOv0AH0MUmurVAJkofxSEG8NeCpjoj92XrnWEY9zDT8BQZzWxTmRnCEyvLwI6GyVu1cg3kRzRLn0Y8TIda2vEVV2OpXeZyQ2FTKYKqXmtrUNoC9OiuhPzYHxCIHHSUKRDc9ntyUng3jntna5wIPwiA-SJw9gbAo1yPICAQJzY85NSkJqYdkqxUDsaZCerf2z3nfC3WuiHIMGETWpsmtrocI0yxKXe8BUK5oMtFSZwogWbENV0OT45iPIWWPDE7xknZO8-TRNlspw6mMYBrLfQL3GWb8UydtqT-p-ue_rBZFUs9yvHZL6NaJ78gwxVRWJDZkDz_ONI9VxqefulAtRpD94d3Dr8inY_y2JdIOAva0wZGB6yvD9cSGhmVTMRynvKAmgiJIRUafZbHV6d2G-yfTvU5Q8Y13N4fnOkKpqW8dKmwcVcTfzesAPoxcyBE078c7XgVrvc6dJPKUqj11lQxmKTY0MM_53dGQIZS5tEJLhVuiLxY1jHj6QgZ9XtFk4JKTDc18nfCda3NHE__TFn-AsZY6grkXqe_yGZ89fwKaZgglZnDPJkxemkLshgjUkukNz3OXlrWK7BGN6n4N0tCIQYPsE1POLD9o7zfSt43Oh7GV5vo2rX99O_11M-J-nhn9c03bRC1KtiHeNUinBoRcvyO8PGL4P0ybgxMM5UrEvY3Ta-jaWkqwZ4d-_n8GeF92nk-RPgMrehRFTywqTIMclUZ8epg9kB4MCgjn3QhSNy2UeyBMnZ7sdof5pYVY4K6lU6LK5k5r_AmSmRSEuPP3JeC41lvKcumk7OLlRQClv-uqcJLbmFulfpWWOjKuGD1O9UJ57AsGjPA93j96X1Jjq-wXSJ2woEr6ihA9laCSFGnBXNq_DOZeEkEd24YvpN8Ib_ZWIqamQQqB05SE_HLkBui9Kd4fqYrpFTVcwvC7PpXEM9SUKLgjkRMQUQxiC9AtQacrhqYbN_Qu9w9NFO0-gGgr8L5Y0x-ob70EqULbuAYDg_Uo4FzM3wsP1Y37CQZDBSh-e1vPeRHe4FIijSF0-52PEGmnUn8LKwzifiZ492ImMDspSDD6pheBL-R9JPBk54ihxonb8HuKvqa4x2yjhephiqcetlE4QOYE6wa4JFovSXbPqX2z4msiJ8Gzm8qmHV30PoY4dfnb886U76RaImGLvGIaWjOtMjy8TF3kTP52SQwISCOhHXFYxnt8KMCgAMmVW83wk7noVBJvaptTAFw36W60XD0ZHk2Ndevb1fcd3Vq5eCIP8L4RtJUchGA0YgeR4nrCl0u0T0PoRcguPNQCeAMQ4QGBIFxP3ZNEHdgZBIJHtW2JYS5zVURK07nVg2COCOjE5XAeafeV66xrmd3ucsNJcn5w_zMvl3Ck8cjFHxceUCMeDZj4nRC3VlgDP7CeA-4QLU6F6biTLS_XX526dXFdxOfn7RGlVdgEJ4RIg80F0WqVjptCp5Xqq2zDOrKgGvwpDiFHWNF2g9MBDjOO7448lSbYT2sXAxJbh7tQG36xOLEHmPBUE6Vv4RegfDx_gQrTzuStijH14AclFQp6gwcYD7SoCqIynqtUJSFCbpjA2bVjygsEGpXGIJ6wr0vMq4yDtuVb_kfEk1MQNE5PHLFeHp2Z-bBV8nLfSyTxYEU4dC0AP7kZ1Flsw-EnKMe-5A8grjASMZvu6TAoAcCEg&cid=CAQSTADUE5ym0bYUDX8vK147A0ckSAekdhqxrWjacR0_qud8BdP6PLAGUMZS5NU0kXlzRcWH4aCeDzyNyYKC-QKEbR3-OnwyYU5eZfqYI28YAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmysillysquirts.com%2F&ds=l&xdt=1&iif=1&cor=15085085495913454000&adk=250412560&idt=185&cac=0&dtd=8
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebebace3fe9f2e5f577c5489fe05d538cefc13974dc4f7aa7caea907b03e630e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37793
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5254
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY_tXA3gEwAQ&v=APEucNVXLqeDjA4QW4hhj4Uzq6uAAUz6IWmtAZ_LERkgqX9oSxR4042ojA3D9biu47naLER_f7v7UkJvI6vuKXtOHAqE_IQ7RUZibs3e0shn9TvjU6iI6uss0d6t9cTUtltQsWv9z2pSdHY0dQP2_esyC83MITSfauLVaL-do8I5VhkwPADpWYM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 5254
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=Y.0kX9UJa8vwejAZudlJFQAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY_tXA3gEwAQ&v=APEucNVXLqeDjA4QW4hhj4Uzq6uAAUz6IWmtAZ_LERkgqX9oSxR4042ojA3D9biu47naLER_f7v7UkJvI6vuKXtOHAqE_IQ7RUZibs3e0shn9TvjU6iI6uss0d6t9cTUtltQsWv9z2pSdHY0dQP2_esyC83MITSfauLVaL-do8I5VhkwPADpWYM
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESECOCP12voEXiyEeCYXlTjlQ&google_cver=1&google_hm=2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
329
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 5254
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY_tXA3gEwAQ&v=APEucNVXLqeDjA4QW4hhj4Uzq6uAAUz6IWmtAZ_LERkgqX9oSxR4042ojA3D9biu47naLER_f7v7UkJvI6vuKXtOHAqE_IQ7RUZibs3e0shn9TvjU6iI6uss0d6t9cTUtltQsWv9z2pSdHY0dQP2_esyC83MITSfauLVaL-do8I5VhkwPADpWYM
Protocol
HTTP/1.1
Server
185.83.142.19 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:47 GMT
AN-X-Request-Uuid
ec9f9eb6-ef59-498f-ac40-ef76ff080e08
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEL0k8dcP5yjmcDxJ5IS1pKA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5254
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
170 B
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPL6BhCIo0gY_tXA3gEwAQ&v=APEucNVXLqeDjA4QW4hhj4Uzq6uAAUz6IWmtAZ_LERkgqX9oSxR4042ojA3D9biu47naLER_f7v7UkJvI6vuKXtOHAqE_IQ7RUZibs3e0shn9TvjU6iI6uss0d6t9cTUtltQsWv9z2pSdHY0dQP2_esyC83MITSfauLVaL-do8I5VhkwPADpWYM
Protocol
H2
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date
Wed, 15 Feb 2023 18:28:47 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
217.114.218.28; 217.114.218.28; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
01f3efe2-ba41-4378-9717-af8f2c26afb1
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTUzMDI0NDMwMDgzODkwNzM0Nw%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 5C7A 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023020901&jk=1919316167716064&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 07BE 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?i7eqAA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
skeleton.js
fw.adsafeprotected.com/rjss/st/1333404/69076805/ Frame 4B08 		243 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fw.adsafeprotected.com/rjss/st/1333404/69076805/skeleton.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=27496782&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=16627720464&bidurl=https://mysillysquirts.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gwQk9FMLTjKm_CRj7c6iBE
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.236.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-236-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
5a506a9630390b6dc5afe9042358b2db6ce8c09b0faa041c908b236687b42cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
fw.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 4B08 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Origin
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 06:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 06:22:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 4B08 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/omrhp.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 03:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
52799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 03:48:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 4B08 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10817
x-xss-protection
0
server
cafe
etag
7837758721724492523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 20:18:10 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCA7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=4551862573142&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CCA7 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=4551862573142&version=m202301230201&ct=77&x=1&cor=1828637404939897600
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame CCA7 		28 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BferLyScJUumd6b1Y6Glvtugot1wtwaSDtqxEF4TmT48ds1YlSCowN3hzoNaUizx7YQqtB1WCIdCGssAlNsx76cS9U8i-a4s0ercw4pHygFqI634nUozU5cGrTtUA1YmKRDNngl7R0VRHWiMUNU4NE1lrlyUi58bTH7jobCtcntGvp9WI&cry=1&dbm_d=AKAmf-BzIEQikrtD-HtMGd2UORehdgMQ63GPf6YgYvlguCwAgQQEL-tmRYOd9cZkHjcpWCHVpy_TvvV2wcoRlJNmzdJ9QjMUFWK7n7XZQp7YoJ33O5uSoMWPxeiyZMj-DTdRAuZ9Y9M8q4n7YSBGgpIcXKUgfaPpAMGMyTk-EdRaZdyy-Ma5ZtYTsyQ8UQ2cJPCvgHpbL1kd3kf9LBvzR3UAaHJeRiC1mHrgRBTXTlRIrPyOKtc2sIvFAbZsnbIT-ZlE-BIUVEd3XFi34QnqXzScMn1s8YIP6mJYy6EqI4PFjofsZIB0NNYRzYqF7OvTf1v3KpozNCor_C_Ti_alPv5DFJ_mCEeBHRHUsqMQWWmXIpceVqMRm_kbPsDqgPE8nioH1TKvfi7uh_tiNvu_VceGL0yLj4QqXBMVJhGsowFsLPE7dBuDIXBWYZjDK7uNKbls9QwXFbGHsz9pgh-OZCkREwIVMIGxRMYkDXEi1yHO11i22JTSEPZ1KJuDgo3P_xKx28lO5IEv8t2JdHZkr2UH-BDr40vtsMa6IaCvsBa3ctKJo0VR1KnF14mEGonbkpvmUAAWSQsgxFqHKcIo92F2kuUyXUJK7p2NiPjxIBjSZiUDkl5l5wfocCSEkzbWo9Br4wXCkZ9ITKD-MXg2YS5CLrNzV1aw2LreYSHFK7jIZqQ6v-ppbMUeAUQMjY6_bWhF6Vz1HX7aFob_Bhvgnx7OlV3qwgl-LHbDkV2FZTjCZWg6kw937MmpFZxIoEBFB4SU-IXa8AzHBiZ_oMxa-SU1TsxeIf8yOCC8pCOls8EbTKBgm7aQ99VdSAlocI4LXT1ojuJdJiUaGEdYbIhqvy0YmjwpTbjP9n763jSC8Na4druPBV1HsEqd5_JNUrjaeHgmnG6BJGk_hY7KqbD66RL8RwovfJ6TGd9RrGYelHQkSdVosDEQx8fPjdNp8f7zrBr6KzdtLHh3NfStRUIHtdVWCNkqmsttB_Gts16rk4Ou2VD8hxr4LU1-_FrGpMF3vW5Hph30-5TVNLpau-0aC2yQ3OgEzkJihQajG8TiPgZx0yi3I7SIvATgvw0T-gd5R0SQzQeYx_VP4zsZjeeomo_7CJJY2JpsbumgKx7GPR7rj2vgVOkYCxPpl9DTrLMQzPTi2BF-kOB9fUj0zvv6isOvCmLVswV2AW2bfzYY_m1PDpeKNrGVVcqECVTyYWGNSEy2FZahRay8WvhprxQwiryOfV_Mo8W5fhV77ahVSbzByw__sz743H-0SOkaD0XBTgm35wlPYVl7visi1NG3yhpRjTjUPr3mRChU6tV1VYn7FeibZVZhWBaqzJo9FFB7q_zGszOvcIqEPaZK6187dnMuZrUNgQ1qWG-CLHl5l4D8No9d9AUmhLkpQFuBKXJGCwZD0Cz-ul7Kd8vkAlP692actyaX4C3BpPWgD_LYIVqH6SRsLifY5OyLX6NtVJf_tGunAuBj8fk2OmWePfmj7cn0vB9KW4YU2uCExc1MqRuXzUnOztiPWPJjhOGRYRAwmI65YgL5_Tjr9OcTgj9BGBZim-PKIdKDDbdznoMJhy7WzDeF3-cMXVQKlwgeDvbkxc3oxM0DEircmBlDIcWcbS_C9v3SN214Se4HQnAKa1GuhkAPuJffilPsqQKjSnV9dID_KhccvSQ70vQjgii1WO63O-Tj6hg1oUTJQnwwQWTzK5q7oOR3UaqC9pOyqv2Nc_ofA3HVh1lRquAiL_40IRlHHOXTreMSUIL0jqiLdOh1PqZHP5X6zszzeCaMj4TQoj_fZ5Rei2CHfpqWjTwBjf2qAzZ2TxVGR3tYHgHNSjCXUUQYq8OnxykS9_Fwbth370Lzyv5pKEL5eJPPic-nSt9L60EawcSttYJTnvQOw-KyfK6Y4WiTPqu6ch22TGAzTvZm1dZVv-iEhKRSwq7E43R8CeJt4V3kawvkk8I0c_TKRGIk0Bg5-2LHXqtao6_y-3e8MZa-uK8JCOWjbR1l0XKrEN4MfGYwWseVaGMl1IXAUYlwJ6ge7bbhcsFyu4Me1U7x0h2uwGwxQFtIoyM_7XFc4BErP4FM_Bmor-Do8baaMiX0pIPfBkabDefrsX_yRdjtkVkA_W0iGlc88QRCFLckuPTUKisaLFrBUR_4XUJES3tv6zcvryTj5NhEKdh72IFdpyE9GTiOHC8EZoTsdHAI984zN1vE3yqeQTeh_SPmpO4i10miWIXU9lg0s1ekGVWxhAUrQ0dXlkMSbYNcsJHTIjqvGPnWrgaKNPqBZDqEGaDfUCre9_8H5nXyfKPHIpSHDtbnFJ3xHOgzEbdbglgi-Kmeioex_EBAGrBr-_wG8ROYlKwCyJiwmhrT51Z34ESzBABpSJCm9929wk2D0NJZWRxS9dhWzrcMwI5Tmre9SNA76oWKvNM0syXu_Oy8KhgWwDFdusGqJd3G5u6Sye6oUACF1I5fijH0SGVo67RtfdQQdNT_JfP3YP10jICdWxOavWGwleS4nwHMpoFZvkYyxSOjuHdR9sVYos0ns0_C5t6bYP_RYurOq0bXoxvDEZrgXN92pJsOq9hE9UT8j8npvL4vZ81_iCpL5zbVmPr6bCT6AWrg8-gTmxTVC3_W8gSKZjkPDgtTRzSqEgZ39jKwvml5qf5hiEm4r9T_SZWQNdNTMpWMpCLEjAM_NYy-NjuuICqr3vRw8Lgxu5Elit3k23U3pDBl3ViXlKcEbrCMHntVbJJ9E6nBGHrDU7b8v02gN_Z3rESfmc6ZZkxDPwpH5U9m2qmP6k_yR0qpNjkDVdvSMfV3WYuVPECG2TkdnmkMuUoC004eYfJVnm9GNHbgjMKmmDSmZJiUZzWZaLWFlFMwlKHpYs9PheBTo6b5BzvrWRaE4KDFr3atLlEq95tVk8RHp6zkV7r0Ifq9S-gPBxiCrlzjs_TE7E3feg_B_Y4PTCVo7c1nXOE95lJrpzgDhpY4tbA-TjQnZFD4sYd4TKthWOeCMRglBjrIbpW_dIcQHoFhuldrYw62Zrc5Arz_A38CbqXrF7MPEt7xwK_krJAiNPnnbyEtY1d1L3Xss9Y8m5FLuB_TS6Spr_NRPehOE-iHQqUZoZ9B7xFDXlhvLoM0sUzQVSnQzr0dPBePrs9L_Fuvlug9ZhFfoJEpmo_0y7qHNCB7AUjCfzbOlmqhJe1iZOnoK6wUdPSr3F4UPHsWug3BcaDdjzqxJYz62tYr1HkyZ4_R4UdXJ7ESljXEttUEDko6EI89KLNbDlVhRpmN7jWREXUMuOd26saj0cqTSJ1M6TUb0nBolLbxoH-VAa3hRPahELkoX21RqImhE6XALLtpP2kxDvRQJxc-GzwnEU1_H2Smpf9ZVzPKhWdxV3ori_4MF767-KFjL8ZLigHPRYjWxKeVV615M92tNkc-fiBx6wHE8v415a-NdIEA_B8HJdcyqa2rR1CRcLzE5VOr6M9E1ZbVfGGQMa3VGMbRaqFw8aOkqSnNW6WE3QMsUPsVRclnFQy51ntT1w3U-qmxlTbQnKi31L9wxF2xz4veGOpq95L_8jBBuSHb4Yl1-dAGGV-ca9vPknVDjNiQzZ9OqhhM7u9f&cid=CAQSTADUE5ymNfMRvs53Tm_D0yjXBcK6U-pc62oSNwRUzFxNZ3s_MZaz8iHXPWvOA5QJ2oIhdAMt91_Buh2lIrx3Iywj5_5G6Ycm7VbIdCkYAQ&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmysillysquirts.com%2F&ds=l&xdt=1&iif=1&cor=1828637404939897600&adk=2228999115&idt=171&cac=0&dtd=2
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2bab7f53a7e1c2411997c3f279c39a05b9a82ac777c7d5f09480ec813affe867
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16961
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1324607046046&version=m202301300101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1324607046046&version=m202301300101&ct=76&x=1&cor=3110893445594160000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 23AB 		82 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DWFfRb48nOcBU_m5I69zV9w2DN1QwTXBadh-cj_hg-kxXkeIU_QZbD-O66pnmLO1WJWswS4weArl7wTXFglpF9ohm4nQ&cry=1&dbm_d=AKAmf-DNt4Tu9oWXSLJJDw79XOshTbNuXqBbMF4Ntw_SGZRwGV6mBYpzYO5qtcY5eeU21ZmyQfOsjHzCnUG28QgqqfK1VxePdcUQy6FnBu2KSebsW3nTehfMwWgF0hFdfh5vx0HKS8oZqU_bqbkWr1vWKRqoHzObQpOOOWLjC861cjOF5QYHBGUrVqnOmUXIpm8Xh1CGK0kFSZDfIjoQTSQWaKO1kSToNBLHhr3j-5OkypYpQrHNV-QVhQOcIM2xXEaW_SNMTUCE6yxbJ2z58omTcnwJLgPwx4NMCFSvGrLJeNlhINKTBdACKqtjBAxRCn7iQPZQK2uZyiuIOJijD165T1R0jBesx5iZqoRetobmCJY6ngez1s65Ubon5tyd5Lrh0JLuWqsQB8hUxTQPfCErHYVs7WB6-gp_vnJSUxTkjAzDnhaVghYTbqVzOWCilyq1ScAyJ-b2dfts3Z3p-1XEFKaj2oFDTUpAjWCBTHsLDgnyAknEwWs0-8njD8IlCQrr1WdvQZYtySvyA_aBLUbI-tgjI_aISber4BOQ59cuf6ro7Oqp_Xltgiwc0nPhHlvu0DNmLfEm_fdW4Lro6CyQiYdRXXdLsnBKtQjrmYxCavbkMe0v8F4fWgYe7YP2y1m1vQxKgJ543YJxc25T2xRd13aADqXVT2bPMrBTvzGJ_1x0UaRsG8idPd1mkqpVN6B81j3kxc8fSUqoXpFwPZmcykK_6SkeT8rGKi6qA4fUChIw0kjGnSUyGdpyOlY-8yOv9at-wntLl6cb6IFAxJf6P5cl8W0vetMigys9Ll3ffsiMAvcpNNvuSDtDTEu-0ZNcSiUrZMEKft-YbbatPV5KuiXG8FAlJU4wBnZbIQYYWg3PAVaio6k92-Lor7kh2S5q6mg073fSxPssCrZSC11UZG3IC4c7kW-RfPWLJZiHIgMS5_gHII0YwTGfgSz5NocKOIS6fUpNbCkxuti8Q567LllUkA4QzjxtVUGwwydowMFNVeqVZkuW1JrUIX9ivdQMhcE6mk9Nx_vmxxdvn0HRM0yXnp_wM27zw46AdHxiIJYEHuld-L7aFnw8v0HdMLdORc-HpUxmRbp6DyHiu5VbPBjI77Wude-tPK70KzJsvkdjCL58vtCk9kOo7g3iyzgme4JAKR7XxdTx3RQweMYUdUTrQdqWw1TfJ3S1Iav8X-S_yt21jKYOFs1uNMcP4QXjvL1gN2cZhwHgRELXBlpnzFJ7Tkzz0yC5z_7M4yvxzcJgAU8BDKt2STSXWeJtJXfBAjXEu4nTIgsCR66WZ1HzI6TEvKpkev6ZCNZXP9TxhHxSBA992essSCClJesh6T1NW3zqBY0fjAqmScECc4LEuz3U_xfs6-MfLV0XPPcBirxbnrFSGb1WZQF3KUHV6KuUYEQuQk7U3g3XIMMZjuH-TMbwSETr41dqOcxBjL7XCQ-_aYrMjMX5cW174s8xG8cTU1Q89lqo8ismD3NuibzSQe0fkZSIm9v_MepdYoj2MYyNoUCg45XUqWGKu0YbRkhjpdD37CoxFnTdjI87uH_YUjS258uYuHJNjKViK5E_0mCsblokLlaYKOQVCdOQRh-J5OOoBRS8mXlf3r103cvrHSc6c_VutWVIW5CV_PLGGT-SqPK8K6vZKwKkk5ukNMM16ne8-47CrsOOr-3otWscyPlH4vO0NMPC2rSvVit71h2MN6hk8M1mCukcAumr9nIJHQHRvHH14HGtOAvMzvgbaujRgyRI-iPl4pgwztcDxsFUt7xVJpd6Q7WVxFc4OHWQ9s1EoBsQyMdRG0H8AVbc4dRfHuQFYjwMs6NXKK0eZTx2TFEfDfM0Rgi0C7mVtL2HjPO4bQbquLpZYwBkuYeRB1yJgQwVsGZvoO-LMflGjm3Xn4YLUDrj2-pzkQQcJxAWKGhlpnbkwuSNZwbz8zhUA3Zr2JOq3f1ahwSzPTWnaAbxImkl9YwvFpFigCOsRlps_qn3vkhsb-2TXI0anHD9UErtAJU5l5KP5ezJTffY6EdoyQRb_rKjYwMT8ROPN_rWln-jUFIqUhJZ-ugDqAyORgTzfgbqUJzZVdNlFIdT4awEfYn-MqH6E0TNzQqS2XWDTQFAAx0qc-DpcxYek3fOZgheEUCvM69zkbUuZiJZIDBSSQDM6cUJ0cp92Lbf2U7xaB6SFpeEWUAzJPHk8iPev6gI2MoC8gPJUyALE72wbmRvTJJyrhYgi7spX4TtzVqqVs7-EfrCUN9IAo_4wIMYeCOC8I_DpR0IwhIh3TR_WNvGFhdEb56u9qbUpaBTg88X2VwLIWkjNS11uvEPfaL1cAYET01yui5rl9sd_Puqyhhhsb27KBzi--vL--Kugztfasztyp7Waw1oXnS3gAYWJVcFwk21V3sZ_UbukmlMj77aFTK09eoYc6oycJJcCxR5KiQyRCZdTLdpW2-a17urRrB6IfKEFBCF3GuWRcHNNp9wbEkrhEae3uHFdYXdA3UGze7dmpY4GNa7zlA7djN5ewdJfdKLt0HZfjx71pPTf9NCaki2JeZKFYbFibNQ3AIxpCFnZ9StQJX9EH0qIZ9WWlHg_NflzELVNYMF5GA1eEFvqUjjTogdRDwAg7HbHdU5Ed4eazFybBQRyhbJvzgp47cuvKcVmdwgzs5CAFIL4lzR6NeYKfPEnXSq_c8DiGvI4ZJ4dPRR6P5ul7Gl-TXUojbZ8Szdb-KQ8tuP5Mjzl4g6vH0qSxvxLQneb-stPHllsF28ZLqPnxIxneciOAd8DyFU3hYJSg3zHlhSeqwOjYkvTYUiPM-5tKPHbuVfwaJul5_Bil4mBiW58u7NoVBTyQm-G2aivN2IvrkiXbHIeWkTrijF8IZSsyJViW3LWdxkzJ7TA8Yq3Wsm-FywNwPYkgchcoOplqfHMpugdBL-3NU8qO2-cTuTf4JInkG_-a_beuQbFp4lUletv6pvrRsb5NP0G9es10xMShE53Irnx-n6lhhKQCNo3bWnRgO9KSJ6J0v6UPXqi7qxa3qr_y3G5VpTwroWjG23pmjwLN_oCMbJL8XHZbOGkqwsfrTRR9ixw8Ll6uX5Ya9UuIa42kKbf6VyWY1M5Zoz5rQcF36iT_QbzZKsuEl4l7H4Jb9Uwv9W56eAi1CY7kscdccXJiLaeFZRSOG3IHjN8FOITcYf5T0Ku-tX8tpFcRoL_JK73daR2-Gv8wLm48UBW-ea5ktQXEf9MiXwNR81Z-OgzaxHFRHnFF06rw644Fltx3kNalmajCb14X8zCLhwsmOmQhdAMbD1xrAkM832FqfiFQarSqO_xOhIduYEcDP4VmZNhEthM4Ndr_6dEcN4UJU7CGcsaTIaNlD2trM4GVuIw7Qi-ordiCNO00puLosF4atEY8nuFd9iyW4UOy7-xjRe0b8DZdB75gBtC767H9A_VAFeAifzlOkHKXzWfN5xJJv9q00tPpEgEoftpN57GEUNfhp_fGWpgLKQRhiBViICq2EeqybpTVOwYTxuoX_3GNY8IV2y5gsAjz-74XmTtj7AOy8LD6E9HsO_B1Zb8mdo9JBP1wTcr-QwPYca-zZeV8nUsd6TizRygf5LMPE5sKc3W37fjb8iVPp6nKynY4YpQJefmqFtSmnVx3ioOzxlW_iJpPfuYENSa-qSSXoTqyVdhfyIisLXs5BaHlje3ovWqSRZgTXyho2lQAkWGJrbitp4FNaAp3hg8m7rUMRk4Am4dHAczNzdfNa2xg&cid=CAQSTADUE5ymg2DwzV-VXxI4ZhefuRXiHaQxPUvAKH39hfKNEDBLFfJ-SBUNavnd1XV14TImZOhwsJnAM5TotCoeU2tj1uYfClricp6Jr-IYAQ&dc_eid=31072035&dv3_ver=m202301300101&rfl=https%3A%2F%2Fmysillysquirts.com%2F&ds=l&xdt=1&iif=1&cor=3110893445594160000&adk=1964084972&idt=270&cac=0&dtd=7
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ebc20a25271812014fc50e948ad4dbdcf89e2831fe1e3a38a561840cd8ea8311
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35474
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 4B08 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 11:06:29 GMT
truncated
/ Frame 4B08 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0812e9deb79e2488e0e5b1987bb31640869a0e02160b5c5da3856ae132a0cca5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame CCA7 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10817
x-xss-protection
0
server
cafe
etag
7837758721724492523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 20:18:10 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame CCA7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 11:06:29 GMT
express_html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 23AB 		106 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Origin
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 06:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43595
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
37872
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:26 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 06:22:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 23AB 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/omrhp.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 03:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
52799
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 03:48:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 23AB 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79837
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10817
x-xss-protection
0
server
cafe
etag
7837758721724492523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 20:18:10 GMT
bootstrap.js
s1.adform.net/stoat/626/s1.adform.net/ Frame CCA7 		34 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.71 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
content-encoding
gzip
last-modified
Wed, 21 Dec 2022 11:59:41 GMT
server
nginx
x-cache-status
STALE
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=100000
expires
Thu, 22 Dec 2022 19:29:50 GMT
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame B4F1 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 11:06:29 GMT
expires
Thu, 15 Feb 2024 11:06:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame CAFD 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 11:06:29 GMT
expires
Thu, 15 Feb 2024 11:06:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 23AB 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26538
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 11:06:29 GMT
truncated
/ Frame 23AB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f94232cb8db8d584db2703b8753e58c82aad84539e57087519177b3065263bc6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
index.html
s0.2mdn.net/sadbundle/3262300174248127772/ Frame DB60 		157 KB
24 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4aaaf183987b18a9443083873e5c489f1543ce6acabe355a182887c1cb7b713c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
474749
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
24280
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Fri, 10 Feb 2023 06:36:18 GMT
expires
Sat, 10 Feb 2024 06:36:18 GMT
last-modified
Tue, 17 Jan 2023 11:25:47 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 4B08 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaAMSsv1tbaNuhjc85n4eS8EyE2FsRA0F6cv9cEaVUYGW2Fmq5ZjaEDIyD91mnJ-g065UOLiCXCXIIxNXudxzwJ6FWAIL3TWb-9py3eRTAio-EwZhGD0jMSLX-bFu3tb-H940ZjdlP2m1PBTkNYHGoQcallDcJfDmiC2IP4lj56wUjBrD6CcQJDQnOgrGUpwHUf7jdAJlb0DKPfAmYqyyy2mJSnRe4XUrWUgNdu2Yj7evjTSrLjE4qwzP0wMCDCILJ4IRjhoPDnT9Cjk_l1eEctUyaUThpLVASVRmQbH8TCRzB7gnv0qLf3aq-ob5BZnzl7H9rYk6maYQw0120wP1ksrake2CI4RFg0yB6d5WtmD3XNcKnPoIIj8CMrGT8vA1be2Dl_ur1luOACiTh0QX36lu4QoKE5shuIfdwQ63gP2YHlnR-eUGpSRf3b98fUJD-Nx3LFiVOfuJxVHgd9lFHm3fbh5dikITsAEf8AGUnMNIa8CdueSHin9atoTRtjIhVlgRpvMzmQoA63bstTGgBi-ELjJFKSIbBKPTczC6n7TYO1eazcvd91yOeWXsu9qS1e1CeVxmiPkGfsRcTLYnBGENQkx_fF53P6o9NMeA2cQB0eB31Qu-rosVc5r6K7XuhX85Q0RitKYlOnuoQjPCT-j9Qa1b2h0WxSnaCw6vdCxNf3EIdfVJ2kAOvvM7dnLjsTYlH223KwH-3w6j7A2J8uSh823gqoTSjcjCVpA_fx48o7J86tNGbLnuCBBCqQ_os_-8xFxi_8mPmDZFS9CNRlXe8qRuAx55K-9gZlLk1DJ3BudZ8Rv17qGOmDfBX7ItK4Ki-iPrBGh-oHL2CJ8PdRcB9K6MrgkI2mZpOyGSZ_Cxk7YLAe9H7Qpvp9sCv0FG9UWlPA1d4i9Ti8ZhZAUloYEijb2zSMJATaree_gfsvFTeVWqx92l9Q28_h1bmwqp2qawZitalefzwkgH5qikdSEDontgWzop5pFEkxO-nKrUJ8itZtx3CDW3a0gfWAK11XodnVpVGHHw7ABOT1mGPqXQxrbu9IYx5gacAdPT46otCM2UOo8jgnahyyFztqbUDFeJDPtsYfa35KTAtMcsJC6zBVoBPQbSjrU-pU7uMWtwC7yUgNWh3H17uSvMJLHPh__p3LGhKYHHg8NR8i1JcZ1pmcW-DX_7vxMY8GMjuuJPe1eVNp1O_WxYSrh5MAIWb2iBs0QqKcZ8xYHthg4HXK_luHi868vm36iydcAfa18jAnMGQFclA6q5h8JdTVZhKXk4gkzGSliO3nU2WaSoh8Nz8SPBoGY4REHj6HvfZpau5uGkxhVVmag&sai=AMfl-YTYMH9YiXO0Yj-E_QJuHb2lZZwSupUzUUhfSpZBLsa8xN3wLG-jE8fI5E-uTtXLCgFicTt0XJrARK5TF-5cO8u40xmkgUgI6SQFIvJ-LXluOXau-93kp81MQlZfVIkzbcjChmgWHk4AfVl9GNvcRAZMDdvLWCyA4Nt2ZBK8hPPrFa5PkHDtFv5f8u_KBG2gKxRONaU5iLVVHS0rPM_CuBp9qj86s-MB3g_MyP3NPUSzH5tOrKXyH09GxBEi3qFjuhIJ1t6Q7U-QBr6MBETMipAtExNVFYauIFmz&sig=Cg0ArKJSzEM0kQ0cmWZxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=292&cbvp=1&cstd=289&cisv=r20230213.40623&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 15 Feb 2023 18:28:47 GMT
4.js
static.adsafeprotected.com/ Frame 4B08
Redirect Chain
  • https://fw.adsafeprotected.com/rfw/st/1333404/69076805/4.js?bundleId=${BUNDLE_ID}&ias_dspID=3&ias_campId=27496782&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=16627720464&bidurl=http...
  • https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:214f:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Thu, 09 Feb 2023 22:03:50 GMT
x-amz-version-id
ttDhIYiXE0kVliG2ed9eZ.882H52mbmE
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
505498
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Thu, 09 Feb 2023 22:03:45 GMT
server
AmazonS3
etag
W/"33dffa7df253125904b2f354b5bb5e8d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800
x-amz-cf-id
FxqAJGFQDqIAlzL7qHQJLWo52vW-mo9Uw7wTBDg8-WjQKogWwkcYRA==

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
nginx
x-server-name
app11.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/4.js?bundleId=${BUNDLE_ID}
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame 6E6E 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
12711151
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
MkHvwbOATFznGStavnmTGvGD-Td3IyEb4Uh96vf7coAsacGloOqAlA==
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCNfy,pingTime:-3,time:46,type:v,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:46,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B42~0%5D,as:%5B42~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17%7C18,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCNfA,pingTime:-6,time:48,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:48,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B43~0%5D,as:%5B43~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17%7C18,idMap:14*,rmeas:1,rend:0,renddet:DIV,siq:18%7D&tpiLookup=ao:mysillysquirts.com*&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 2522 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26538
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 11:06:29 GMT
expires
Thu, 15 Feb 2024 11:06:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
DE_mood_shutter_banner_2022_160x600_html5_banner-637897135634216291-3b9f46bc-82fc-48d7-b3c6-34cbae40dcfe.html
s0.2mdn.net/sadbundle/17474999534835728384/ Frame D640 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/17474999534835728384/DE_mood_shutter_banner_2022_160x600_html5_banner-637897135634216291-3b9f46bc-82fc-48d7-b3c6-34cbae40dcfe.html
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
99ffcb8e2c4f940f5b5d8bf901f0fc928d0b40c5206b4d1ee9addc5751e0137e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
age
4485
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
1427
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 17:14:02 GMT
expires
Thu, 15 Feb 2024 17:14:02 GMT
last-modified
Wed, 01 Jun 2022 20:53:09 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 23AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7knIXm3zT23qJL8v2wBBxHyKDjMco0hAzu0ivuFa29yJXXauUY7ScXQOMTJYSAG7YlC6unjNUDdVZrx2qhh2srIm8wlEKYtMNRAdLJhZswy2p5MVhIRe96Ye_qV7fm90Hf5IuC3Bv8pRVh66yWPAHiQxxxxvtJ_f-BZgLDxubRMZzr6pFskN6DIDlQGfNgQr-BQtHAJ049QDKI_PBZ18jMJijHELkjbGK-wVNQzzyRXwOE-YLvC2ndD7FZg3tJGphz-TxdviXRuFYDTV1jKolbRVTF56DbfM3DynyjqfZ8l0Lyv35lEGex6O_Dde5lHDFrETuwRbQBqaCnvJ9vTh4UKuiOtmsheXpvklpSDY588W-tWM7eY3gwGLfiAm6WUZmtUlQLD5wIMQjQl0LC3CWXWgR6Tj-1SeZSIxTPm2H2EpzohkppEk0q6crow4JNYhyQZlH06oqPC8vzfaRBYYWk-tqPTBeKVq1SbOSlrCW9ceasZIrey_HQj66UAeuNGUQITN1zpjla-kB19jrP5v-zZIoPvBV6m2i2ji5iMJ9R8YNY90b58GJl8PAu2iLt1D-qSISnk0Ot78Uk5Q8cPFjpOfsfiaJoHukSiD226c3nTxOe4siH5nSdA1pajwABK0c0HS2Ng4L-hoPwXt7YLYE7CUrsNnLrU4Zsje32XpG9-dndkCOKTQt3Iq1B7OReZ6Z7KhKlCkKk2FPvxXNjSrgzUMeQYpq10gE52xzJd1Mba2UdVV1CiaxYK14LP2B5EdTtYlu0ZbY5SGQVEFbpH8wBjyUM3FY-KTgToYnsnwJu8qqx9gc2QM_mryMnVafdGcN-nIlPaTlR-6-v-yJWpUpEH4K_wNsAqd-vsmTDds9KyDXYONoincauqhuI5JbioWEC3wFZHfhZMud-MvWlydml5oiO6Mk3Mx3EQC9k7zUGcA6JKuMEbCPm9YRdzKYb3heVHN0z5-eunBG8qvlvVPWb8PpdUpX3CTqxLjrsVNqFCIF5WccgMGtp_2c__z00Yv25RC00aauyW7qEiQgEd5UgNRtSDWBPMosHuVfwltYcWIvxvI-CpkhOMbHOOywWxcSy1VE5GqkdPiHhowf1zCEbL-SL_BEapcbVISL7ciuc1bMLH9yAgW_ULpIsZb_CXPwWxf07nPa5kENHmDlVTEZ1ZTFtssJDkMMuqiaTJt6_IRNna3QjhRLN_llr6qrpBJopwAjjRWPWWy55ckaryecMf5RHC-inSWhxfb5Re4oi60txWfV6i9Ey0BxD4I8iVhWiflqZbZOYZ97avFFYJYl1c4PKrzTr-Ov_BAYmhBfsuLn67KNxSvoxrVhcnI5nelrV1zz7Hd5yiR7un0ayViSXwgiGfm0PFovmUxvhd9tJafYjPDxHkp4rAje6fhiYj4UD_iGSWAD6sH8t2E9DyaWfK5vgejK9lWAEIJd-Xf5SfObZGA&sai=AMfl-YQE35qy3KxCq-OF2fR9wpEKRQMeANNoC9fbIuePTpRcS0akpwbo3odeYaLTpfvk8U0aEvjAeYyP0GhezpU4d_vh-ptH3RROebwwN9wDucmkryr5_f3ipzpAppQiT8ktzGzc31MyyH06NnFmr4YUg5OjODE96pKZyh__XGO2lKJFz-YR4jPI5BqsfvCE-35vEDI_ASAWn3Urbt2LeuHGQffJccOwx-rVnIK0GFiQFga7IWXBsoYusKJAqKGf88uqjho6bWhxUX-2MID7dxlqLXFxPuAYgbBEogXRtQs5C7_I-HvkrMKf6eaQU4q8&sig=Cg0ArKJSzIjoIalur4DWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=149&cisv=r20230213.49049&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 15 Feb 2023 18:28:47 GMT
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCNfP,pingTime:-2,time:63,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:736,beZ:737,mfA:738,cmA:739,inA:740,inZ:743,prA:743,prZ:749,si:753,poA:754,poZ:776,cmZ:776,mfZ:776,loA:783,loZ:786,ltA:798,ltZ:798%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:728.90,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:0,o:63,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B58~0%5D,as:%5B58~728.90%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17%7C18,idMap:14*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:0,renddet:DIV,siq:18,sinceFw:43,readyFired:true%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:47 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
pagead2.googlesyndication.com/bg/ Frame B4F1 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
33760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14458
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:06:07 GMT
6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
pagead2.googlesyndication.com/bg/ Frame CAFD 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
33760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14458
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:06:07 GMT
6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
pagead2.googlesyndication.com/bg/ Frame 2522 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
33760
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14458
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:06:07 GMT
dvbs_src.js
cdn.doubleverify.com/ Frame CCA7 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src.js?ctx=11655933&cmp=2661571&plc=60824992&sid=1523392&dvregion=0&unit=728x90&aufilter1=165376&autt=1&aubndl=&audeal=&auevent=0&prr=1&ppid=111&auadv=165376&aucmp=2661571&auorder=84037585&aucrtv=57027579&auadid=1523392&c6=1617446&c8=&auplc=9041739&turl=&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-apl-all-PRE-Tracking&c4=i14pro_wechselbonus_230112_tec366a_728x90&c5=DV360-donotuse1&c7=DV360+(Media)&c9=&c10=DV360_PO_AL_NONE_SBN_CM_apl-all-tracking
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 15 Feb 2023 18:28:47 GMT
X-GUploader-UploadID
ADPycdtNtAjlYdrta-l3UqO7FDE-_iwXAjfeaJIoKxhbJdY-eR9FHPhh5_adX6s8buye_b84yVlklAZf9vx9b3Inf8t_6lQSbDxc
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
Connection
keep-alive
Content-Length
1922
Last-Modified
Tue, 10 Jan 2023 11:02:09 GMT
Server
UploadServer
x-goog-meta-previous-generation-number
1673253614982549
ETag
"87b6182d03ee779aa68e37632f67656e"
x-goog-generation
1673348529482061
Content-Type
application/javascript
x-goog-hash
crc32c=lOOx4w==, md5=h7YYLQPud5qmjjdjL2dlbg==
Cache-Control
max-age=86400
x-goog-stored-content-length
1922
Accept-Ranges
bytes
x-goog-meta-pipeline-id
742670731
Expires
Wed, 18 Jan 2023 13:56:00 GMT
DcmEnabler_01_247.js
s0.2mdn.net/879366/ Frame DB60 		29 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/DcmEnabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 13:24:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
18253
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10136
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 13:24:34 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023020901&jk=1919316167716064&bg=!vb6lvurNAAYuhb89DoU7ADkAdvg8WlssYTJQDAnAy7v4ZBeDZwtiD9HmONGfZab3LAXTSeMPVli4z1rB126jR-qnysRwEkCAbZcCAAAAolIAAAACaAEHmQLAycouJXsqTgV6TOMHNG9PaNHQfNR0HXiw8zD_T7a4f7tFz-Em0sHN7NziTESYV4lhx7XTnCmc8bkFU_2DdchsegyKLzZcnihne1RCzlHFGmMT1PQK8vF_RX4O9BfB74miTweLW2Kq8Zxw3wvCzGSDlotNMnfQR6j-rdbTm7bP__35NReSW3-eB--OmRImFz2PgByKpQHx96medtndmkVgZeANRFaKO6_EM3W6-wVaKRZhdSUqKo8TmBtc6KukAuu3ZbNaKnchBCpz0Y_o41bn7-pkLWjOQ5DLShqNFqTAuZSOTXjy-_PxmlVP9VJ-hRnIqQqW_CN-hekcOiqJST9o6ogxSjOEz_QdJxiFJRjHPCHZl2Py21P1A7rWVc4DZmWn6EL-fUK2qJbvi8FyYpiQNeO1qLU4zMxeZOEvi9g7sgpyEQeu7sqttNUg_j-DFSvX13_a1Nr7_V7Kgb_qWfb7Ht8wxYDY4QB1_YNcVQ94wFZf1TSqeFePz6CLFTTF4fOUsxd_wdJlogjhWMrKiMxAArQWQHeYlvpEDnYj1SUU_dfFABi7xVk1qCBgVDBOBt9jyVxXt-9x-xT1jRz5UU4G4-8XPcCmlslCUWFFPs3vJxtEizLu8UcqbGnAhdHT_mRl5_XLmtvFSEGTy_0aFf9MXdUXlcuZbEaWChzZYik7QxzCv9I9Yd3UcEJz2Un2WdZ9z-_-eJcwy1PU8FplcO0MZe6q9HTmDiwo8kUyRifMhSRuF_28ew72VOb39ziXjq6Oqb1pwOCoJXzKlyNlATLOTMBfgP7sXeWEEoAgoRnA56znXn_cdinOasDYksHzqfNwgBdlY3eIOuoy78d291IWFaExa3czzBrHWgOVL9tgwTFov1dk83OviII1sn-O0qZvpM1L6F5Pb2u7sFevwK-wwDDYr4bubIjWDP25uo-Qc4A
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
view
googleads4.g.doubleclick.net/pcs/ Frame 23AB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu7knIXm3zT23qJL8v2wBBxHyKDjMco0hAzu0ivuFa29yJXXauUY7ScXQOMTJYSAG7YlC6unjNUDdVZrx2qhh2srIm8wlEKYtMNRAdLJhZswy2p5MVhIRe96Ye_qV7fm90Hf5IuC3Bv8pRVh66yWPAHiQxxxxvtJ_f-BZgLDxubRMZzr6pFskN6DIDlQGfNgQr-BQtHAJ049QDKI_PBZ18jMJijHELkjbGK-wVNQzzyRXwOE-YLvC2ndD7FZg3tJGphz-TxdviXRuFYDTV1jKolbRVTF56DbfM3DynyjqfZ8l0Lyv35lEGex6O_Dde5lHDFrETuwRbQBqaCnvJ9vTh4UKuiOtmsheXpvklpSDY588W-tWM7eY3gwGLfiAm6WUZmtUlQLD5wIMQjQl0LC3CWXWgR6Tj-1SeZSIxTPm2H2EpzohkppEk0q6crow4JNYhyQZlH06oqPC8vzfaRBYYWk-tqPTBeKVq1SbOSlrCW9ceasZIrey_HQj66UAeuNGUQITN1zpjla-kB19jrP5v-zZIoPvBV6m2i2ji5iMJ9R8YNY90b58GJl8PAu2iLt1D-qSISnk0Ot78Uk5Q8cPFjpOfsfiaJoHukSiD226c3nTxOe4siH5nSdA1pajwABK0c0HS2Ng4L-hoPwXt7YLYE7CUrsNnLrU4Zsje32XpG9-dndkCOKTQt3Iq1B7OReZ6Z7KhKlCkKk2FPvxXNjSrgzUMeQYpq10gE52xzJd1Mba2UdVV1CiaxYK14LP2B5EdTtYlu0ZbY5SGQVEFbpH8wBjyUM3FY-KTgToYnsnwJu8qqx9gc2QM_mryMnVafdGcN-nIlPaTlR-6-v-yJWpUpEH4K_wNsAqd-vsmTDds9KyDXYONoincauqhuI5JbioWEC3wFZHfhZMud-MvWlydml5oiO6Mk3Mx3EQC9k7zUGcA6JKuMEbCPm9YRdzKYb3heVHN0z5-eunBG8qvlvVPWb8PpdUpX3CTqxLjrsVNqFCIF5WccgMGtp_2c__z00Yv25RC00aauyW7qEiQgEd5UgNRtSDWBPMosHuVfwltYcWIvxvI-CpkhOMbHOOywWxcSy1VE5GqkdPiHhowf1zCEbL-SL_BEapcbVISL7ciuc1bMLH9yAgW_ULpIsZb_CXPwWxf07nPa5kENHmDlVTEZ1ZTFtssJDkMMuqiaTJt6_IRNna3QjhRLN_llr6qrpBJopwAjjRWPWWy55ckaryecMf5RHC-inSWhxfb5Re4oi60txWfV6i9Ey0BxD4I8iVhWiflqZbZOYZ97avFFYJYl1c4PKrzTr-Ov_BAYmhBfsuLn67KNxSvoxrVhcnI5nelrV1zz7Hd5yiR7un0ayViSXwgiGfm0PFovmUxvhd9tJafYjPDxHkp4rAje6fhiYj4UD_iGSWAD6sH8t2E9DyaWfK5vgejK9lWAEIJd-Xf5SfObZGA&sai=AMfl-YQE35qy3KxCq-OF2fR9wpEKRQMeANNoC9fbIuePTpRcS0akpwbo3odeYaLTpfvk8U0aEvjAeYyP0GhezpU4d_vh-ptH3RROebwwN9wDucmkryr5_f3ipzpAppQiT8ktzGzc31MyyH06NnFmr4YUg5OjODE96pKZyh__XGO2lKJFz-YR4jPI5BqsfvCE-35vEDI_ASAWn3Urbt2LeuHGQffJccOwx-rVnIK0GFiQFga7IWXBsoYusKJAqKGf88uqjho6bWhxUX-2MID7dxlqLXFxPuAYgbBEogXRtQs5C7_I-HvkrMKf6eaQU4q8&sig=Cg0ArKJSzIjoIalur4DWEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=465&vt=11&dtpt=314&dett=3&cstd=149&cisv=r20230213.49049&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 15 Feb 2023 18:28:47 GMT
621cf385242430397e02ce6d
c.bannerflow.net/a/ Frame D640 		89 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/a/621cf385242430397e02ce6d?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstM2wcc9xbNnkq7uanDxYb3sId_agkU6szJipPpgWtcHEoRXmG2Q2u9HwMXxW17s-6JkBS5doKLQ7Ak_m1TwppA5g_0o89s8BmskHpIVRcTp-EvChBg-qd3-YZ8CR2lIGjhgmLZ_tIsCcZGNnB8hgXMHTwNN3_1yKzYFgQAzOTP3vAXYWGX950PLpR3ai0wrJn2NYBGLMJgHzK-mbzOuKN1MGxcEVHRD1UaaPMZMu7cxM-V8UPTr4rYM1e9FrMmDfVs8w_ZGS9we1A1WuW7o-cZGNYade0xM9VZi40PGL1NYTod_JIAveuHNVNSuX6oVBm98YmQq_p_Fyz29JZ8RUcYOsCv41q-H1JnzVkgRYm22i2omk9sknldiDdSIM84z8r-OtkZeBinQ3JuIi2RbZVSOUn61dLdfXX2tPS9y4vYvoG2jTsOB-OjIdb80NT1ZtrDMXXXmLn-hrrPGNUjaklEnu3ISMw5NAxBGQcw5iW6MQuUfU0VDGIb-z9TTASqQB3aWO3cgnwA-u3PIMiyZr3LJ8o3EKbsGiP6dV0pMSaIOEnykQo3rVbNmLlF1hg-4lPOWN7TiCKPGjIX9y0vFnM_vjKix6Wh3KgBFrKFzv0iMuQarFChQ3sWT4vZqm8HavTLG68x-rVlOGiYafgPQIwz8rTcurzn1wO96wAzfmmIh5-3NvyxhqxhUv8eN6GSDuODqTBVzOEpKL3-lm9ow_b6hQZh9BGy5-xb_k_aSoF6d1pJhtOfcUAEZJSDqLYWx9sH5eq5jtybmin7SbXlPIueXh3GInnpfsRCSf9c7IfjwJFsf1KbeqYm0eAI68JS-8dYIssiMuYxJISspJ7tILa6Mq7ogvj7gRgEi-Ig1uZMr6bCUEsTtVDRGyoj2oYhyWEwyamJb4BbO6nEZSG77edHQqh4MKXTMajzvxM0MlpNL-xgJPBLGWKdAf_dWQM7upeXCJTfXDNKc61bZoF_An325Qk7T1LHC_S8xod2L1QvGd0qKGU0o8GVeuoW1FBDm1-5kexopupHS5odNeAprJCuyamOAtU2s6phSVtEroyN3_x1bBDDES429kQ7Hy3kFu0E76zt2HEIlo4z3FRpCi6bNgl-RWLePdoCEKu_2vFtSHx45FCAoyJL8xpy3xs1oXl4ru_VEmrQEnw3LnEL_uBYHUCOm-zaVBNvO0tMYSQ_z38GmZ7g3sEYJO3bVnxqI6E1JjzXsbX5polXOUBWCHUb4r7tZYXJo4QfNKfSLs9TXx0RlewxI7V6eZ62LsuFrT-gZ_esNvyhdEiAsF6d51kjyoOrqaE44gkDzabld2PyG-aFjpw-mufZY9-4uIXcarwQhZ0roLq-DDhm7nhRbOacSbZ3yPLIStETPn4vKBn4odHAIvzn9m15h6aZkKkvcTOMvp2iIObOhmA97rIhz1TQrW1TWIxxmwiGVpH7_I98oqpxWQ%26sai%3DAMfl-YSzGa3gUftGrWTdYcn4W1Np7aLAzFJmU-d13AflFdjwjwZVjvAjITqzGlVNxZj8gEgwDlxDsuFXvEP1HhrUyRFsFEztoNbNW3AOsF1eWwbElOmVuD19q3s1aV-c264haes_4ovA2-w50VVivTu3693fBtnqR99WOwMQx8ozQnJx45SfOl7DT4i9QaXjFBuQcCDykZ0xatYOF_wms7DDLx67P3uB7kp381CyKNz1kJvTQ_OLWvmyE-AZTxtmEQ--kyW3rzIFIFU76RQUaCVGu4nuQsUi2GIAcofcLtS2Jk5TyoZKWlSHTrp15nYAZN46CWkg8qsd%26sig%3DCg0ArKJSzBYFs8OL35qQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7804798%26adurl%3Dhttps%253A%252F%252Fwww.home24.de%252F%253Fdclid%253D%2525edclid!
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17474999534835728384/DE_mood_shutter_banner_2022_160x600_html5_banner-637897135634216291-3b9f46bc-82fc-48d7-b3c6-34cbae40dcfe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7569a8f3b5967b95884a9d56ff1c57e7940ea667bfba2cb0b8533ee40ca26d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

request-context
appId=cid-v1:1a5f66bd-0229-467a-a946-b3753e659ecb
date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
79a01af7fc1291f0-FRA
content-type
application/javascript
dvbs_src_internal117.js
cdn.doubleverify.com/ Frame CCA7 		57 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.doubleverify.com/dvbs_src_internal117.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:d::1732:83d6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 /
Resource Hash
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Date
Wed, 15 Feb 2023 18:28:47 GMT
Content-Encoding
gzip
Last-Modified
Tue, 10 Jan 2023 11:00:18 GMT
Server
Microsoft-IIS/10.0
ETag
"0cda5b9e224d91:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=946080000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
18840
view
googleads4.g.doubleclick.net/pcs/ Frame 4B08 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuaAMSsv1tbaNuhjc85n4eS8EyE2FsRA0F6cv9cEaVUYGW2Fmq5ZjaEDIyD91mnJ-g065UOLiCXCXIIxNXudxzwJ6FWAIL3TWb-9py3eRTAio-EwZhGD0jMSLX-bFu3tb-H940ZjdlP2m1PBTkNYHGoQcallDcJfDmiC2IP4lj56wUjBrD6CcQJDQnOgrGUpwHUf7jdAJlb0DKPfAmYqyyy2mJSnRe4XUrWUgNdu2Yj7evjTSrLjE4qwzP0wMCDCILJ4IRjhoPDnT9Cjk_l1eEctUyaUThpLVASVRmQbH8TCRzB7gnv0qLf3aq-ob5BZnzl7H9rYk6maYQw0120wP1ksrake2CI4RFg0yB6d5WtmD3XNcKnPoIIj8CMrGT8vA1be2Dl_ur1luOACiTh0QX36lu4QoKE5shuIfdwQ63gP2YHlnR-eUGpSRf3b98fUJD-Nx3LFiVOfuJxVHgd9lFHm3fbh5dikITsAEf8AGUnMNIa8CdueSHin9atoTRtjIhVlgRpvMzmQoA63bstTGgBi-ELjJFKSIbBKPTczC6n7TYO1eazcvd91yOeWXsu9qS1e1CeVxmiPkGfsRcTLYnBGENQkx_fF53P6o9NMeA2cQB0eB31Qu-rosVc5r6K7XuhX85Q0RitKYlOnuoQjPCT-j9Qa1b2h0WxSnaCw6vdCxNf3EIdfVJ2kAOvvM7dnLjsTYlH223KwH-3w6j7A2J8uSh823gqoTSjcjCVpA_fx48o7J86tNGbLnuCBBCqQ_os_-8xFxi_8mPmDZFS9CNRlXe8qRuAx55K-9gZlLk1DJ3BudZ8Rv17qGOmDfBX7ItK4Ki-iPrBGh-oHL2CJ8PdRcB9K6MrgkI2mZpOyGSZ_Cxk7YLAe9H7Qpvp9sCv0FG9UWlPA1d4i9Ti8ZhZAUloYEijb2zSMJATaree_gfsvFTeVWqx92l9Q28_h1bmwqp2qawZitalefzwkgH5qikdSEDontgWzop5pFEkxO-nKrUJ8itZtx3CDW3a0gfWAK11XodnVpVGHHw7ABOT1mGPqXQxrbu9IYx5gacAdPT46otCM2UOo8jgnahyyFztqbUDFeJDPtsYfa35KTAtMcsJC6zBVoBPQbSjrU-pU7uMWtwC7yUgNWh3H17uSvMJLHPh__p3LGhKYHHg8NR8i1JcZ1pmcW-DX_7vxMY8GMjuuJPe1eVNp1O_WxYSrh5MAIWb2iBs0QqKcZ8xYHthg4HXK_luHi868vm36iydcAfa18jAnMGQFclA6q5h8JdTVZhKXk4gkzGSliO3nU2WaSoh8Nz8SPBoGY4REHj6HvfZpau5uGkxhVVmag&sai=AMfl-YTYMH9YiXO0Yj-E_QJuHb2lZZwSupUzUUhfSpZBLsa8xN3wLG-jE8fI5E-uTtXLCgFicTt0XJrARK5TF-5cO8u40xmkgUgI6SQFIvJ-LXluOXau-93kp81MQlZfVIkzbcjChmgWHk4AfVl9GNvcRAZMDdvLWCyA4Nt2ZBK8hPPrFa5PkHDtFv5f8u_KBG2gKxRONaU5iLVVHS0rPM_CuBp9qj86s-MB3g_MyP3NPUSzH5tOrKXyH09GxBEi3qFjuhIJ1t6Q7U-QBr6MBETMipAtExNVFYauIFmz&sig=Cg0ArKJSzEM0kQ0cmWZxEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=762&vt=11&dtpt=470&dett=3&cstd=289&cisv=r20230213.40623&vwbs=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:47 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 15 Feb 2023 18:28:47 GMT
verify.js
rtb0.doubleverify.com/ Frame CCA7 		1 KB
899 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rtb0.doubleverify.com/verify.js?flvr=0&jsCallback=__verify_callback_616885486655&jsTagObjCallback=__tagObject_callback_616885486655&num=6&ctx=11655933&cmp=2661571&plc=60824992&sid=1523392&advid=&adsrv=&unit=728x90&isdvvid=&uid=616885486655&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&nav_pltfrm=Win32&dvp_strhd=1.40&dvpx_strhd=1.40&brid=3&brver=110&bridua=3&dup=null&ppid=111&auevent=0&auadv=165376&aucmp=2661571&aucrtv=57027579&auorder=84037585&auplc=9041739&auadid=1523392&aufilter1=165376&autt=1&c1=VF-DE+Performance&c2=DE_22_AO_P_W_G_M_emm-215-cre----per-mms--Tracking-HARDWARE&c3=RT_PD_BC-215-apl-all-PRE-Tracking&c4=i14pro_wechselbonus_230112_tec366a_728x90&c5=DV360-donotuse1&c6=1617446&c7=DV360+(Media)&c10=DV360_PO_AL_NONE_SBN_CM_apl-all-tracking&srcurlD=0&ssl=1&refD=1&htmlmsging=1&tstype=128&prr=1&m1=13&noc=4&fcifrms=7&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=165&eparams=DC4FC%3Dl9EEADTbpTauTau%3EJD%3A%3D%3DJDBF%3ACED%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTau%3EJD%3A%3D%3DJDBF%3ACED%5D4%40%3ETar9EEADTbpTauTauc45hbhegca32f634_h7636dac372%60h3a%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3E&dvp_exetime=6.30&aubndl=&audeal=&c8=&turl=&c9=&callbackName=__verify_callback_616885486655
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
10956105f5cb552528050089536e484652ba08ea740384856ec466731680c675

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:48 GMT
Content-Encoding
br
X-DV-Response
1
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
text/javascript
Cache-Control
max-age=0
Connection
keep-alive
Expires
02/14/2023 18:28:48
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCNom,pingTime:-10,time:592,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1676485728042%7C%7Ccbc3be7467669b7ff4b352e4b5b28390%7C%7C41c5992836ce3b548d2ab9f4e4ccb0b4%7C%7Cf519be2ac11cc597e7506efe51c3d7fc%7C%7C2df911e83a1605cdba5a3eb4d564195d%7C%7Cf65223612c37fe5d6780809de6b20d29%7C%7Cd93060f0fae2b21f04734b0c8aa88005%7C%7Cf6a7e92a91e45b7176abbd3c0fe8dac2%7C%7C1663701684%7D
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame B4F1 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BPycZXyTtY5iBArqK7_UP3raIwAIAAAAAOAHgBAI&bg=!JySlJHDNAAYuhb89DoU7ADkAdvg8WrwFISX5TfY8yE8yK-QUSPmxmoWmVNc_og3b-UsQXGjzY1BwU9kH-wn7V52XATkOPfWInogCAAABI1IAAAACaAEHmQMdv5Jirloxrum70zpdqJOcjZexkOhDUtN9TtYamQ4Gn_zn65G7I-7UZHZ0xnq3VbYol51ZEc9bSwIOqX_-gCvg8KnL3UgQluf-qZVecUP30cP7MuQ6y26fsWU295CC0HXTlWplrjIEHNnpi5meeo0gerfk2EJ1utUdSXZKdTJY8ZJ1ju9Gpx1Hljh7-zDxCHTblZCl2w4W5MfPA2yYKlQxIXAfHqODMzVSjKqo4m20xUua9PKCMmxJspuZWpGJvV_oGF4XPcMVnxLnbRNKyrCLZq_C3qjVIAL9XWUrlIja1GanLgDoft-2rQr8r9ZGlLZ0ErbClv343ijCJUbSCE7JvSAJXZCpNMjYRpq02b9ele0TawKgMHqsfK_GqK2acEQGNG9InICE-3SvL9vonwjuPedFxDHcgbDS3jNxl3hG2fQwOrGC-qiFqo8bFZ5n6z8qXFhrKsXUV0d___MpRiEUR6TyPHZ2BLAItgTbutNYTp_aFtY08qBXlDQRptq_qUP3opbvQeFR-Y6eB1WV-uIHnc0o8uYbZ1avTvU-uzbTwjrA1SArhyNDQuwBsmRKFMioCkEmo2bSdqHriJmRLxbCGgYFN5UCQ4CAJDl6bZoPGz0Uu1MRzKqAmyekVU7YoLT1A41k4EXgqvK08Yu6LaM87uBOeJJaMFxSL57yGLr4ZVm8BqDkc8qLNOcINYulB9-MuhIJyWLq_CUA4nuvunKDQBLWHXOnWz8UsXiLImgT77KXH0i-X6BtSez1dWPqVShGYv1lFSQrM8G2OVxcbdGwetua4dlgKoVMnphAYbxDLpApLQ318EOPkXAAkc5fTL5oMDFxqEFp3bzSF_i65tDsBsp2HD-D2ZwSFqaJBoqD87jQqPqId_STRLE2_1hkbruz9F_WWhFBxjW-eYu2S4PrEXNjiYxM4lKxMfN41bHMIt0n3d3ukMbT2rOjHS2Zgda98saqjc-MdWJKsp4_EJucQ7JiO1kcBDMJ-UZeIWe44Gjh1VyJWgI9XDysYy8YjD8dKbIqg_GYwZ7RQgzUFfXOmFOU_ebScs7DpEY9RmI
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
tui_logo_live_happy.svg
s0.2mdn.net/creatives/assets/4364511/ Frame DB60 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/tui_logo_live_happy.svg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:23:57 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
291
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2072
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 07:44:21 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:38:57 GMT
cta_jetzt_buchen.svg
s0.2mdn.net/creatives/assets/4364511/ Frame DB60 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4364511/cta_jetzt_buchen.svg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
998
x-xss-protection
0
last-modified
Mon, 08 Nov 2021 10:03:05 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:43:48 GMT
728x90_head_3.svg
s0.2mdn.net/creatives/assets/4780815/ Frame DB60 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4780815/728x90_head_3.svg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e9c56f945418876e548e527d2f2b5f6036da8d7c1e842ae9a7be35802bd85c6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2240
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 11:12:22 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:43:48 GMT
728x90_head_2.svg
s0.2mdn.net/creatives/assets/4780815/ Frame DB60 		23 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4780815/728x90_head_2.svg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
831d5655c4738a7de17004a4f9f407109eb7f7ae9db67c22257a9184ecf6f516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5089
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 11:12:19 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:43:48 GMT
728x90_head_1.svg
s0.2mdn.net/creatives/assets/4780815/ Frame DB60 		6 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4780815/728x90_head_1.svg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23d143dd4acb1b86cb7675ea3cf80520ac58bd75bc522186ff61c6a621fe68f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1892
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 11:12:16 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:43:48 GMT
728x90_radiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame DB60 		4 KB
934 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4302518/728x90_radiant.svg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
906
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:23:02 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:36:53 GMT
728x90_gradiant.svg
s0.2mdn.net/creatives/assets/4302518/ Frame DB60 		891 B
504 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4302518/728x90_gradiant.svg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:21:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
415
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
476
x-xss-protection
0
last-modified
Tue, 05 Oct 2021 11:23:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:36:53 GMT
728x90_kv_3.jpg
s0.2mdn.net/creatives/assets/4780815/ Frame DB60 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4780815/728x90_kv_3.jpg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e064b50054165a75584e37d1714b47ea2f7fadc1da5a584d07e8743326f2d623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33969
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 11:12:31 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:43:48 GMT
728x90_kv_2.jpg
s0.2mdn.net/creatives/assets/4780815/ Frame DB60 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4780815/728x90_kv_2.jpg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a76beba792287ccd05bcf54ee446ba3227fd92e4c5585bc4279350d327571a52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
22156
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 11:12:28 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:43:48 GMT
728x90_kv_1.jpg
s0.2mdn.net/creatives/assets/4780815/ Frame DB60 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4780815/728x90_kv_1.jpg
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c3e0faffda72a962d3b733340a9b479774c94ccd11b3fe9a90afac3d708917c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/3262300174248127772/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30410
x-xss-protection
0
last-modified
Tue, 17 Jan 2023 11:12:25 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:43:48 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame CAFD 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Blsl8XyTtY-TADY7MgAfRxaDQCgAAAAA4AeAEAg&bg=!GhmlGU3NAAYuhb89DoU7ADkAdvg8WglPu-xeMka0T5yQHh8rWLQFrnGYYCGCCj633I92mX-JREXmDwPpW0937bx6B3eNbZM0dB4CAAABC1IAAAADaAEHmQMmF5A13Hu23bSG2RItP8NDX3cZ2xyZcABYgnx5MxfQ5pourTsBLxqDwh5jsxXsypJ_E9srfsd33HmSORCGGCfPM5erpGonDhP8EIzCMc1FGAAZAinR3GKR8QQn1NcuEmNGeNywv4kOkfPZy_h6B4e5uLv8JfgM1HSVh63zg-fAOXej6r5rVRNqeE83i9GDFpCd-HrRINlYvmqnZoA8fgL0J4j45tBzPy6I_UsyHRzuR53_dOuYlYRt4Zux726dLO6WJe1_ml-RAYS32nvO6NETLY--YUbY3EU4q99L-IjdbZ_2ZxnBqSM90D7bHu-y1GUgjx7zuwwJuhoDZvRZgOiLfaDVX-whDjQ-VZoTxnJQC0cHUg8BCZQ3pZUtsDKyqgPwGSO0bS5fCDpzXvKx47vRvirHJoppgJMK84S7YLkeIYTqJ5PrkR1fYtviHqJoz-dXixu5jbhVZZ_zhex5gJUwgWJ3lE-PDRU74GbUUyAkTJsMzEeJ3CabmF4PjBb0e2QPFtCGaga74gEmF4cPWYIb0e59rHfdd4uZONbfCOE3bJbrUgEVpbrThMHejKc64OMw8E3eNhWH4eNltAQcioxBljijSLOELs9U_h9SnhwqraQm9AO88wZnDWG35wh6oQBCgXQZg3QcX4KTxdd5qJevXUU3mPDwr4Nt4swpLYCmjNQWccBPHI6SQR7qFOS9fBEY09GoJr2vJjgM5O8o2XxXBM6n64BEm7bUDwylSBgz1zjosqg6GGywWRQp7i8mB2EHB2fLBQNnU4rG_F66vhzBoKMcTOJvlnY-Kx33y9URgenC-uZnCUPlbA2lxLsIaOXIeJ-gwksuEDlSio7kRFlWqZ7PNwfoM0Lg41yY1WwdRElpncB7awAZi5B_l4J_nwLDZzvLvbwf5irR98exiIYrIQcI1nIgz_9BsKjrCvASPkaJgoQxfzzvHuhX9N8AcvSDHbRPE8BiU3DsURjUxgdRFyPrUipgwBTF_RT4HJ2f_hmWrh5sAuUqTHazwV6CxF5xQPxUA4nrnBiJBiP1MmMpyjE0Psd5a-SjO4zK7upConNAFyk1BrQ
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
document.ce69931198.js
c.bannerflow.net/accounts/home24/60d98659b53a0dc91abcaef0/published/1767409/2146847/ Frame D640 		31 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/accounts/home24/60d98659b53a0dc91abcaef0/published/1767409/2146847/document.ce69931198.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/621cf385242430397e02ce6d?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstM2wcc9xbNnkq7uanDxYb3sId_agkU6szJipPpgWtcHEoRXmG2Q2u9HwMXxW17s-6JkBS5doKLQ7Ak_m1TwppA5g_0o89s8BmskHpIVRcTp-EvChBg-qd3-YZ8CR2lIGjhgmLZ_tIsCcZGNnB8hgXMHTwNN3_1yKzYFgQAzOTP3vAXYWGX950PLpR3ai0wrJn2NYBGLMJgHzK-mbzOuKN1MGxcEVHRD1UaaPMZMu7cxM-V8UPTr4rYM1e9FrMmDfVs8w_ZGS9we1A1WuW7o-cZGNYade0xM9VZi40PGL1NYTod_JIAveuHNVNSuX6oVBm98YmQq_p_Fyz29JZ8RUcYOsCv41q-H1JnzVkgRYm22i2omk9sknldiDdSIM84z8r-OtkZeBinQ3JuIi2RbZVSOUn61dLdfXX2tPS9y4vYvoG2jTsOB-OjIdb80NT1ZtrDMXXXmLn-hrrPGNUjaklEnu3ISMw5NAxBGQcw5iW6MQuUfU0VDGIb-z9TTASqQB3aWO3cgnwA-u3PIMiyZr3LJ8o3EKbsGiP6dV0pMSaIOEnykQo3rVbNmLlF1hg-4lPOWN7TiCKPGjIX9y0vFnM_vjKix6Wh3KgBFrKFzv0iMuQarFChQ3sWT4vZqm8HavTLG68x-rVlOGiYafgPQIwz8rTcurzn1wO96wAzfmmIh5-3NvyxhqxhUv8eN6GSDuODqTBVzOEpKL3-lm9ow_b6hQZh9BGy5-xb_k_aSoF6d1pJhtOfcUAEZJSDqLYWx9sH5eq5jtybmin7SbXlPIueXh3GInnpfsRCSf9c7IfjwJFsf1KbeqYm0eAI68JS-8dYIssiMuYxJISspJ7tILa6Mq7ogvj7gRgEi-Ig1uZMr6bCUEsTtVDRGyoj2oYhyWEwyamJb4BbO6nEZSG77edHQqh4MKXTMajzvxM0MlpNL-xgJPBLGWKdAf_dWQM7upeXCJTfXDNKc61bZoF_An325Qk7T1LHC_S8xod2L1QvGd0qKGU0o8GVeuoW1FBDm1-5kexopupHS5odNeAprJCuyamOAtU2s6phSVtEroyN3_x1bBDDES429kQ7Hy3kFu0E76zt2HEIlo4z3FRpCi6bNgl-RWLePdoCEKu_2vFtSHx45FCAoyJL8xpy3xs1oXl4ru_VEmrQEnw3LnEL_uBYHUCOm-zaVBNvO0tMYSQ_z38GmZ7g3sEYJO3bVnxqI6E1JjzXsbX5polXOUBWCHUb4r7tZYXJo4QfNKfSLs9TXx0RlewxI7V6eZ62LsuFrT-gZ_esNvyhdEiAsF6d51kjyoOrqaE44gkDzabld2PyG-aFjpw-mufZY9-4uIXcarwQhZ0roLq-DDhm7nhRbOacSbZ3yPLIStETPn4vKBn4odHAIvzn9m15h6aZkKkvcTOMvp2iIObOhmA97rIhz1TQrW1TWIxxmwiGVpH7_I98oqpxWQ%26sai%3DAMfl-YSzGa3gUftGrWTdYcn4W1Np7aLAzFJmU-d13AflFdjwjwZVjvAjITqzGlVNxZj8gEgwDlxDsuFXvEP1HhrUyRFsFEztoNbNW3AOsF1eWwbElOmVuD19q3s1aV-c264haes_4ovA2-w50VVivTu3693fBtnqR99WOwMQx8ozQnJx45SfOl7DT4i9QaXjFBuQcCDykZ0xatYOF_wms7DDLx67P3uB7kp381CyKNz1kJvTQ_OLWvmyE-AZTxtmEQ--kyW3rzIFIFU76RQUaCVGu4nuQsUi2GIAcofcLtS2Jk5TyoZKWlSHTrp15nYAZN46CWkg8qsd%26sig%3DCg0ArKJSzBYFs8OL35qQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7804798%26adurl%3Dhttps%253A%252F%252Fwww.home24.de%252F%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dddbfea33f7f0e37d565213750cbd97271093e612d4296fefeb0fe2b4bc05ccc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
zmmTEZgv0rRRBAT9evJuog==
age
998902
cf-polished
origSize=36315
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 02 Mar 2022 18:27:09 GMT
server
cloudflare
etag
W/"0x8D9FC7A4354AFDB"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fe81466d-701e-0068-4555-388bb6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Accept-Ranges,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2011-08-18
cf-ray
79a01af89d3491f0-FRA
animated-creative.f67bd37d6ec09b84b344.js
c.bannerflow.net/scripts/ Frame D640 		141 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/scripts/animated-creative.f67bd37d6ec09b84b344.js
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/621cf385242430397e02ce6d?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstM2wcc9xbNnkq7uanDxYb3sId_agkU6szJipPpgWtcHEoRXmG2Q2u9HwMXxW17s-6JkBS5doKLQ7Ak_m1TwppA5g_0o89s8BmskHpIVRcTp-EvChBg-qd3-YZ8CR2lIGjhgmLZ_tIsCcZGNnB8hgXMHTwNN3_1yKzYFgQAzOTP3vAXYWGX950PLpR3ai0wrJn2NYBGLMJgHzK-mbzOuKN1MGxcEVHRD1UaaPMZMu7cxM-V8UPTr4rYM1e9FrMmDfVs8w_ZGS9we1A1WuW7o-cZGNYade0xM9VZi40PGL1NYTod_JIAveuHNVNSuX6oVBm98YmQq_p_Fyz29JZ8RUcYOsCv41q-H1JnzVkgRYm22i2omk9sknldiDdSIM84z8r-OtkZeBinQ3JuIi2RbZVSOUn61dLdfXX2tPS9y4vYvoG2jTsOB-OjIdb80NT1ZtrDMXXXmLn-hrrPGNUjaklEnu3ISMw5NAxBGQcw5iW6MQuUfU0VDGIb-z9TTASqQB3aWO3cgnwA-u3PIMiyZr3LJ8o3EKbsGiP6dV0pMSaIOEnykQo3rVbNmLlF1hg-4lPOWN7TiCKPGjIX9y0vFnM_vjKix6Wh3KgBFrKFzv0iMuQarFChQ3sWT4vZqm8HavTLG68x-rVlOGiYafgPQIwz8rTcurzn1wO96wAzfmmIh5-3NvyxhqxhUv8eN6GSDuODqTBVzOEpKL3-lm9ow_b6hQZh9BGy5-xb_k_aSoF6d1pJhtOfcUAEZJSDqLYWx9sH5eq5jtybmin7SbXlPIueXh3GInnpfsRCSf9c7IfjwJFsf1KbeqYm0eAI68JS-8dYIssiMuYxJISspJ7tILa6Mq7ogvj7gRgEi-Ig1uZMr6bCUEsTtVDRGyoj2oYhyWEwyamJb4BbO6nEZSG77edHQqh4MKXTMajzvxM0MlpNL-xgJPBLGWKdAf_dWQM7upeXCJTfXDNKc61bZoF_An325Qk7T1LHC_S8xod2L1QvGd0qKGU0o8GVeuoW1FBDm1-5kexopupHS5odNeAprJCuyamOAtU2s6phSVtEroyN3_x1bBDDES429kQ7Hy3kFu0E76zt2HEIlo4z3FRpCi6bNgl-RWLePdoCEKu_2vFtSHx45FCAoyJL8xpy3xs1oXl4ru_VEmrQEnw3LnEL_uBYHUCOm-zaVBNvO0tMYSQ_z38GmZ7g3sEYJO3bVnxqI6E1JjzXsbX5polXOUBWCHUb4r7tZYXJo4QfNKfSLs9TXx0RlewxI7V6eZ62LsuFrT-gZ_esNvyhdEiAsF6d51kjyoOrqaE44gkDzabld2PyG-aFjpw-mufZY9-4uIXcarwQhZ0roLq-DDhm7nhRbOacSbZ3yPLIStETPn4vKBn4odHAIvzn9m15h6aZkKkvcTOMvp2iIObOhmA97rIhz1TQrW1TWIxxmwiGVpH7_I98oqpxWQ%26sai%3DAMfl-YSzGa3gUftGrWTdYcn4W1Np7aLAzFJmU-d13AflFdjwjwZVjvAjITqzGlVNxZj8gEgwDlxDsuFXvEP1HhrUyRFsFEztoNbNW3AOsF1eWwbElOmVuD19q3s1aV-c264haes_4ovA2-w50VVivTu3693fBtnqR99WOwMQx8ozQnJx45SfOl7DT4i9QaXjFBuQcCDykZ0xatYOF_wms7DDLx67P3uB7kp381CyKNz1kJvTQ_OLWvmyE-AZTxtmEQ--kyW3rzIFIFU76RQUaCVGu4nuQsUi2GIAcofcLtS2Jk5TyoZKWlSHTrp15nYAZN46CWkg8qsd%26sig%3DCg0ArKJSzBYFs8OL35qQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7804798%26adurl%3Dhttps%253A%252F%252Fwww.home24.de%252F%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6b973308f28a2ddc0f23aad2e84a41c57a795c11a5a11a9dd69ff99c6bd86bd6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
Mv8+K0VHX0XfspYUov7VTw==
age
20701401
cf-polished
origSize=144956
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Wed, 23 Feb 2022 10:31:07 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
e8720b38-f01e-0014-4224-85a549000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
public,max-age=31536000,immutable
x-ms-version
2009-09-19
cf-ray
79a01af89d3691f0-FRA
gen_204
pagead2.googlesyndication.com/pagead/ Frame 2522 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BjBYSXyTtY-GwDbqK7_UP3raIwAIAAAAAOAHgBAI&bg=!9Pel96PNAAYuhb89DoU7ADkAdvg8WiqQDhqLIro9PvuKmN-nYkB4Rap8vDOrLDn_yMaXsuR5ge984mdTku1GdLTJMH5S19OI1JkCAAABAlIAAAADaAEHmQMgrzdnHxDGXqImYYkbuseZ3MVQFDCbFdmijvZN0Um1LspNRsTzttnB1jQrXWAYY80_q_rY_uXtt_zizJFSeq60dwpHKE26MYiyB_aNypuiRZdoCbZyHmbwny9g11M8li_RB0iZ8w2xFFDRQfq7ryXkTnZtiAK6xVrTaFINHKQboEkqGMC4QDvgUHdT3OQ58uwrGEUv5QXAfj6j-suhr06JGArcBqo0quVuH8ym-LB51drnpCfcx1i9gakL4hMQ_-JUEmKy8zlzlPhVpxi4FnuiWsC8JKTCIp1y5r14CwSso1-k8Cxi6a7SbT6WX0XNcYseSztBnbu59SIeLcVBxIoZj2rJKQlbvXnyU1xtQ1uwS0cBqzHbOnNO7cDr94nAyBzSXI0VgW1vuThXx2-g-flPH3mQ_kheIBaj1SgUlcVRWK15_jVN2tbYLSnl25k07DWiK8sDjshR5pn4xZBks9sD71VTrSQ0Lvwin_C5FyWFLwkPWG-eGCq8qxuDl-dEqThL5DeGRbXmBfPPMQKugC6TDL_svSdlS7mdr0dBmQP0s4dLjnEoWN5i8LXkD_kCe5f_LMxPqO6t-H1jnrNMiF1CuZVGnceKbm0ad80d-8KCYvdmIDuJY5v3HVVJGBetCunpClppSjTCkoEmbC1fMitB-N61cINAc-dU0fx5hLQ_jAODY7wwRFqFl3xwXwPjVGdxWr4_UcBXd-y1M_5EEGBbvVtF6pKD7dsG-_mTGiFm37rA0-MFUNnEr0zPMHhIdG0qgyVhQcjlQA7POHxCwgGwppZ2-RWsLhXEB7lamTKz6fc6-Z4Nw9QbuNNLgbAkKRl8ngbsi2Fi3ah8xpdJwq25UEFdxRro2zyUR--0qf1OMw7HpqMpcW5fXPgEJleyLgJYAWAVC-vvaHp9Os8Hn8BkPVFNlY9pRwWC2b8vAb0kewecBJN1AdhBxKKIqQilxQ0DkC9TsK2equYjcLyl23l87nz5xaR1F8TdbYuELWaQfOI2nSnwcwKsup3wmY8-nt-oc7uXDyQ-IQpHRxO_-yn1kpxQm747c53Zw7Tp3mno6JE
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bsevent.gif
rtbc-eu3.doubleverify.com/ Frame CCA7 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://rtbc-eu3.doubleverify.com/bsevent.gif?flvr=0&impid=c8a16b4dac914bdebd0c155a0221873b&vfdur=240&cbust=1676485728236254
Requested by
Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal117.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
34.149.12.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.12.149.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Pragma
no-cache
Date
Wed, 15 Feb 2023 18:28:48 GMT
Cache-Control
max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Expires
02/14/2023 18:28:48
log
protected-by.clarium.io/ Frame CCA7 		0
0
log
protected-by.clarium.io/ Frame CCA7 		0
222 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://protected-by.clarium.io/log
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.109.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-109-97.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
access-control-max-age
access-control-allow-methods
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
/
track.adform.net/adfserve/ Frame CCA7 		0
334 B 		Script
General
Check archive.org
Download Go to
Full URL
https://track.adform.net/adfserve/?CC=1&bn=60824992;click=https://m.exactag.com/cl.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=466627326&url=https://googleads.g.doubleclick.net/dbm/clk?sa=L&ai=CIoGiXiTtY6aUFYqTjuwPif2vyAqO87DGa8_BkZLwEJ64iLaDAxABINjV2CtglbqAgpgHoAGR_tGiA8gBCakC_EL8qeLssT6oAwGqBPUBT9CMJO4kkp23aki9NvrbXTDpqd89x5v9rONVLD0e17LtcEk069h654sWbCgOJaBk3IRQatqOXgSUH3LBH7owtGZonLVWjGd8FEKM-PCccW7blq-7XKD3rplkhWwKkIB954Qz2IH9IslSv-7CfMW5gtBGddj38mNHg5Id56F1-S3k3sjKVoiOlazlYLbYeI2-ZHgGRo-PtRF2T-hS9ugu2dtmIgixnImOfgXugUK-k1EXMDfaFXh6mGvFK6iEFld04UD5Idye1GD0df5rHLdmSWG0qAdfOmVgBN3unDSKzWukCuIVQ54rBAH22pso7xque7fzdRDABIyG8OaABOAEA5AGAaAGTYAH14GuXagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4bqAeaBqgH89EbqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCBEIgOGAEBABGB0yAqoCOgKAQPIIG2FkeC1zdWJzeW4tMzcyMjM0NDE4Nzk2MjQ4N4AKA5gLAcgLAYAMAbAT0KGLEtATANgTCtgUAdAVAfgWAYAXAQ&ae=1&num=1&cid=CAQSTADUE5ymNfMRvs53Tm_D0yjXBcK6U-pc62oSNwRUzFxNZ3s_MZaz8iHXPWvOA5QJ2oIhdAMt91_Buh2lIrx3Iywj5_5G6Ycm7VbIdCkYAQ&sig=AOD64_206-WuUHFx_ubJybfAi8ZDPIa97g&client=ca-pub-3944954862316283&dbm_c=AKAmf-AIcCjZlJk9ZC-rzbkO_D-WxZdxeznIseW8RH8EYYdeYKWbQXzZzLAmVtN9cd-nJQFY5G9K4IGn0Hkw-KbpVsl6GNHmuPuXuGWA1rGa6840ZV3vu8Yx5xgv3jZJHHaa_eKbb1crLLJ5xQ8khYEDMBK_PGTmyMk_U-8LuI1qCptSEyDWc4E&cry=1&dbm_d=AKAmf-B_bNVQB_GRYPkQ8YtaSCvOo479dRCViiz1XkB7bfQjwjE6gKei0JS4EorVe9M2g9FsCldbbAgN3hTxSXaX93na-OLwWt-IgP4xX3vjKlaxr9HWedBvT7GPITavBUwm9AdeVdO8NhI-64OzDZayV5fnhRWp2eJwcTbE6ULpddvHb0AYHOABs1T2V6kneHl1H_sCAD_LVZaD5j_xAWeZPFQNL3Q0Il31x-_Nk4Yxt-GptxDP8_MS8nxXvnocRXJ0QvZZLE54Imb5kbG_nkQ4_K0AKFV8nEXswrzMeueyoaj3cnLWC4fl3DfP9yvaajIsahkiu_wuDPp3lZ02RiIJujG47ffQ5Pb7E2MMq5dty_Nib1KjscQ4H5hnTXAfN6Ip9ZKPRhn4g8pt-yr-M0i3YJZLLvYoHQzj8Hq5dn48px6146zFIQqaftVbX6ZluClFZK0L0L12u_wHvzHbGGmz0Qsx0SXtDN9GzSuar7HuGguVxWKuzN6Mo2b6h6M7Z7WRm0SJE5zHOQ-sDaFbCg0CVfoFjze5Fes6tDJnfOagJ4GuYfy8kaA&adurl=;js=1;adfxid=1x;2937;set=en-US|en-US|1600X1200|0|750|100|24|8|3|7|1|;cmpgdpr=;cmpgdprconsent=;fd=0|0;bsdata=1&CREFURL=https%3A%2F%2Fmysillysquirts.com
Requested by
Host: s1.adform.net
URL: https://s1.adform.net/stoat/626/s1.adform.net/bootstrap.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.29 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
truncated
/ Frame D640 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/webp
44cec9b3-28d3-4a4d-9b16-e19bfce94a19
https://s0.2mdn.net/ Frame 0C6A 		668 B
0 		Script
General
Check archive.org
Download Go to
Full URL
blob:https://s0.2mdn.net/44cec9b3-28d3-4a4d-9b16-e19bfce94a19
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/scripts/animated-creative.f67bd37d6ec09b84b344.js
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Length
668
Content-Type
activeview
pagead2.googlesyndication.com/pcs/ Frame 4B08 		42 B
174 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8fahpKdFua2alNjkmMk87FOSV-rlrx7gNhFg4VkxknlguHPxPob1ahRYyhn9-r3Ku5wS48K96KPrvtTEPNmWkxEGcPRXEjKg5XtMB91aZLSFNz51zpCYgs6LHQRp6Vthhg5pToA&sai=AMfl-YQ_AQ6GUU6rUhnhufGh7xk4WyPBmHRpc0R92okSG8U7tCHk78VAe-5AH3zYgqlIb-EhmYaVk3Bc9_sy7pUfrxzlPQQ9WNQa9RDVYjr_FJo2U2TXNrt_tGE3pkZRTbEB2fFjcfZCrhOdKj4tPw&sig=Cg0ArKJSzGeyIeFHfbMnEAE&cid=CAQSTADUE5ym0bYUDX8vK147A0ckSAekdhqxrWjacR0_qud8BdP6PLAGUMZS5NU0kXlzRcWH4aCeDzyNyYKC-QKEbR3-OnwyYU5eZfqYI28YAQ&id=lidar2&mcvt=1273&p=204,436,294,1164&mtos=1273,1273,1273,1273,1273&tos=1273,0,0,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3351771011&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676485726714&rpt=545&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 23AB 		42 B
108 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv-qj8W1TlqYER2nX1KGd_aE3ofe6FV_T1RDRAkf9S01J76NnXZdkXEsLUAsDarfQIBCr4YuMOviU0-K3I_lBoq53aXD60_LGK-tbOaD1cP8ureCL1ejQrtf2h-tklhy3g-8Bp1iQ&sai=AMfl-YRvbPq47QrTGJCBXPUkj5wHa5d6srs5r1esEdTz0lFPM0plg93xcR0R2m1kMNyyM26U6vz3Jqf12tTQaC2cZKpBQqgdEWxlB0TlxTlOPzYIpRN8J3dUR_xYJsjbQj27aVBO7LSTc_gc40bJfw&sig=Cg0ArKJSzDZ3O7dIrT9PEAE&cid=CAQSTADUE5ymg2DwzV-VXxI4ZhefuRXiHaQxPUvAKH39hfKNEDBLFfJ-SBUNavnd1XV14TImZOhwsJnAM5TotCoeU2tj1uYfClricp6Jr-IYAQ&id=lidar2&mcvt=1031&p=600,80,640,121&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1474514220&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676485726749&rpt=665&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCNwx,pingTime:0,time:1099,type:pf,im:%7Bpci:%7Btdr:1081%7D%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1,o:1098,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1093~0,1~100%5D,as:%5B1094~728.90%5D%7D%7D,%7Bsl:i,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1093~0,1~100%5D,as:%5B1094~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:188,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17%7C18,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:215%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
server
nginx
x-server-name
dt11.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
integrator.js
adservice.google.de/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=mysillysquirts.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=mysillysquirts.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1919316167716064&correlator=1856134575033763&output=ldjh&gdfp_req=1&vrg=2023020901&ptt=17&impl=fif&iu_parts=20842576%3A22562356047%2CGJD01M%2CGJD01M-DDA.C&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90&ifi=5&adks=1354456381&didk=3733884656&sfv=1-0-40&ris=2&rcs=1&prev_scp=pos%3D3%26monu%3D728x90_B3%26directDeals%3Dsticky_bottom%26amznbid%3D2%26amznp%3D2%26confiant_refresh%3Dtrue%26hard_adx_floor%3D0.00%26refresh_count%3D0%26tabVisibilityState%3Dvisible%26max_bid%3Dnone%26context%3D18__chrome&eri=1&cust_params=page_num%3Dundefined%26big4%3Dfalse%26referrer%3Ddirect%26infolinks%3Dtrue%26hem_included%3Dfalse%26tcf_gdprApplies%3Dfalse%26tcfBehavior%3DnotApplicable&sc=1&cookie=ID%3Da80e07f66e081822%3AT%3D1676485726%3AS%3DALNI_MZneKkXa-YG7B_vHYgg3KehnIMqBQ&gpic=UID%3D00000bb731f6df26%3AT%3D1676485726%3ART%3D1676485726%3AS%3DALNI_MbCU4jdxyra76o8enYv7ta18Y_scQ&abxe=1&dt=1676485728554&lmt=1676485728&dlt=1676485724805&idt=1364&adxs=436&adys=1110&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fmysillysquirts.com%2F&frm=20&vis=1&psz=728x-1&msz=728x-1&fws=516&ohw=1600&psts=AD37Y7uz8T0XjPxIYx7gBlMU_3u7&ga_vid=1837310906.1676485725&ga_sid=1676485726&ga_hid=1447808498&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023020901.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9b706f32743e3eea49a8445119f9dfbadd19cb621b29212fa30c466f87dd7138
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://mysillysquirts.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11255
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://mysillysquirts.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
font
c.bannerflow.net/fs/api/v2/ Frame D640 		4 KB
5 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60d9856aba44c608c0c45b2c%2Fb6187cec-1c6b-41cf-946a-7a87c6bfd735.woff&t=%20ALMabceilmnoprs%C3%B6%E2%80%A2
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17474999534835728384/DE_mood_shutter_banner_2022_160x600_html5_banner-637897135634216291-3b9f46bc-82fc-48d7-b3c6-34cbae40dcfe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb9fd828cbea660832b8f899ee4e2207fc2f7eb69cceae58c588a1966338088b

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Thu, 02 Jun 2022 10:45:13 GMT
server
cloudflare
age
22319015
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=b6187cec-1c6b-41cf-946a-7a87c6bfd735-subset.woff
cf-ray
79a01afc0b5830c9-FRA
expires
Fri, 02 Jun 2023 10:45:13 GMT
truncated
/ Frame CCA7 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
42266833a1d1cc31f5bc8a4fad3027254d14367ff40232a8d7e97b4de2c941a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
font
c.bannerflow.net/fs/api/v2/ Frame D640 		7 KB
7 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/fs/api/v2/font?u=https%3A%2F%2Ffontmanagerstorage.blob.core.windows.net%2Ffontmanagerfonts%2F60d9856aba44c608c0c45b2c%2F4455976e-1640-4382-9c81-b3d5f7b19a78.woff&t=%20-ADHJKLRSWZacdefghiklmnoprstuvxz%C3%A4%C3%BC
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/17474999534835728384/DE_mood_shutter_banner_2022_160x600_html5_banner-637897135634216291-3b9f46bc-82fc-48d7-b3c6-34cbae40dcfe.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
768be490ea35fd586be708a7aa17a24d2e31dea4edfeba832ae53339b952879d

Request headers

Referer
https://s0.2mdn.net/
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 01 Jun 2022 19:26:10 GMT
server
cloudflare
age
22374158
vary
Accept-Encoding
content-type
font/woff
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=31536000, stale-if-error=86400, stale-while-revalidate=86400
content-disposition
attachment; filename=4455976e-1640-4382-9c81-b3d5f7b19a78-subset.woff
cf-ray
79a01afc5bf130c9-FRA
expires
Thu, 01 Jun 2023 19:26:10 GMT
optimize
c.bannerflow.net/io/api/image/ Frame F536 		77 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2F56693ff3-bd27-4c66-8761-9d0f06ba053b.jpg&w=989&h=621&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e28b6544e2fe9f3db1f2daaf197077f3bde9bb103ed6b232bf059c533ee12dd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 11:18:31 GMT
api-supported-versions
2.0
server
cloudflare
age
25817
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
79a01afcabfe91f0-FRA
content-length
78704
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F536 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2F9c3c48ee-a8c0-47c6-9c04-df15df717373.jpg&w=921&h=613&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fdb79cc61ca46e3e11b7239f4079531f3abddbb8e70407e08967c9f604ad87d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 06:07:18 GMT
api-supported-versions
2.0
server
cloudflare
age
44490
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
79a01afcabff91f0-FRA
content-length
164996
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F536 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2F5d020e02-93e4-4339-ab06-57e62b55283f.jpg&w=916&h=629&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d3de6de24e6fc1a778c54ef9ddff567d05e511a3cdb486ac44726f25b41f14c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 06:41:59 GMT
api-supported-versions
2.0
server
cloudflare
age
42409
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
79a01afcac0191f0-FRA
content-length
64040
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F536 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2F21955bc3-b7dd-496c-897d-d652c98b8406.jpg&w=946&h=618&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d283c2f19bd9b24c108f07e36dc135213cc5c871ee0e9d68e23a2b840939ba49

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 13:24:48 GMT
api-supported-versions
2.0
server
cloudflare
age
18240
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
79a01afcac0391f0-FRA
content-length
71428
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F536 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2F7632b335-0c7c-4312-aad7-af0ac9a07544.jpg&w=930&h=626&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8fb164054a6d17b44ace39553e26826f6557819f609c9146cc9c11c135ab69a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 05:05:41 GMT
api-supported-versions
2.0
server
cloudflare
age
48187
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
79a01afcac0591f0-FRA
content-length
22020
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F536 		70 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2Fa3f87e39-76e5-4080-b50a-e2d7d3cc9414.png&w=996&h=626&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401cdcd91633f7d371d873008bf7ae6affa0c84f8ec45ce561a1ac94ec04b57a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 13:41:09 GMT
api-supported-versions
2.0
server
cloudflare
age
17259
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
79a01afcac0691f0-FRA
content-length
71940
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
optimize
c.bannerflow.net/io/api/image/ Frame F536 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bannerflow.net/io/api/image/optimize?u=https%3A%2F%2Fc.bannerflow.net%2Faccounts%2Fhome24%2F60d98659b53a0dc91abcaef0%2Fimages%2F29bee520-0632-443b-9d29-15b9d7b1732f.png&w=110&h=45&q=85&f=webp&rt=contain
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9bf2b00c7e2a152a3bddc0ccf6c9b64eaa69835b31f8b788dbe0ff32385b6840

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
HIT
last-modified
Wed, 15 Feb 2023 10:52:14 GMT
api-supported-versions
2.0
server
cloudflare
age
27394
vary
Accept-Encoding
content-type
image/webp
cache-control
public, max-age=86400,stale-if-error=86400,stale-while-revalidate=86400
accept-ranges
bytes
cf-ray
79a01afccc3c91f0-FRA
content-length
1792
request-context
appId=cid-v1:aa2d0cc3-fd7d-4ac0-80ca-1db03d937ce1
60d98659b53a0dc91abcaef0
c.bannerflow.net/tr/v2/pixel/ Frame D640 		0
112 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://c.bannerflow.net/tr/v2/pixel/60d98659b53a0dc91abcaef0
Requested by
Host: c.bannerflow.net
URL: https://c.bannerflow.net/a/621cf385242430397e02ce6d?did=5ced17d285b1c200019c3fe1&deeplink=on&&redirecturl=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstM2wcc9xbNnkq7uanDxYb3sId_agkU6szJipPpgWtcHEoRXmG2Q2u9HwMXxW17s-6JkBS5doKLQ7Ak_m1TwppA5g_0o89s8BmskHpIVRcTp-EvChBg-qd3-YZ8CR2lIGjhgmLZ_tIsCcZGNnB8hgXMHTwNN3_1yKzYFgQAzOTP3vAXYWGX950PLpR3ai0wrJn2NYBGLMJgHzK-mbzOuKN1MGxcEVHRD1UaaPMZMu7cxM-V8UPTr4rYM1e9FrMmDfVs8w_ZGS9we1A1WuW7o-cZGNYade0xM9VZi40PGL1NYTod_JIAveuHNVNSuX6oVBm98YmQq_p_Fyz29JZ8RUcYOsCv41q-H1JnzVkgRYm22i2omk9sknldiDdSIM84z8r-OtkZeBinQ3JuIi2RbZVSOUn61dLdfXX2tPS9y4vYvoG2jTsOB-OjIdb80NT1ZtrDMXXXmLn-hrrPGNUjaklEnu3ISMw5NAxBGQcw5iW6MQuUfU0VDGIb-z9TTASqQB3aWO3cgnwA-u3PIMiyZr3LJ8o3EKbsGiP6dV0pMSaIOEnykQo3rVbNmLlF1hg-4lPOWN7TiCKPGjIX9y0vFnM_vjKix6Wh3KgBFrKFzv0iMuQarFChQ3sWT4vZqm8HavTLG68x-rVlOGiYafgPQIwz8rTcurzn1wO96wAzfmmIh5-3NvyxhqxhUv8eN6GSDuODqTBVzOEpKL3-lm9ow_b6hQZh9BGy5-xb_k_aSoF6d1pJhtOfcUAEZJSDqLYWx9sH5eq5jtybmin7SbXlPIueXh3GInnpfsRCSf9c7IfjwJFsf1KbeqYm0eAI68JS-8dYIssiMuYxJISspJ7tILa6Mq7ogvj7gRgEi-Ig1uZMr6bCUEsTtVDRGyoj2oYhyWEwyamJb4BbO6nEZSG77edHQqh4MKXTMajzvxM0MlpNL-xgJPBLGWKdAf_dWQM7upeXCJTfXDNKc61bZoF_An325Qk7T1LHC_S8xod2L1QvGd0qKGU0o8GVeuoW1FBDm1-5kexopupHS5odNeAprJCuyamOAtU2s6phSVtEroyN3_x1bBDDES429kQ7Hy3kFu0E76zt2HEIlo4z3FRpCi6bNgl-RWLePdoCEKu_2vFtSHx45FCAoyJL8xpy3xs1oXl4ru_VEmrQEnw3LnEL_uBYHUCOm-zaVBNvO0tMYSQ_z38GmZ7g3sEYJO3bVnxqI6E1JjzXsbX5polXOUBWCHUb4r7tZYXJo4QfNKfSLs9TXx0RlewxI7V6eZ62LsuFrT-gZ_esNvyhdEiAsF6d51kjyoOrqaE44gkDzabld2PyG-aFjpw-mufZY9-4uIXcarwQhZ0roLq-DDhm7nhRbOacSbZ3yPLIStETPn4vKBn4odHAIvzn9m15h6aZkKkvcTOMvp2iIObOhmA97rIhz1TQrW1TWIxxmwiGVpH7_I98oqpxWQ%26sai%3DAMfl-YSzGa3gUftGrWTdYcn4W1Np7aLAzFJmU-d13AflFdjwjwZVjvAjITqzGlVNxZj8gEgwDlxDsuFXvEP1HhrUyRFsFEztoNbNW3AOsF1eWwbElOmVuD19q3s1aV-c264haes_4ovA2-w50VVivTu3693fBtnqR99WOwMQx8ozQnJx45SfOl7DT4i9QaXjFBuQcCDykZ0xatYOF_wms7DDLx67P3uB7kp381CyKNz1kJvTQ_OLWvmyE-AZTxtmEQ--kyW3rzIFIFU76RQUaCVGu4nuQsUi2GIAcofcLtS2Jk5TyoZKWlSHTrp15nYAZN46CWkg8qsd%26sig%3DCg0ArKJSzBYFs8OL35qQEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26rm_eid%3D7804798%26adurl%3Dhttps%253A%252F%252Fwww.home24.de%252F%253Fdclid%253D%2525edclid!
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:c40 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://s0.2mdn.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 15 Feb 2023 18:28:48 GMT
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
79a01afd4cec91f0-FRA
content-length
0
request-context
appId=cid-v1:1d9bcaa3-5ddc-4e5d-973c-949d7ceab63e
gen_204
pagead2.googlesyndication.com/pagead/ Frame 23AB 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=1324607046046&version=m202301300101&ct=76&x=1&cor=3110893445594160000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:48 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame CCA7 		0
0
container.html
4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0B09 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://mysillysquirts.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
3
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:46 GMT
expires
Thu, 15 Feb 2024 18:28:46 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame 7898 		640 B
262 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUD3bAYh38vSZPGXx5G2WYAyKf88l5OeRfdViT373F1R6LNJQKqOi_KUMMCv_qanI4XUzJ3BkzAeRKUluDX3r_4s9m4WmV-3iW0s42i1HddO7Lp7jX6fluZeaS2ZyY-kTECA9gQ1Y0NwHAjEPSUPdFdvozRFHBA4zfEHWRTsfa2L5Hijj8
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:49 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame 0B09 		78 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
27800
x-xss-protection
0
server
cafe
etag
13454357883945390929
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Wed, 15 Feb 2023 18:28:49 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B09 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CkSLWR9iVkcVJD4A_pZoNkBPXPO4EgFGuXgXKIsTA_9HAaek1GronouP5mNBMQqcxayyewKV5LQ17KDRVo_p2erVLDtHmuYe8xz98y8PUUP7k3s_g
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B09 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=fetch&cor=15692967028018869264&x=1&ct=76
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
jload
pixel.adsafeprotected.com/ Frame 0B09 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=925113&advId=818595827&campId=18516745436&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://mysillysquirts.com/
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.236.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-236-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
79cc18d309bd22c2451e42afc9da991aaae0fbf5521b1168d1d47663a5b68594

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
adj
bid.g.doubleclick.net/xbbe/creative/ Frame 0B09 		71 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.g.doubleclick.net/xbbe/creative/adj?p=APEucNX4Fyk8jj1L3a7xTVS3mavrfoc3HspamztaZX094Je5lzkr6pQ&d=CokBAKAmf-BIlVfiqI5uyHSUYjQGU6by3Ibz4VkOHbZk9EjStoAZuqNHyGHM6pGwYENdnJ-ZyZp1wfu4YN5zhE6ElHGz9oQpvQU3yaqX6Y87leefqk6JDLtfkOTiOziqXyCrr6hTvBjlLGs7vUSsqfuWOciUzhRXdZbD8LUtaDrehZvubdgN4NLHiB4SqRQAoCZ_4FrdhqOHgkZOBmg6EXpu7SebEPOr0--N_n3VpbnogCVyW4-wRCNHayLJnyH62wTp8zr2d9e85uvNUF-nI5nCJcm9hByl-zzmnuYgzAOcWMPKy68vj284Y5m3UmAMLAtfOFwGoPUfjp77havxbLTXRnYpdCgjzdHR3ZNGfKPDOcZMXuGYiSVxrUzhw4LxMuUdVIy6VtzU12hJxwo69AtvvogGNLxWc5AMnAg4PfJO5nPwnjeCzdHJvxwCmoFIiV20Ptomeejc6m50VsMjAPKCtYAwQ0CdaZeMRJh6184J-iA15g25BNmDUXpJLGx_D2CLCldjaGB23GIYmPiXo_8siyggeVclfk_268vpATzEQaSsDXpcl7G_MtmHj6JI9zNdLjMaiZ4qvSSQ929H2uzzBth2b4YvluOmYUOy7SXlIpGxHhsRecE-JFeKbcrAUKob-Slb4XVRKAYARRDZJdqFBpf7YkC0LfdTOvSAIo0wI5HmxZbD6Gf9_7n2PNwTfVChdsiD19q-Am_eSPmvzi8RwQhkLSFyKXlM_9_FZCIfknqJjmEYITVVs63AQ9N8p7LfM09rGXdMbn3PeFiYgdw-BFgjqW2xYVPNpoyCW78oRv9Oxa5R0ApXnlzB3FpH8iuFPn-07UBQzV2RoBOANhjY96UAMOVbvUqgfIGFuRpgJ1DcAmXVIVl1WdtSGcHAkLngtBQjrTOJKBC22ge6uVlXQ9M7IzrLKFhNYQ-HMV2SxuuoT7g4LoCBkCUiyt8xe1TG9Cp6N8-QxH9oAlaheTNklVcBmXEZXEnUEuaGFdgi0-_k9SnC3n-mF5YCA1-OaUfI3U1qVhxdDX3kuFDQwZpcy1SnRUKstc-PIOmVd0c_1BhuX-u722W_5ygb_3mITu7vOBokHv_zCPsCurez7Uq6bqIR9X8hwp1pe4USlnVuORFHRe2YJ7WAZti6yB2ir4jVQ6W_dUtXiyzi7YmbTlrH94v_zUtlgO8Ro95Hqvi4W5ZaSSqPSaE0sY0bvWLnxObLRIK9YkjvC9ornm1PI-qVwzCDpgRZQlpKyGTZJvS8hQzTQla4QmdQANXO1tP1PjOZzwnYXqArJV2hZ4RUTm9phsVraRTsiA_xdEPVUoPQRqr4OUbxyb95gscVWVPRoEgPnTVV4tr7dVl53Bg_mJiPITKnlj9ZzIv6nN0r8Ovro3p1nvFhoregg6oUFlsB41FwQxMsYUSJSfUqBG-_wDth1KLdV4VfEfC7-V7BAqsDn1MvHMB3IfXVQHqs9mhhZCdLbTscUllCsEndIpRyoKHjnUxle1hbj5-3t_vwqW8XmuhpwZuHlT2NgEzedkV1ODYa1ov_OjH90D114WM3Rei5J1LHe9P5hVJ-QrEi9JXRENdYzrGjgUKj_1uUBlA_StAHe21yyxpdt5CmTa-uJ-EHLDaSZwCINNy3FcvUze2UISTNc_Ryx-OS479VyKILV5opV1cxXPja8crdLGoExy5G3G-IG3Z7yrpxTRqgW3dWxtUCrNzY9A8tewysUcWiZMRlzW08y6_6dDDFTN4pfI64Lt99MUVRW_cEEK9hdpEcY9JOK8ca2xtioMrsFnxl0dHfoxZG61hJ-TFqyWtyemsv5xwmWldm4hGsVY1c4wkbDe61W77igVGQxhbqyYcIcSWZbGYBcXXRa2iFyymcpfrEENxs0b2EISGybR-ze_0iv8BpjneT5s8hfVWsDKDG50mZpWaKp1I2_ALp3mWTlqp9JvIKDKYPkXfBCld8VQDlPwxEeLIZC-NObrTPYZat-o_VuaWo3xwMWovidShwEea6yusOyE-DnPM_Hh9cG5mIojzimDNgnoVTQQ8pYvWXT1lzp0R5WPwgpW3N1QRgYJIirb4FgoAVdS2LdnkcRNbgZ4rS2pp19OLYlF6QRhTHt6sGuPn6M4zVdeOjY4cTqn1hbx_9PGUUKjT_0fcp4t4BJJQAGFzyRNqiSD9jGm3qbw_yQZLx1jd3-qsY-KjxQuu09cUSgS-rw-8j79WCqgRr-T5aC1BjwMqtar4qSxq5erQyj5VpMzsoH9KuXUmqFoSCVOgBwzeWJHGpYNh4MK-Jae23RgTcvm7FeUCfpvq9D1G8MZHZALY89uUdwJLAmjl4wKzhdWy2fxxAQ8QzkndLvlONhFtuNlKStDoDpZ9kryJP8XfQe2IzQJ0Aot1a0ePsMIj4r7xueYWOOySwhnwCU1d3jT4X-F7zXz2GUTTHaQT3P3MBdouS18QqcNVA18FJl5e49H1M0E2UfeYuUMGYnzXBjhTli4FYmzqKSQU5wyMDoNkp3JW0ZYr17hMVdAZqkz_K7HrUzwz9VsIYtznzQWYLHBAoRxNyVgYU_kliLKS9C50Su0KIFtifAqggnsOFZ7wUygntO_r2U7bc3C1GQOnQBEX3dcPjCVLyuWR4GZWJA3rTprjrQrPxXEwZAYZcSTJHc1mavai_bKIfG3Y-KJT6RSoNkFlzx4T_mTPSUjfPt59evVqCiYZQzHCeH7ncpAuHzVIhcJZ0zvUochCHnqDTxUrvNP4enAH4n_HCiocEluJhOcDfPm0_TBt8xIlT3KXtooppTTR7-qyONACvrt-906dP0l9Ols2_rgck7blheyZ5Q7cmxStRFIPjwApJdP2PnD3KlyiEnjlgGU2trfgqvyNibsX5NaCieYeoOfe77Ccy0KOFaHYt_bhR6HyQsQukDhNVw3IOr8qqRjPmo1bc2NX_8gCzW-tVxoYQ-7RF_h0rKUM9Ax5GrlJDbJmY6zok90i1uEi-USrjiUrBI9-r9c43DXL1lI7oSSTQX-_738wafR8KfACoDvwUKgGh0933VNPnwJNqHG4UPWFIwe9G8Syn6Lt0k9L1yT620Zx3tt6mOZAs6r29Aipg4c4sTknWv_0VMMEA7t1WBHVZYQUenkeeZIObbKBSdZjxa435QclOtLQL3xwf3P7a16xBGNc8Fegq7vcU34q71mPFa3nhnCgGBkHzEjpPr-2dBnT_3ZMKvpzY_vKPxxEeTVRuBgRP835J2FuMWzeBljM9ILvTBYnPgHjHyf4jGcwJUbPRmqIZA4mBi6tb6nhZg5EVddLwU2mBCCF5azqiLsCzbmeQofbAiRSb6GSdARwE_1knq6bDwV7ttozAsOjMfElrA-9LpOhij9i4z8RLod4Yxb1QyvqFW1lUZiUQ2ctdwRUZck_NLvIaq4H-hvReEgjMfJ_9f7WOVZ1kZXoNVm55ptUEvo3I-j_R-MzV9qbrkXyNo5xpfwt2ZAM8HJcqikWeDh_tPdi0rM8gqemq7h1nBPQLBDHE6Rf4jS7oZunLeS_oUCqCJQnOeSioncHps0cLp5LC55OcM1vjVft9bSSi5k8h7HMxhak58t2sK3Aj2yA-MAECBTkgCDTlAkYfr8Ar-Hxrm0UF00UWh_90ZfL0jv5fyPInPOPimZsS4qA3S19tQyCRI70aQggEEjwA1BOcpvtoU4dg4NoOSawAclwM2uSTA-eg8BOpXEoujn_lVZGLKfcsk8V2EsUosF7qQ9wEFE0Eq4Zv_ZMYAWAB
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.27.155 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ra-in-f155.1e100.net
Software
cafe /
Resource Hash
befa3df11641ee50ac5507ed11e9b492c156afacdc3c68903fd3206bbc3517fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23848
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
skeleton.js
pixel.adsafeprotected.com/rjss/st/1352960/69430711/ Frame 0B09 		47 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/rjss/st/1352960/69430711/skeleton.js?bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=18516745436&bidurl=https://mysillysquirts.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0gRxjltMNd2McXH9qDSkUXh
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.236.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-236-161.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ae4db6b26dc6cca893080dca095e66ddfe98edf2772f71e7a0a7ca296eff95af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 0B09 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/window_focus_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:31 GMT
content-encoding
br
x-content-type-options
nosniff
age
26538
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:31 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/ Frame 0B09 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230213/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:30 GMT
content-encoding
br
x-content-type-options
nosniff
age
26539
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8316
x-xss-protection
0
server
cafe
etag
7067238764211672077
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 11:06:30 GMT
l
www.google.com/ads/measurement/ Frame 0B09 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTAWEGaLydQqrlGG5YDYlY45B3t4RBOyKb_U7lJhNP3KdNlEzuKcwD2PJ4bfTUcaan54WdpioOVBGyOoGznxtiWUrGOEA
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0B09 		156 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48832
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1676324880006035"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 18:28:49 GMT
pixel
protected-by.clarium.io/ Frame 0B09 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_T09oM2JUcnRiMm5IeU93R2syTFRPNVNXbzU0LzIzNjcyNTUwMTA6NzI4eDkw&v=5&s=v31gpb5c6t3&id=eyJkZnAiOnsiYWQiOjI4MTkyMjk2LCJjIjpudWxsLCJsIjowLCJvIjoyMzY3MjU1MDEwLCJBIjoiLzIwODQyNTc2LDIyNTYyMzU2MDQ3L0dKRDAxTS9HSkQwMU0tRERBLkMiLCJ5IjoxMjE3NTksImNvIjowLCJzIjoibW10LWExZTliZjkyLTZmOGEtNGM0My1iODBhLWE3ZjQ3NGQ2ZGI2NC1hZCJ9LCJ0cF9jcmlkIjpudWxsfQ%3D%3D&sb=undefined&cb=3802477&h=mysillysquirts.com&d=eyJ3aCI6IlQwOW9NMkpVY25SaU1tNUllVTkzUjJzeVRGUlBOVk5YYnpVMEx6SXpOamN5TlRVd01UQTZOekk0ZURrdyIsIndkIjp7Im8iOjIzNjcyNTUwMTAsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
79.125.109.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-79-125-109-97.eu-west-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B08 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=9303640504345&version=m202301230201&ct=76&x=1&cor=15085085495913454000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame 7898
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJmP2G717kIu520GdeHEruo&google_cver=1
43 B
114 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJmP2G717kIu520GdeHEruo&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUD3bAYh38vSZPGXx5G2WYAyKf88l5OeRfdViT373F1R6LNJQKqOi_KUMMCv_qanI4XUzJ3BkzAeRKUluDX3r_4s9m4WmV-3iW0s42i1HddO7Lp7jX6fluZeaS2ZyY-kTECA9gQ1Y0NwHAjEPSUPdFdvozRFHBA4zfEHWRTsfa2L5Hijj8
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
via
1.1 google
server
OXGW/0.0.0
vary
Accept
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJmP2G717kIu520GdeHEruo&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
us-u.openx.net/w/1.0/ Frame 7898 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUD3bAYh38vSZPGXx5G2WYAyKf88l5OeRfdViT373F1R6LNJQKqOi_KUMMCv_qanI4XUzJ3BkzAeRKUluDX3r_4s9m4WmV-3iW0s42i1HddO7Lp7jX6fluZeaS2ZyY-kTECA9gQ1Y0NwHAjEPSUPdFdvozRFHBA4zfEHWRTsfa2L5Hijj8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
um
sync.teads.tv/ Frame 7898
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
  • https://sync.teads.tv/um?eid=3&uid=CAESEIy9OSiW4JBnjX4qubN8-gA&google_cver=1
23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=CAESEIy9OSiW4JBnjX4qubN8-gA&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUD3bAYh38vSZPGXx5G2WYAyKf88l5OeRfdViT373F1R6LNJQKqOi_KUMMCv_qanI4XUzJ3BkzAeRKUluDX3r_4s9m4WmV-3iW0s42i1HddO7Lp7jX6fluZeaS2ZyY-kTECA9gQ1Y0NwHAjEPSUPdFdvozRFHBA4zfEHWRTsfa2L5Hijj8
Protocol
H2
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires
Wed, 15 Feb 2023 18:28:49 GMT
pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://sync.teads.tv/um?eid=3&uid=CAESEIy9OSiW4JBnjX4qubN8-gA&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
um
sync.teads.tv/ Frame 7898 		23 B
172 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6Q0AIQ84-rhgMY3febvQEwAQ&v=APEucNUD3bAYh38vSZPGXx5G2WYAyKf88l5OeRfdViT373F1R6LNJQKqOi_KUMMCv_qanI4XUzJ3BkzAeRKUluDX3r_4s9m4WmV-3iW0s42i1HddO7Lp7jX6fluZeaS2ZyY-kTECA9gQ1Y0NwHAjEPSUPdFdvozRFHBA4zfEHWRTsfa2L5Hijj8
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.111.217.42 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-217-42.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.9 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

expires
Wed, 15 Feb 2023 18:28:49 GMT
pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.9
content-length
23
content-type
image/gif
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B09 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=7942089248255&version=m202301230201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B09 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=7942089248255&version=m202301230201&ct=76&x=1&cor=15692967028018870000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 0B09 		15 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BxnxypG2G-hBHPLJ8YhELtbI21sljyHem-QOGuJfflGwg_9rJT9xfIvue1Ner2gN4KUFEFnWLL1AR78iTHM8V3OeknmnpIl3yUz3GI7XIyhPaTIiVJu-A5e-NUsOOrArd-EFaLZPKbsiezjo202-gsQl81TT20ST8jq1e__kKanjeuEOw&cry=1&dbm_d=AKAmf-Ah6JCsSKQpQCyoDAhlmsvbNY7klfWWHLP15_rQSikgEQLPpPxLldSO9X4KQpqG6oexngQXpneU91NYYaKvXRKRgh9VmskDod4KrsiB6Ub15PmMRfVGjOLiRA77hta_JIxIezRfjiaLaLA1nZeDtobcl94cl-dIM7wHkK4-AC4xPjuan0K69gQc8-PAXzMnai_hMNpyIZax2G1B-7ChdpGPbRgqYwegKRRTZ6Kj91bpRj9EkleRNX8BByWY4_SegWkpgb1ZVsXhKbL7RBA7AMOIsfZjs9rsGHvT7d8Z8bK-byrsVahAqUwgJEswwjHvGf_NLwARP8y6YfpNUfovTlw_ZtP68-tkuP_CvrU9i3yc1qdD62QCr3RpGeISGy40T-_IHl_fL9OZN-34LRAwJldkVQMI0auEdL-sQHrJ__sxeol2_SooBGhOuOzbeDwbKxjv_JIeUzjve_6HOZ0VV2fYetwmucCDJbeP8dROh4tAiABEl3yFbNA1NEKcYurRw-dV34a897RtL0scdDaV-O1WAooo4KVaKoSFZ_4ifaeHHQ2yAOPsHL9mj8bu4ZH_-pXa2reAiWj15DfxeiGzkputELwCVPAqGdCcK_M5p5TiL4nQ9-NpQy1-gaEZKBTTkB0fzDux5_BoA1ZPD0q25AUnm1jOGDKcw3FHVABV9u9ObVf6c0cPj8LAT-wxcNkjTcGYyGD2F-RtTy_Jcg8t2W6BhD5q7d__lf4xJO0daHsF3hZc1HGyxFX4uyH80n_kE8rvF_jGiMiyTTremUW8cddxUEWfDHbqjEE32YuYFWr6RIRIJ9nHSxo4OxADvgNxBa7OmiF4wItxqhPUcc6KYuj8jMwSiwxfgjrVKa0TukBuAG8N5lGHGHgaN1h3ME2F0CROQki3JcW5o_3V2GIDm3jIPIfuVYaUtuiVRNAhCxkUqpXRWEXhE_HxFfU7VzxPjeQT0zw8u3HqGNuBQPpENLvPZiWe-4ZbZctjHRx7VgIQMfaPT_nohFlaNwc8nO4Qe-etbWWmvyjsOC-v1vuic-thMtNEMK6EytSuV46UgjFynTQIxcLe58Kpkq9T13O5lFJSIuUSDvOU6FNIrSiR237fYpEwbqTjSu_-KIKDsgAvuC7BOuIjmMBS_DCj69q1ZLWDCGYK0TeksjIZjAaPPKWOTvBilf-mY0pTzCc43c0mZN_7KepQtdDnJwsoEfSZeccy6BBoLZi9DUH4sjxmIKQX2k-lDZ2JlrcE2R7ZNuxcXAjuHNNhsTHi6QSwI-moTvEtrvXJ0FL_s5GFg9dzrF_mz0uem0_aeRDv_V2ke_E1FCBlqYnfxKYKI8zMqmSqJCemFFSQolNsWpjIx0J6UnxFLwVr8W5ktP8jbSu6NfFGTZvlA_BshiCKRvOTmLPdfbyM6ggEKf68H3HpKK31Y5z57diynQi8AIS4GFQocAsV-DrBFZh4PzLywUpnUOKyABd0Pb3zxzv8ay-Zgy_-GQ_YX2eHm5etyKgTfnRVkpS5rCdgFGBjGOA-qtKZTRaz7Qtv7skFrHV83g6JQmQEXOl2zxntmgbGjfobjDaGEZL7cGnStw8tdaE5PzMT60bGdXCslQqaiZQzPDeB8cD5E8rxKl6kqXkgLRYLl4k9e3-ePTf6q5Gi34igKV-PauWt1KL9-5x0mgnf1wAO8fqi4qNYVIiNN-QaRCT1zs9TEh4Ehh8Fnp3mfeHn2eh_u-I-o0R1NZSzw0geoak3sJJ_DZUG2l2nrnCFcTen3w8zoT5o8Cb4DQ-7QmWTeevAzWY8mkU4cDBKXiMG3jgo6IQ53gnv0xwxICUXNI3STzHUdzLJmuKAgqI_cR6NgPiHlaMi7zHRCmuzvwfarzwkZpcRYmQgYsooGRwv9tJHT5VkdlIF_qqyKDan21bDSv-qW7ZKlW_vPuVKkWtkfSce7ON5o4DP-PljXm2201HZW9zabU8hZai4QhJwun03UTZUAzV2SA-WaBL8ZlyuNctNZtDlcduKJNaHkaPL0STkfzLzF15VEujsUCzH-Y2FG9Fo88iCHwwJYqAh299jYLf35X6iy3kF7DBYlNW4xiOvIQFWM-HofXpknifbCrosn9W7YNX9wU6IvGm2ASht2KtVavi5_PqzaXDwFC3QF7W_Iib7ciyP83RPjOpEzZSgP-_y7-OE3DII5hI2bRoabTgNLmJhDN6gcQN8Z_Y72U7tRazqhUmk0WMTAjVJ-GVufXHRqOYdI2r5VU8T35w6cYq_mAT0W2dBiMCd_0Va7PFZzXZtGf24osH1rXqM4gy2iIom5ntb2NANXkXdighHA0o-v4j16v632l3_9fZATyx7Da50xJCdh-_pr2Vg0EdNJMoWYXUIM9aAjZapvDY2RpDZaRSLUBlhxYN6GWazKeWNSbPHy6IuWUBFsFVc19boqKl9q12zYORhwq5RVNAaCvqDj_7CntXk0YrFLTM01-VD-LNgPKKlvkHFoWxGzsHCpV2CqEc6zbNUMbtlDrUEEbfxFt4JqSXeQ2Rb5J_YI65OPAYRNND3Sh-d9H9immylhq45lBm58M74C07C3j6TOs3UwcrQFqUj144F5J_AabRXsH1ZqskOHm4ibkwWsKCAzbhvHsfQATo-Wy2LJYUDR4FrueXPguUwxPaf4QV72KRfeteVvF6-Dc_nuwFu5XGLxa9nDHopYeBU2oQebpyO9rS5Uv4Pa6sq0SVzrZ80EBMbUIS8wKVL9H4gzyuTiI0od1ZMfO6tvX2VvBznOxXQ9ejeYJOK8aGCF41uwVU_Rpumu6i8ANcApKiMC_4vvTIcpHMczj2ZrAmznNhA1my_Z3edqcKiTINzBfWK8HFEhtCFaw9KhHY1KgfnTn3kB12fCEVmdnQE5c_r7GB3I-po7ds9nddpY3NA0fYay9kMNHQ6wdg41BDTtnJLZXRhgGl_8KP-ueK8Weztx9f8VzLS6j64LQfsFF0-SGZixTFrsn6wFr4JYF2v6U1Zjs_0i8QgQMTWuT48r5mlDsJA&cid=CAQSPADUE5ym-2hTh2Dg2g5JrAByXAza5JMD56DwE6lcSi6Of-VVkYsp9yyTxXYSxSiwXupD3AQUTQSrhm_9kxgB&dc_eid=31072034&dv3_ver=m202301230201&rfl=https%3A%2F%2Fmysillysquirts.com%2F&ds=l&xdt=1&iif=1&cor=15692967028018870000&adk=3047537735&idt=81&cac=0&dtd=6
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
66102f3cb7b7575d6e25985d20c3d2c2d812f4265466ec3e41d365aa83fe8106
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11281
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 0B09 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 11:06:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
26540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 15 Feb 2024 11:06:29 GMT
main.19.8.394.js
static.adsafeprotected.com/ Frame 0B09 		200 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.394.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7a37a4e2f1464a5f82bafc1aea9bc92be25447be734467ecdbd5e1874e22551b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 10 Feb 2023 16:21:45 GMT
x-amz-version-id
_dZBOGo6WbGPtb685W__WVIjRkb5PQgb
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
439625
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 09 Feb 2023 22:04:06 GMT
server
AmazonS3
etag
W/"23f65915f6ceb35c339633ede270d26c"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
CmTp6ZaVi9q8X0xN5xQ28QJBtHC5UZi1QZmimheRANsjVeuRdaBhBA==
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame E507 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
26540
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
8395
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 11:06:29 GMT
expires
Thu, 15 Feb 2024 11:06:29 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
html_inpage_rendering_lib_200_276.js
s0.2mdn.net/879366/ Frame 0B09 		170 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Origin
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 06:22:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43597
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60311
x-xss-protection
0
last-modified
Wed, 02 Mar 2022 23:07:25 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 06:22:12 GMT
omrhp.js
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/ Frame 0B09 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/elements/html/omrhp.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 03:48:48 GMT
content-encoding
br
x-content-type-options
nosniff
age
52801
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2986
x-xss-protection
0
server
cafe
etag
3296546412363819624
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 01 Mar 2023 03:48:48 GMT
abg_lite.js
pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/ Frame 0B09 		28 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20230213/r20110914/abg_lite.js
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Tue, 14 Feb 2023 20:18:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
79839
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
10817
x-xss-protection
0
server
cafe
etag
7837758721724492523
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 28 Feb 2023 20:18:10 GMT
6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
pagead2.googlesyndication.com/bg/ Frame E507 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
33762
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14458
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:06:07 GMT
cookie_push_onload.html
pagead2.googlesyndication.com/pagead/s/ Frame 6463 		1 KB
643 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
13532
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=86400
content-encoding
br
content-length
618
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 14:43:17 GMT
etag
48472445140208031
expires
Thu, 16 Feb 2023 14:43:17 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
truncated
/ Frame 0B09 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da237220e71c957c394e8007fde60a30c9a7d2758a3fa72c72380d3ae79b986f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Content-Type
image/png
sca.17.6.2.js
static.adsafeprotected.com/ Frame 3125 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
12711153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
NgwMp250xErqRjlHo_IJzcFbulsrvv4EAxz9As8nvZae3v3Kkgh2jQ==
mon
pixel.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=925113&advId=818595827&campId=18516745436&pubId=1&placementId=396819421&adsafe_par&bundleId=&dealId=&bidurl=https://mysillysquirts.com/&adsafe_url=https%3A%2F%2Fmysillysquirts.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fmysillysquirts.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:886b7812-b069-38ca-8449-fc452d8dd244,c:4jCNMc,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-69f5898b7f-s5qhj,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:145,mot:0,app:0,maw:0,fm:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:160,oid:9725a0aa-ad5e-11ed-ba92-d29a10f10c2f,v:19.8.394,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.246.236.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-246-236-161.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
app10.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
skeleton.js
static.adsafeprotected.com/ Frame 0B09
Redirect Chain
  • https://pixel.adsafeprotected.com/rfw/st/1352960/69430711/skeleton.js?bundleId=&ias_dspID=3&ias_campId=25458251&ias_pubId=pub-3944954862316283&ias_chanId=1&ias_placementId=18516745436&bidurl=https:...
  • https://static.adsafeprotected.com/skeleton.js?bundleId=
17 B
465 B 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/skeleton.js?bundleId=
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Server
2600:9000:214f:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Fri, 01 Jul 2022 02:01:00 GMT
x-amz-version-id
nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
19844870
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
17
last-modified
Mon, 17 Aug 2020 23:54:35 GMT
server
AmazonS3
etag
"53fab767ecbd3bf07990b10246befbd4"
content-type
application/javascript
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
b8BLYeEy61XwTCkFY76kA8ljbVr_TwcUtfrx5_MsGhhJrVcLLd4L1g==

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
app06.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
location
https://static.adsafeprotected.com/skeleton.js?bundleId=
cache-control
no-cache
content-length
0
sca.17.6.2.js
static.adsafeprotected.com/ Frame F22A 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:fe00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
12711153
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
yNgI6GHarzc7v0Q2ad1lCCzDqhwOpzSTRTCoi_oiembQew7JvPljSQ==
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCNMP,pingTime:0,time:199,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:160%7D,%7Bpiv:100,vs:i,t:198%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:199,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~100%5D,as:%5B1~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCNMR,pingTime:-3,time:201,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:160%7D,%7Bpiv:100,vs:i,t:198%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:201,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~100%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCNMS,pingTime:-6,time:202,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:202,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~100%5D,as:%5B4~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161%7D&tpiLookup=ao:mysillysquirts.com*&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCNMV,pingTime:0,time:93,type:pf,im:%7BpBlk:81%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:74%7D,%7Bpiv:100,vs:i,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:93,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCNMX,pingTime:-3,time:95,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:74%7D,%7Bpiv:100,vs:i,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:95,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B2~100%5D,as:%5B2~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCNMX,pingTime:-6,time:95,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:95,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~100%5D,as:%5B3~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgJ2+11%7C12%7C13%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75%7D&tpiLookup=ao:mysillysquirts.com*&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt20.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCNN1,pingTime:1,time:2121,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1023,o:1098,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1093~0,1~100%5D,as:%5B1094~728.90%5D%7D%7D,%7Bsl:i,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1022~100%5D,as:%5B1022~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:219,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17.925113%7C18,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:215%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt21.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCNN2,pingTime:1,time:2122,type:c,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:1024,o:1098,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1093~0,1~100%5D,as:%5B1094~728.90%5D%7D%7D,%7Bsl:i,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1023~100%5D,as:%5B1023~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:219,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17.925113%7C18,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:215,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt22.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
index.html
s0.2mdn.net/sadbundle/16644202875967455809/ Frame B467 		1 KB
767 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
739
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy
cross-origin
date
Wed, 15 Feb 2023 18:28:49 GMT
expires
Thu, 15 Feb 2024 18:28:49 GMT
last-modified
Tue, 25 Oct 2022 17:10:54 GMT
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 0B09 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_uAE2minsBCJj00t1NxKpjAmopny2N63OSJom2aG2GkgVMtd7Dli3LjkfEFnMqOQzzGUerElw3NLkZDgt8xo10rOXEq6ufqNUg3ifJhl6rt61W0OZzF9E_EHtK3hD0wH8qd5D93Pwl6b4nNKOx4XbGLT3ZU7zGDRD9GXQ-A&sai=AMfl-YQU34LjGYLDfFXH4Bc1SYo-YqfB5TTNzg9JOn3g9itSjZ_lXx7XquRG_sXzt8YeXAPImX_NTHTKPbbYcCfvXvq6iyRBXYIX_fD37Xbevq0YMuQOW0ZFMgCq4EH3cAo&sig=Cg0ArKJSzHo7v38B4tvXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=161&cbvp=1&cstd=156&cisv=r20230213.26698&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:49 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 15 Feb 2023 18:28:49 GMT
ai.aspx
m.exactag.com/ Frame 0B09 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://m.exactag.com/ai.aspx?extProvId=63&extPu=lh-mindshare&extProvApi=lh_de&extLi=26915561&extCr=180481255&extPm=322783817&gdpr_consent=&gdpr=
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.14.248.91 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000
Date
Wed, 15 Feb 2023 18:28:49 GMT
X-Content-Type-Options
nosniff
P3P
policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy
cross-origin
Connection
close
X-ET-Monitoring
1
Content-Length
43
X-Xss-Protection
0
Pragma
no-cache
Last-Modified
Mi, 15 Feb 2023 06:28:49 GMT
X-ET-Code
0
Accept-CH
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
Access-Control-Max-Age
1000
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Origin
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
Cache-Control
private
Access-Control-Allow-Credentials
true
X-ET-Camp
1119
Access-Control-Allow-Headers
*
Expires
Mon, 26 Jul 1997 05:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCNNy,pingTime:-2,time:132,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:366,beZ:367,mfA:435,cmA:436,inA:436,inZ:437,prA:437,prZ:439,si:441,poA:442,bl:448,poZ:448,cmZ:448,mfZ:448,loA:462,loZ:463,ltA:499,ltZ:499,mdA:256,mdZ:301%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:74%7D,%7Bpiv:100,vs:i,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:132,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B39~100%5D,as:%5B39~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75,sinceFw:57,readyFired:true%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt14.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCNNz,pingTime:-2,time:245,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:255,beZ:256,mfA:399,cmA:401,inA:401,inZ:404,prA:405,prZ:410,si:415,poA:416,poZ:435,cmZ:435,mfZ:435,loA:457,loZ:459,ltA:499,ltZ:499,mdA:256,mdZ:301%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:100.100,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:160%7D,%7Bpiv:100,vs:i,t:198%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:245,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B47~100%5D,as:%5B47~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C17.1352960-69430711%7C171%7C172%7C173,idMap:17.73968860-c2da-549f-3c4a-9d611cfa7bdb.23_1352960-69430711%7C17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161,sinceFw:84,readyFired:true%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
google
match.adsrvr.org/track/cmf/ Frame 6463 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/google?google_gid=CAESELl6ERrca-CBPg88KhFUeJ0&google_cver=1&google_push=Aa02lx8cbuxLb_iv8JIjg_utFvoiAt8bM8k8NiTH21agBLhM-O7PBdT5vogNocYaViMYjXiPuEh5ieYtEfT4khfmcUyGvedXClc-
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 6463
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEJ8SjQ8D0OIcN1j-mjLSrpA&google_cver=1&google_push=Aa02lx_qUM0RkeyxUnVKGI5jCoH0mOEYqCIFhhcvwHdgKebEyZHa1wZQyxFyPdFY3JRWZ0r-hOMSxuaxgoW0U3bnomx3nnY...
  • https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_qUM0RkeyxUnVKGI5jCoH0mOEYqCIFhhcvwHdgKebEyZHa1wZQyxFyPdFY3JRWZ0r-hOMSxuaxgoW0U3bnomx3nnYs71VTVA&google_hm=eS1PWDZSb1A1RTJwRlJk...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_qUM0RkeyxUnVKGI5jCoH0mOEYqCIFhhcvwHdgKebEyZHa1wZQyxFyPdFY3JRWZ0r-hOMSxuaxgoW0U3bnomx3nnYs71VTVA&google_hm=eS1PWDZSb1A1RTJwRlJkOGFRTjF3Tm55OUQzaXJ6MjJGYX5B
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date
Wed, 15 Feb 2023 18:28:49 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=Aa02lx_qUM0RkeyxUnVKGI5jCoH0mOEYqCIFhhcvwHdgKebEyZHa1wZQyxFyPdFY3JRWZ0r-hOMSxuaxgoW0U3bnomx3nnYs71VTVA&google_hm=eS1PWDZSb1A1RTJwRlJkOGFRTjF3Tm55OUQzaXJ6MjJGYX5B
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6463
Redirect Chain
  • https://d5p.de17a.com/cookies/google?google_gid=CAESEBONITp9ma-tJn2SCK6cBOk&google_cver=1&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K1u...
  • https://d5p.de17a.com/cookies/google;c?google_gid=CAESEBONITp9ma-tJn2SCK6cBOk&google_cver=1&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K...
  • https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K1uwOBuSUA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K1uwOBuSUA
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=Aa02lx9_YptSSBAamYWPokJNHbBr7Hep3DBswh07RMzlEpgtv8utT9S3nVG3titlHI-aH07Z90tkPjb5ktVW6aC-up_9K1uwOBuSUA
content-length
0
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
pixel
cm.g.doubleclick.net/ Frame 6463
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEOybuuzQLOXM1Z0Ri755l3c&google_cver=1&googl...
  • https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOybuuzQLOXM1Z0Ri755l3c&google_hm=Y-0kX9UJa8vwejAZudlJFQAABJQAAAAB&google_nid=index&google_push=Aa02lx8D2ZjM23L8-JMQ8_9z2WFWRdWfcwzDM...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOybuuzQLOXM1Z0Ri755l3c&google_hm=Y-0kX9UJa8vwejAZudlJFQAABJQAAAAB&google_nid=index&google_push=Aa02lx8D2ZjM23L8-JMQ8_9z2WFWRdWfcwzDM4tDQvg4CGX1cjA5yBnFe0S0jhOMfmFXXFQ1UHfRtKipT70DqmN7UlcRALhHaShBlQ
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUniF5rDcNOF7KKVe5c8%2B84uKCaQ%2BO96qNlFkXteX8KrkZ1SC5QwHKdxe86Etq%2FN%2BgzAKo8YqvQ1g7f1kCIup1DykY47nIQyUb%2B%2FOaOPVzVOF0FGMXkVNKxdEz4QmgmD2vGmWGQXNBt6BA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEOybuuzQLOXM1Z0Ri755l3c&google_hm=Y-0kX9UJa8vwejAZudlJFQAABJQAAAAB&google_nid=index&google_push=Aa02lx8D2ZjM23L8-JMQ8_9z2WFWRdWfcwzDM4tDQvg4CGX1cjA5yBnFe0S0jhOMfmFXXFQ1UHfRtKipT70DqmN7UlcRALhHaShBlQ
cache-control
no-cache
cf-ray
79a01b02af0ebb50-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
0
expires
0
pixel
cm.g.doubleclick.net/ Frame 6463
Redirect Chain
  • https://ads.yieldmo.com/exptsync?google_gid=CAESEIu8w1O95TYzbYLigVcxBIM&google_cver=1&google_push=Aa02lx-gNtifjexKMfBMtg4x5zwtquauHsD-kB2QJ56PiUY-uFLrSbM0D3fcNJDHA2U1rt_NSM5qgNWwamBx6ugnkIHrZ8gcjMRCig
  • https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aa02lx-gNtifjexKMfBMtg4x5zwtquauHsD-kB2QJ56PiUY-uFLrSbM0D3fcNJDHA2U1rt_NSM5qgNWwamBx6ugnkIHrZ8gcjMRCig&google_hm=Z2MzM2U1ZjdiMmZkOT...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aa02lx-gNtifjexKMfBMtg4x5zwtquauHsD-kB2QJ56PiUY-uFLrSbM0D3fcNJDHA2U1rt_NSM5qgNWwamBx6ugnkIHrZ8gcjMRCig&google_hm=Z2MzM2U1ZjdiMmZkOTcyYTViN2U=
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cm.g.doubleclick.net/pixel?google_nid=yieldmo&google_push=Aa02lx-gNtifjexKMfBMtg4x5zwtquauHsD-kB2QJ56PiUY-uFLrSbM0D3fcNJDHA2U1rt_NSM5qgNWwamBx6ugnkIHrZ8gcjMRCig&google_hm=Z2MzM2U1ZjdiMmZkOTcyYTViN2U=
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
pixel
cm.g.doubleclick.net/ Frame 6463
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3D%5BRX_SPD%5D%26google_hm%3D%5BRX_UUID_B64_BIN%5D&google_gid=CAESEE...
  • https://sync.1rx.io/usersync2/rmpssp?sub=google&zcc=1&google_push=Aa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA&redir=https%3A%2F%2Fcm.g.dou...
  • https://sync.targeting.unrulymedia.com/csync/RX-cfb0bc32-0a76-4620-9f19-9cea91e7a911-003?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dr1%26google_push%3DAa02lx_9QWskhtxjjRIYzs-Fb...
  • https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA&google_hm=A8-wvDIKdkYgnxmc6pHnqRE
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA&google_hm=A8-wvDIKdkYgnxmc6pHnqRE
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=r1&google_push=Aa02lx_9QWskhtxjjRIYzs-Fb0rN9vc499Bq1yNUu7ZNIVOqAWuMVGlOE3ghY6Kmif_KfM2BQSVz-x0rCtW3BsmyoRRxy_WVDiTLQA&google_hm=A8-wvDIKdkYgnxmc6pHnqRE
date
Wed, 15 Feb 2023 18:28:49 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXcfb0bc320a7646209f199cea91e7a911003
content-type
text/html
pixel
cm.g.doubleclick.net/ Frame 6463
Redirect Chain
  • https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEPwGPGvgAZPJQfC7uWJKPS0&google_cver=1&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05c6JSHThyXn0sVa42RSramg_y7XzcUcsGB0...
  • https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05c6JSHThyXn0sVa42RSramg_y7XzcUcsGB06...
  • https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyMzc0NTY4NDU5MzczNjQ3OTQ5&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05...
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyMzc0NTY4NDU5MzczNjQ3OTQ5&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05c6JSHThyXn0sVa42RSramg_y7XzcUcsGB06p1A
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MzEyMzc0NTY4NDU5MzczNjQ3OTQ5&google_push=Aa02lx8rY2HLbWfwK7TCZjkxAKjddRhcY9kxqzSnux_A4BJB3qE0gUPa3uXcYS05c6JSHThyXn0sVa42RSramg_y7XzcUcsGB06p1A
date
Wed, 15 Feb 2023 18:28:49 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
attr
cm.g.doubleclick.net/pixel/ Frame 6463 		0
12 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LXPMCaHeIXfbzRPSVRxO5frwahCVlzVwxo3N1FR05_KocOcKy5LdGFjIhnMAx5q-TtLueY
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.201.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s35-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://pagead2.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:49 GMT
server
HTTP server (unknown)
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
content-type
text/html
tweenmax_2.0.1_min.js
s0.2mdn.net/ads/studio/cached_libs/ Frame B467 		113 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.0.1_min.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38915
x-xss-protection
0
last-modified
Tue, 19 Jun 2018 18:02:41 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=0
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:28:50 GMT
Enabler_01_247.js
s0.2mdn.net/879366/ Frame B467 		118 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/879366/Enabler_01_247.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 06:22:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
43596
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
41099
x-xss-protection
0
last-modified
Mon, 27 Sep 2021 18:45:07 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Thu, 16 Feb 2023 06:22:13 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame E507 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BMvcEYSTtY5CRE47UgAfN34GACQAAAAA4AeAEAg&bg=!oKOlo_fNAAYuhb89DoU7ADkAdvg8Whw8M-Qk-opZhwnsRPMM-eEgA1dAid0gStdq3HoWlQ5xDiKyPmd734dMLLHytSKcyYeWuA4CAAAAelIAAAACaAEHCgBE6ZaFg8RUwIOsM39EIStmDop0fl32XjpNflsPtJ_lfHAx0mopxAU--q38kwBhctZ1KCb00LlB5akbISYFCj9kc7PQ-4eZAw8KIPulxVJIwNk-diQpqgkKwBOMAVeY9Hgs7V-8c-sD1lCxJcyU2XWn7rDRnEmmF1fCxu4cf6fQSJW6BS8sQa-fHw8dFZzSXpl5_B0FUsa2iMU6u7_6gtAaechUiw_4npOVwxP_3NowJ_QHB2bRHDdFmre5ntvV9uCyMTUFvAj9lmI3s5I1qLMk_A5OhbUt8qitmq_dBDB9C4b2ke8QZWN9fNz4OeECvD9eeU1WPyJsDvmMJq-FNnjQh94kNSTp3Yj5mYmu0Xwimp8F0kIwSzpJgl7TBgFlVHx6IK3kRYIOcNP1tgTJgRH1l9_m9QZmyUuU4jYOVf9IR2TvN-of9JvEhFSmydM7ZqB-2OiW49yfBGIadNaOuPMkM3EXqwCdSXXaWNs26h556QeP5DoJW-ryYscZhidQqE8TaG30iAE8bCQcxsebX7BaBbqjIVsqD-w20i8byyC6Xwz_fdaJKPV0WGpwnjg8_kt8gQgHCnzMd2FJv6VyK5G6cSUIwgRNOjwFegQ6ep6rSvJSB5wh9xKMfJ7VDC1bL6xTx3rd9yTuV0wLaU5Bt3CSnj4bPJ6dcgQ_ok3IicoupFCGn7BiD3soUki6Uey-yPnFsDp6ESvTNWryMupG2-2XGyzR-pw0cDFu0ZNEa3lUFelttXyW4yeknOUrX5pH3oqlDM4tjZBpwkU1hK2vltcBcSJViXZFsM3I1_EB5xJ_s63sSicsWj2pHRscmOC--Bp5zZbVwABLkYWNApg2s5J5gP8zyveD1SQciye7QKVnwz2__Pz67qgCZwCHMd4JSSGIHSKtaudpBcBPMU0HokIyPoDUTj_aOzcGkDz7vFsgeUExOGczjCiDIxboxhwTb90btyZY_8uQcYg99I0WQ-oIhIltSaTIactkl4VlnbV25uAMFNmy9gl9JcNL8mtycI5EF77HK-GVtvSqWsUMWlCCmZJmdxxh155yGvOxdvGxPBvkhRWcXPxp8kIVMfQHqMK0G79rd6pcypEPtOL4qwT9kNyZPQ-Cs_TZ3f8fZwft83i4VSPfEnY
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCNPs,time:250,type:e,im:%7BpWait:8%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:250,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B157~100%5D,as:%5B157~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75,sis:178%7D&br=c
Requested by
Host: 4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:49 GMT
server
nginx
x-server-name
dt24.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
view
googleads4.g.doubleclick.net/pcs/ Frame 0B09 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv_uAE2minsBCJj00t1NxKpjAmopny2N63OSJom2aG2GkgVMtd7Dli3LjkfEFnMqOQzzGUerElw3NLkZDgt8xo10rOXEq6ufqNUg3ifJhl6rt61W0OZzF9E_EHtK3hD0wH8qd5D93Pwl6b4nNKOx4XbGLT3ZU7zGDRD9GXQ-A&sai=AMfl-YQU34LjGYLDfFXH4Bc1SYo-YqfB5TTNzg9JOn3g9itSjZ_lXx7XquRG_sXzt8YeXAPImX_NTHTKPbbYcCfvXvq6iyRBXYIX_fD37Xbevq0YMuQOW0ZFMgCq4EH3cAo&sig=Cg0ArKJSzHo7v38B4tvXEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=976&vt=11&dtpt=815&dett=3&cstd=156&cisv=r20230213.26698&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=
Requested by
Host: mysillysquirts.com
URL: https://mysillysquirts.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.208.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bud02s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:50 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 15 Feb 2023 18:28:50 GMT
main.js
s0.2mdn.net/creatives/assets/4703545/ Frame B467 		2 KB
812 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/main.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:27:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
64
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
778
x-xss-protection
0
last-modified
Fri, 25 Nov 2022 14:38:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:42:46 GMT
sodar
pagead2.googlesyndication.com/getconfig/ Frame B467 		7 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_247&st=int
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
889e811dced404c7b63b97539f9d972b7f2925c847758c83e259aaf0c14249fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:50 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5730
x-xss-protection
0
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCO1d,time:979,type:e,im:%7BpLoad:946%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:979,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B886~100%5D,as:%5B886~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:213,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75,sis:178%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:50 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
728x90_de-de_performance.js
s0.2mdn.net/creatives/assets/4703545/ Frame B467 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
20ace21a6a85fac08d353bd798f34c2c3d91764b2865a561d32f50a4817c7c8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:16:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
737
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
17811
x-xss-protection
0
last-modified
Fri, 03 Feb 2023 09:51:54 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:31:33 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ Frame B467 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_247.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:28:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 15 Feb 2023 18:28:50 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 0B09 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssoe3GxALXrsTiO-avDiEXN72isiED_0CCHKYiHawZfbHvZewyQvMxUsMLJAQ6h86BaFtAQ2rCotRCECA4J6aVQuM9YoUAdPwNsYAmX-AnzmpRJbt6u_lV9uwT9qWRtJcECVU1KoA&sai=AMfl-YR9UKFqNmWFHMCqCht6dN-BdCXVO0Y47eFhyI_OpTYQv1XSzxAyqb6Nd9WWEYkIvJFiNvYj2TKYi-Bo_AIuGt2SVEkk8eXexdbbk1CDw3nzUzN47-qhYcsIaXH3&sig=Cg0ArKJSzNTzoDkWIPlfEAE&cid=CAQSPADUE5ym-2hTh2Dg2g5JrAByXAza5JMD56DwE6lcSi6Of-VVkYsp9yyTxXYSxSiwXupD3AQUTQSrhm_9kxgB&id=lidar2&mcvt=1000&p=1110,436,1200,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1354456381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1676485729105&rpt=387&isd=0&lsd=0&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:50 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
star_alliance.svg
s0.2mdn.net/creatives/assets/4689654/ Frame B467 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/star_alliance.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:18:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
592
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1840
x-xss-protection
0
last-modified
Tue, 04 Oct 2022 11:00:32 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:33:58 GMT
lh_logotype_single.svg
s0.2mdn.net/creatives/assets/4689654/ Frame B467 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_logotype_single.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:26:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
111
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2151
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:58 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:41:59 GMT
lh_crane.svg
s0.2mdn.net/creatives/assets/4689654/ Frame B467 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4689654/lh_crane.svg
Requested by
Host: s0.2mdn.net
URL: https://s0.2mdn.net/creatives/assets/4703545/728x90_de-de_performance.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:14:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
859
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1311
x-xss-protection
0
last-modified
Tue, 18 Oct 2022 09:41:55 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:29:31 GMT
NH_D_EU_Germany-Windows-European_728x90.jpg
s0.2mdn.net/creatives/assets/4703548/ Frame B467 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/creatives/assets/4703548/NH_D_EU_Germany-Windows-European_728x90.jpg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8c6282b043a74b1d92d9edee077e30492ec94b17b7dd9735be93b93b6118db54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:24:54 GMT
x-content-type-options
nosniff
age
236
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
45135
x-xss-protection
0
last-modified
Tue, 08 Nov 2022 08:39:42 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:39:54 GMT
LufthansaHeadWeb-Bold.woff2
s0.2mdn.net/creatives/assets/4714589/ Frame B467 		50 KB
50 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/creatives/assets/4714589/LufthansaHeadWeb-Bold.woff2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:805::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://s0.2mdn.net/sadbundle/16644202875967455809/index.html?e=69&leftOffset=0&topOffset=0&c=iQkkm7VdQj&t=1&renderingType=2&ev=01_247
Origin
https://s0.2mdn.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 18:26:26 GMT
x-content-type-options
nosniff
age
144
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51548
x-xss-protection
0
last-modified
Fri, 18 Nov 2022 11:46:13 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=900
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 15 Feb 2023 18:41:26 GMT
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCO2Z,pingTime:1,time:1201,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:160%7D,%7Bpiv:100,vs:i,t:198%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1201,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:330,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C17.1352960-69430711%7C171%7C172%7C173,idMap:17.73968860-c2da-549f-3c4a-9d611cfa7bdb.23_1352960-69430711%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161,sis:261%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:50 GMT
server
nginx
x-server-name
dt04.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCO2Z,pingTime:1,time:1201,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:160%7D,%7Bpiv:100,vs:i,t:198%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1201,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:330,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C17.1352960-69430711%7C171%7C172%7C173,idMap:17.73968860-c2da-549f-3c4a-9d611cfa7bdb.23_1352960-69430711%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161,sis:261,metricId:publ1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:50 GMT
server
nginx
x-server-name
dt03.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCO30,pingTime:1,time:1202,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:160%7D,%7Bpiv:100,vs:i,t:198%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1202,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:330,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C17.1352960-69430711%7C171%7C172%7C173,idMap:17.73968860-c2da-549f-3c4a-9d611cfa7bdb.23_1352960-69430711%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161,sis:261,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:50 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCO36,pingTime:1,time:1096,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:74%7D,%7Bpiv:100,vs:i,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1096,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1003~100%5D,as:%5B1003~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:213,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75,sis:178%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:50 GMT
server
nginx
x-server-name
dt01.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCO36,pingTime:1,time:1096,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:74%7D,%7Bpiv:100,vs:i,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1096,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1004~100%5D,as:%5B1004~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:213,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75,sis:178,metricId:grpm1,cmr:t%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:50 GMT
server
nginx
x-server-name
dt18.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
pagead2.googlesyndication.com/bg/ Frame BA37 		36 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6-mBnbZZAXMPHT3hzvxeUCpCwb2zquUgwTdAFaKOTjQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

date
Wed, 15 Feb 2023 09:06:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
33763
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14458
x-xss-protection
0
last-modified
Tue, 07 Feb 2023 17:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:06:07 GMT
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCOgf,pingTime:-10,time:2023,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1676485728042%7C%7Ccbc3be7467669b7ff4b352e4b5b28390%7C%7C41c5992836ce3b548d2ab9f4e4ccb0b4%7C%7Cf519be2ac11cc597e7506efe51c3d7fc%7C%7C2df911e83a1605cdba5a3eb4d564195d%7C%7Cf65223612c37fe5d6780809de6b20d29%7C%7Cd93060f0fae2b21f04734b0c8aa88005%7C%7Cf6a7e92a91e45b7176abbd3c0fe8dac2%7C%7C1663701684,sca:%7Bspg:e997eaa7-d5a7-ad98-6a71-7721cb79b40d%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:51 GMT
server
nginx
x-server-name
dt19.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
gen_204
pagead2.googlesyndication.com/pagead/ Frame 0B09 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tler&ord=7942089248255&version=m202301230201&ct=76&x=1&cor=15692967028018870000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:51 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dt
dt.adsafeprotected.com/ Frame 0B09 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCOoc,pingTime:-10,time:2404,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEwLjAuNTQ4MS4xMDAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222222222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1676485728042%7C%7Ccbc3be7467669b7ff4b352e4b5b28390%7C%7C41c5992836ce3b548d2ab9f4e4ccb0b4%7C%7Cf519be2ac11cc597e7506efe51c3d7fc%7C%7C2df911e83a1605cdba5a3eb4d564195d%7C%7Cf65223612c37fe5d6780809de6b20d29%7C%7Cd93060f0fae2b21f04734b0c8aa88005%7C%7Cf6a7e92a91e45b7176abbd3c0fe8dac2%7C%7C1663701684,sca:%7Bspg:e997eaa7-d5a7-ad98-6a71-7721cb79b40d%7D%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:51 GMT
server
nginx
x-server-name
dt26.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 4B08 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?advEntityId=1333404&asId=e997eaa7-d5a7-ad98-6a71-7721cb79b40d&tv=%7Bc:4jCOPb,pingTime:5,time:6099,type:p,clog:%5B%7Bpiv:0,vs:o,r:r,w:728,h:90,t:17%7D,%7Bpiv:100,vs:i,r:,t:1098%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:1,slTimes:%7Bi:5001,o:1098,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:17,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B1093~0,1~100%5D,as:%5B1094~728.90%5D%7D%7D,%7Bsl:i,t:1098,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:sp,cc:0.0.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:363,fm:tvXtgee+11%7C12%7C13%7C14*.1333404-69076805%7C141%7C142%7C143%7C151%7C161%7C162%7C17.925113%7C18,idMap:14*,rmeas:1,rend:1,renddet:XIFRAME.qs.dr,siq:18,sis:215%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1ff7:f8bb:5daf:de82 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.100 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Feb 2023 18:28:53 GMT
server
nginx
x-server-name
dt25.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
dt
dt.adsafeprotected.com/ Frame 0B09 		0
0
dt
dt.adsafeprotected.com/ Frame 0B09 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
protected-by.clarium.io
URL
https://protected-by.clarium.io/log
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv8fvRLVHBv1aade9ih-CHW5ZzUTzSTaKZX9PWJeCbDIeTFYKqdSscp3vUU84k6CNKGxMKc9OzLDuupTwPCHzCzk71SWGJa9nUW1C8vy4IXEI0Mby8oggJkBHiwxR_AksVor8YOpQ&sai=AMfl-YRUdaXjgvwF3Wy3l8MWHFVk--5FLTSLsUkbOHgrOcSG2SVk39iKnaCHJTeB5yMVV48kFhcqkMsc30DVW7TMPtC0qo2gWddhcBs2no0GQtwH9phddkH7aWgvD1RbdG5P-hqPIBhGGxmxFdILCw&sig=Cg0ArKJSzPaUhORTrDFgEAE&cid=CAQSTADUE5ymNfMRvs53Tm_D0yjXBcK6U-pc62oSNwRUzFxNZ3s_MZaz8iHXPWvOA5QJ2oIhdAMt91_Buh2lIrx3Iywj5_5G6Ycm7VbIdCkYAQ&id=lidartos&mcvt=414&p=1110,436,1200,1164&mtos=414,414,414,414,414&tos=414,0,0,0,0&v=20230213&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1354456381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=3&r=b&rst=1676485726850&rpt=1823&isd=0&lsd=0&ec=1&met=ce&wmsd=0&pbe=0&vae=0&spb=0
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?anId=925113&asId=886b7812-b069-38ca-8449-fc452d8dd244&tv=%7Bc:4jCP5u,pingTime:5,time:5200,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:160%7D,%7Bpiv:100,vs:i,t:198%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5200,o:0,n:198,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:159,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~728.90%5D%7D%7D,%7Bsl:i,t:198,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~100%5D,as:%5B5002~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:181,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C171%7C172%7C173,fm2:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.925113%7C17.1352960-69430711%7C171%7C172%7C173,idMap:17.73968860-c2da-549f-3c4a-9d611cfa7bdb.23_1352960-69430711%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:161,sis:261%7D&br=c
Domain
dt.adsafeprotected.com
URL
https://dt.adsafeprotected.com/dt?advEntityId=1352960&asId=73968860-c2da-549f-3c4a-9d611cfa7bdb&tv=%7Bc:4jCP5A,pingTime:5,time:5094,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:728,h:90,t:74%7D,%7Bpiv:100,vs:i,t:93%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5094,o:0,n:93,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:74,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B24~1%5D,as:%5B24~728.90%5D%7D%7D,%7Bsl:i,t:93,wc:0.0.1600.1200,ac:NaN.NaN.728.90,am:i,cc:NaN.NaN.728.90,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~728.90%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:180,fm:tvXtgee+11%7C12%7C13%7C14.1333404-69076805%7C141%7C142%7C143%7C144%7C151%7C152%7C1531%7C1532%7C16%7C17*.1352960-69430711%7C171%7C172%7C173%7C174,idMap:17.886b7812-b069-38ca-8449-fc452d8dd244.47_925113%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:75,sis:178%7D&br=c

Verdicts & Comments Add Verdict or Comment

101 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 boolean| credentialless object| oncontentvisibilityautostatechange object| _wpemojiSettings undefined| $ function| jQuery function| Cookies object| pysOptions function| pys_generate_token function| getBundlePriceOnSingleProduct function| getPixelBySlag function| getUrlParameter object| pys object| $MMT function| gtag object| dataLayer object| jpibfi_options object| kadenceConfig function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery function| b64e function| b64d object| ai_front number| ai_jquery_waiting_counter function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_load_cookie function| ai_set_cookie function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_adsense_fallback_codes function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| MobileDetect function| ai_run_614139720379 boolean| ai_js_code object| twemoji object| wp function| parcelRequire function| ai_document_write string| selector_string object| mvGrowData function| growMe object| kadence function| pintrk object| jpibfi_debugger function| ai_process_lists object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga function| onYouTubeIframeAPIReady object| gaGlobal function| xDomainCookie object| gaplugins object| gaData function| confiantWrap object| pbjsChunk object| pbjs object| _pbjsGlobals object| mnet object| apstag object| ifvisible object| googletag object| __connect object| headertag boolean| apstagLOADED object| apscustom object| confiant boolean| creativeVendorLibraryLoaded object| ggeac object| google_js_reporting_queue undefined| google_measure_js_timing function| setImmediate function| clearImmediate object| ID5 object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| google_image_requests object| confiantRefreshSlots object| confiantRefreshSlotsDebug function| arrive function| unbindArrive function| leave function| unbindLeave

34 Cookies

Domain/Path Name / Value
mysillysquirts.com/ Name: pys_session_limit
Value: true
mysillysquirts.com/ Name: pys_start_session
Value: true
mysillysquirts.com/ Name: pys_first_visit
Value: true
mysillysquirts.com/ Name: pysTrafficSource
Value: direct
mysillysquirts.com/ Name: pys_landing_page
Value: https://mysillysquirts.com/
mysillysquirts.com/ Name: last_pysTrafficSource
Value: direct
mysillysquirts.com/ Name: last_pys_landing_page
Value: https://mysillysquirts.com/
.mysillysquirts.com/ Name: _ga_9X8EGH6XFX
Value: GS1.1.1676485725.1.0.1676485725.0.0.0
.mysillysquirts.com/ Name: _ga_PCY5P3Z08Q
Value: GS1.1.1676485725.1.0.1676485725.60.0.0
.mysillysquirts.com/ Name: _ga
Value: GA1.2.1837310906.1676485725
.mysillysquirts.com/ Name: _gid
Value: GA1.2.1167543487.1676485726
.mysillysquirts.com/ Name: _gat_gtag_UA_149766563_1
Value: 1
mysillysquirts.com/ Name: session
Value: a5b06549-967e-42d2-bfa4-a5af1bcd5441
mysillysquirts.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.mysillysquirts.com/ Name: _pin_unauth
Value: dWlkPU9UWTROMlJtTVdFdE56aGhOQzAwTVRWaExXRm1aVFF0WkRVMU56QTVaRGxtWmpZMg
.mysillysquirts.com/ Name: __gads
Value: ID=a80e07f66e081822:T=1676485726:S=ALNI_MZneKkXa-YG7B_vHYgg3KehnIMqBQ
.mysillysquirts.com/ Name: __gpi
Value: UID=00000bb731f6df26:T=1676485726:RT=1676485726:S=ALNI_MbCU4jdxyra76o8enYv7ta18Y_scQ
.doubleclick.net/ Name: IDE
Value: AHWqTUnF-3JAbVOkSIctKClcjTwnbjDLUCCqarAQ3HFqimO7vYgqywd3UcVHAavn
m.exactag.com/ Name: exactag_new_gk
Value: e23f3d0948164caeb948547562650370%7c16.04.2023+18%3a28%3a46
m.exactag.com/ Name: exactag_new_uk
Value: 23cd7274a300458aac089f4f87cbcd9b%7c
m.exactag.com/ Name: session_session
Value: 83aea0294f114779a96bc1c3
.adform.net/ Name: C
Value: 1
.casalemedia.com/ Name: CMID
Value: Y.0kX9UJa8vwejAZudlJFQAA
.casalemedia.com/ Name: CMPS
Value: 1172
.casalemedia.com/ Name: CMPRO
Value: 1172
.adnxs.com/ Name: uuid2
Value: 1530244300838907347
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2GU)nqhf7!]tbPl1M>e)ZlrFUfJ+tGXxoH<BcLoE!)CKE[If%:]W[<Sm_-k[82CJBR[:e3If)y3KL9D3I?+B#ZyZO
.adform.net/ Name: uid
Value: 8870186417283363681
.3lift.com/ Name: tluid
Value: 312374568459373647949
.de17a.com/ Name: guid
Value: 1.9097529982288434381
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cfb0bc32-0a76-4620-9f19-9cea91e7a911-003%22%7D
.yahoo.com/ Name: A3
Value: d=AQABBGEk7WMCEHQIZHHs4mp1xOMwlf5jIXAFEgEBAQF17mP3YwAAAAAA_eMAAA&S=AQAAAjcJ8p8Leyf5JYOYYrrk2ws
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-cfb0bc32-0a76-4620-9f19-9cea91e7a911-003%22%7D
.yieldmo.com/ Name: yieldmo_id
Value: gc33e5f7b2fd972a5b7e%7C1676485729882%7C0%7C

5 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
network error URL: https://ct.pinterest.com/v3/?tid=261477440836&pd=%7B%22np%22%3A%22pixelyoursite%22%7D&event=init&ad=%7B%22loc%22%3A%22https%3A%2F%2Fmysillysquirts.com%2F%22%2C%22ref%22%3A%22%22%2C%22if%22%3Afalse%2C%22sh%22%3A1200%2C%22sw%22%3A1600%2C%22mh%22%3A%2257992c41%22%2C%22is_eu%22%3Atrue%2C%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%2C%22ecm_enabled%22%3Afalse%7D&cb=1676485725807
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://signal-floors.s-onetag.com/mysillysquirts.com/mmt-387cadb1-2eed-426d-ac3b-8640b24449c9-ad%252B%2526mmt-a1e9bf92-6f8a-4c43-b80a-a7f474d6db64-ad%252B%2526mmt-2b61d745-99fa-4edb-92c9-f8d4c1b463a9-ad%252B%2526mmt-8bda25ee-78fb-4011-bbad-88eceafbd53e-ad
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Message:
Refused to execute script from 'https://m.exactag.com/ai.aspx?extProvId=327&extPu=vf-dv360&extLi=17054710310&extPm=17054710310&extCr=466627326&rnd=1676485726346662' because its MIME type ('image/gif') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

4cd9396842ba7ebc09febe524bfa19b2.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
ads.yieldmo.com
adservice.google.com
adservice.google.de
api.rlcdn.com
as-sec.casalemedia.com
bid.g.doubleclick.net
c.amazon-adsystem.com
c.bannerflow.net
cdn.confiant-integrations.net
cdn.doubleverify.com
cdn.id5-sync.com
cm.g.doubleclick.net
ct.pinterest.com
d5p.de17a.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
fonts.googleapis.com
fonts.gstatic.com
fw.adsafeprotected.com
get.s-onetag.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id5-sync.com
imps.monu.delivery
js-sec.indexww.com
lb.eu-1-id5-sync.com
m.exactag.com
match.adsrvr.org
monu.delivery
mysillysquirts.com
onetag-geo.s-onetag.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pr-bh.ybp.yahoo.com
prod.us-east-1.cxm-bcn.publisher-services.amazon.dev
protected-by.clarium.io
region1.analytics.google.com
region1.google-analytics.com
rtb0.doubleverify.com
rtbc-eu3.doubleverify.com
s.pinimg.com
s0.2mdn.net
s1.adform.net
securepubads.g.doubleclick.net
signal-beacon.s-onetag.com
signal-floors.s-onetag.com
signal-segments.s-onetag.com
ssum-sec.casalemedia.com
static.adsafeprotected.com
stats.g.doubleclick.net
sync.1rx.io
sync.targeting.unrulymedia.com
sync.teads.tv
tpc.googlesyndication.com
track.adform.net
us-u.openx.net
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
dt.adsafeprotected.com
pagead2.googlesyndication.com
protected-by.clarium.io
104.111.217.42
104.18.10.47
104.18.24.185
104.18.25.185
13.224.189.13
13.224.189.5
13.224.195.78
13.225.78.19
13.225.78.44
13.225.78.71
13.248.245.213
141.95.33.111
142.250.201.194
142.250.27.155
142.251.208.130
162.19.138.82
18.66.23.210
185.80.39.216
185.83.142.19
194.1.147.10
194.1.147.44
2001:4860:4802:32::36
213.155.156.165
213.19.147.44
23.206.208.183
2600:1f13:800:7781:1ff7:f8bb:5daf:de82
2600:9000:214f:fe00:8:48e:53c0:93a1
2606:4700:10::ac43:266a
2606:4700:4400::6812:220a
2606:4700::6810:c40
2a00:1450:4001:802::2002
2a00:1450:4001:803::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2002
2a00:1450:4001:828::200a
2a00:1450:4001:829::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200e
2a00:1450:400c:c09::9d
2a00:1450:400d:805::2006
2a00:1450:400d:806::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80d::2001
2a01:7e00:1::b903:5c4c
2a02:26f0:3500:d::1732:83d6
2a04:4e42:41::84
2a05:d018:d29:3601:428e:df6b:6d4d:d1e4
34.120.133.55
34.149.12.213
34.246.236.161
34.247.9.207
34.98.64.218
35.186.236.140
35.71.131.137
37.157.4.29
37.157.5.71
44.207.220.40
79.125.109.97
85.14.248.91
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04f457622b521b6628a1893ef349d684142f1347b42d421ed32df455fde5d5a7
04ffd366d650b62aa1dacc3b0a2f59f20246fadef0e62f1c15dcdcea70888708
059a36bcdf44b177b7d4baefc30db58ea677f7721770d2ef66f959890fe50fdf
05e77dab19940dd457e00282837faecc886434cc8cc5f631575a5e6c386de774
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06d0965f0851d3936c68da6d6de73163a6bb32e3f134822ccfec6d28f185ff29
071a0b2f09882caaad233b142c9fe60cee4a3af7df793c1aa3e53563be08b555
0812e9deb79e2488e0e5b1987bb31640869a0e02160b5c5da3856ae132a0cca5
0937a8903ce9027c6f433ddda4c1c9df0c5e6d64aea3696396b0c22c0e85661a
094e00b708e00a1de8c8fe1c172a1319792657720d8cc18a96232f7f2e862036
097507e149e448fc4db409df7d37142498651d27d5f7a5cd5a25bf1959d72b5a
0a43c20863b324fe2bec355b5ebdc6566861742f92018f12be1b38fa2c8b7767
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
10956105f5cb552528050089536e484652ba08ea740384856ec466731680c675
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
16b432ac8f43a6b2d8aa358f41ee60e2ef5923b2645bf2c37f3a06f8334b1557
190ee7df80d389e9170254bfe08802a4fff521bb2cec0af88e4b006438199b0c
19eb765b0d061355ef5bacfe138b01082b753a726388ecc614977aeb6f6b8f5c
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1d84738c2afaf595ff5d4921d8dc6bb5ce19a7b9c33a6c02d8a35ff80611cc87
20ace21a6a85fac08d353bd798f34c2c3d91764b2865a561d32f50a4817c7c8a
2164ccda35ef9f1994988c3854e7941905fffa2b6edf0a2f32826ada9b4c3ed0
23d143dd4acb1b86cb7675ea3cf80520ac58bd75bc522186ff61c6a621fe68f0
25751a093fd9dc0f95cec625d6ee019d8fa20dfe69650e265241547ffb6f4cc8
27564fe0e5a95c61c9fbd45ecdb0a0a640fbb320bb64a54f3307a52fe96f86e4
27d55c2b35aae45faf6f364c70c8ac453c18d8726cc1bc26b6c178dd28d6a83a
27e7544dfa3e95deb27a4de6657896384e1a303482fb3249aa9b50caa2b0bc03
2b4727366dbbf82f3dc7d48c30bc9444860158da542dcc4b04eeeb6e0a7b6d60
2bab7f53a7e1c2411997c3f279c39a05b9a82ac777c7d5f09480ec813affe867
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3220add1221254466cf862b633c75f713d8a053465f77f44729cec279334b786
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
37045bf0d243623db4f2e99567c986944957b336dafa6368f4f75bcbad6fc4fa
3cbd9986a12de5e80817a9553551a8a64932a9628aa655e024f3b267c43a189d
3d2067d4b9b5b9d3003ffa4dc17b44616dc00a543f59eea17df555e959f20b53
3ee2edf2ddb1d690e30013c9af36fd43243bded4b13941716fe64bc54dd9c8f0
3f5a33801c2430f432473ae8c2dbb94d907f8453627ef4e9b70354b25f7f7cad
401cdcd91633f7d371d873008bf7ae6affa0c84f8ec45ce561a1ac94ec04b57a
41107b3cd820a6c6a8f93fed73dca66867b14a64769ec41fccb2a214a354e3f0
41ecb8fd0d1474f9c108f5c08824dbbe7d7c81494268d0849abb76e5c6217400
42266833a1d1cc31f5bc8a4fad3027254d14367ff40232a8d7e97b4de2c941a4
467a5b06cb117035f7882e8c71d80e093f04ce586c1ac2b84e7e4adf978edb30
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4aaaf183987b18a9443083873e5c489f1543ce6acabe355a182887c1cb7b713c
4af105297c5b49ca668eaa0774c0eb479e907175f12ccc30e9c038dd7b6fcaf0
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c0f9b6be5eb7a9f798714bce96f09e728ea6b4c9241a25a0fa050847b18e5e3
4ce3230b9e066248a47bc5bda0de3c15431306fa3e447bacce88b2b87f0f0c1d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
515046f17366202aff636868d8a4f17021a2c5e47311ec0889bd7c1b8c5d7974
51c012cf2461bf8b29f345373366183c7fd121579b6178e942be0b61d8c7da14
525cd4aed7867b7d5f12fc09a4b1915ee7760fdace4b23a6f32079f4de1e829f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a506a9630390b6dc5afe9042358b2db6ce8c09b0faa041c908b236687b42cc0
5a5f39391fbf5b06db84b8f9716d53de575ee97a627d2c5f12f79a991a671eb5
5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782
5b138e591d4963439fbf4da64464c34b1de65c70c33364bc76e9b0beee25db07
5c5d87821b8806898a69c4e8cdc26f7fc8ea4bb175006aa060ca229f4810a0af
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5dac274ec554db66ab7a95c4a389f1ecb3652da803eaf68cc3cae511fa44f7ff
5fc95e0959b11a7ee1abe2107ed1daf4d67da7f6e99f962c486a817c9029db99
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62afec092c21b138eeb1fc55859f60c19dd12ca3c02bdfeb336a820b016a547b
65339f5360bbd30dac5f70be8647ab688610b1978c2bc96f271d0b3db0dc1087
66102f3cb7b7575d6e25985d20c3d2c2d812f4265466ec3e41d365aa83fe8106
6819e416761ad3319c68fbf6ddb662fcb50a010a734bf6ead4be2aa49ba830b1
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b3da89922d333d106b84fefeebd7b16bfebf4cfbd7bef37fa10a47c471ae64c
6b6f8057e240a65dc3ed044f6249e4a12d5e9d2c4f8e18e0f44f9603ee5a03ff
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b973308f28a2ddc0f23aad2e84a41c57a795c11a5a11a9dd69ff99c6bd86bd6
730de59300e6103732a2168bdc9742af79a9abfe5995c6d3f3f3e96fd7c99d97
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
768be490ea35fd586be708a7aa17a24d2e31dea4edfeba832ae53339b952879d
79cc18d309bd22c2451e42afc9da991aaae0fbf5521b1168d1d47663a5b68594
7a37a4e2f1464a5f82bafc1aea9bc92be25447be734467ecdbd5e1874e22551b
7b0fb27181aa8c2244ab51f28e8b544248585a334184445b1da9b04f89a794ac
7d782dc1a9a1a6c144dbbc94b9cd857906292d7046c5d6e76970b65fb8c76661
802a3b18272fce86b7ae5e349963873801db2a682c542ba2a78b673f295ff5e2
82e8472d8aacbf7aefc29c5dd3cc8cc07c2a80c2de1a09a7aaab5b4ec150746d
831d5655c4738a7de17004a4f9f407109eb7f7ae9db67c22257a9184ecf6f516
854a1cb3bf2ef67e6a303c0ca22cbf1616a6683a1415997646bb2129047a7e1d
85f408ff7768f84574fa9fab8baa9ec9fe43e22567e2be72daf4d13c346ddd8a
889e811dced404c7b63b97539f9d972b7f2925c847758c83e259aaf0c14249fc
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
8c6282b043a74b1d92d9edee077e30492ec94b17b7dd9735be93b93b6118db54
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8fb164054a6d17b44ace39553e26826f6557819f609c9146cc9c11c135ab69a3
90b91e17c86159aaf7840b1a00bfe8633968d7ee6ff706cf57b2bb46e676b099
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
93975ae1d8cef7cb7a8c05ef392abe1b4d080b570b19cab279a208afe7d36cf9
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
980c5d3f2c9d21b9c5ddd170f98a7a3f77a8e96cf2406ed205d5ce339aeabf91
99ffcb8e2c4f940f5b5d8bf901f0fc928d0b40c5206b4d1ee9addc5751e0137e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b706f32743e3eea49a8445119f9dfbadd19cb621b29212fa30c466f87dd7138
9bf2b00c7e2a152a3bddc0ccf6c9b64eaa69835b31f8b788dbe0ff32385b6840
9c0d62a5e43109561498558c4abf27b4ea0f9d2c5935aa7d5e94c3ac572b1a76
9c954d37e5b86135acdbe6dda998a807b48613368136175bd424d37dad216b5a
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a00a7fab86e0a099ecadf538bf7bb08539c70e3e396d2ff76a2c9534c86203a7
a4459835f4ca7e099998eea006d88efa4863a8c61395103cfa69f963be0aaeaa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4aa71df16656f9b0e83e10e3fa189756733d1b591b46c26d461f38f3e08cb33
a661f8f8090e763d9e46c3b0745a402070fc823d3cf116aba6c2ad0287282d62
a7569a8f3b5967b95884a9d56ff1c57e7940ea667bfba2cb0b8533ee40ca26d2
a76beba792287ccd05bcf54ee446ba3227fd92e4c5585bc4279350d327571a52
a78f1a259351e5deda4a12bd3b8bbce4a708e4b926e57bd6bff269bbdcd95bbf
a7c122973f24656e61080ffbe922eb09243089409e039f18c1b3bd8333dcd44c
aaa81b5b1d908aefaf9297d91835ef637e3cc7811f2cdd204399709157d734ba
aad848c59e502b6ea83d79937e65320f50e5a7be59a7ad7170bcf2c65c9f1867
ae4db6b26dc6cca893080dca095e66ddfe98edf2772f71e7a0a7ca296eff95af
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1a9f51121ef00d4bc11c410113432813ddbdcd85c9f2aabbd2c2c23c87408e4
b2e4d08754839510a3d77ddf8205a515e51e4277c323932b10441196744ce757
b3052cb4159c6c3da4cee05fc67f879dfc7c5cf59628a6fd37485cf4c685f60d
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b9ba192210072d611d9b71e1e9a38d1af351804e8ebdd119568ed19fd0cd8060
bce6dce07167681173c599eb6dca7d9eba82c47a28a8ab5f7f98db7c83dbea39
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
befa3df11641ee50ac5507ed11e9b492c156afacdc3c68903fd3206bbc3517fd
befab798297c137e96ff18b91a3d4e5dcc2ef46d6ebc418b710e07a5126f0376
bf3030e55842d6b828713d9c2ceb06f9700d0ae9c60c9d03a33a7e5cf8ce3669
c324ef26b20264369e4568dc9ef1c5cb1f325f6bc4e8b7c01f7fe93fa353276a
c3e0faffda72a962d3b733340a9b479774c94ccd11b3fe9a90afac3d708917c8
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c74d4c8be63fda641c0e0255ad3c7416862f17e31442a1a0ddd7645bc2d69d3c
c8551d5827d3b97980f38b6448a6bc9aede2808c3e33ea5a24e49f89cafbe1a8
c942cb42cdacad001dce9355423b730fc36bbe1c332161a7bb7d2a8c748163d1
cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981
cd9c5ea69ac96ce024e9a182e2f7776d9e86d03f34deb18672b7a16252d828ae
cda3c421b62828768ee2741a35bef36bcfdb1199ee3eb987269f7d1ce2dd8876
d01ecaa00e08527e12c5ac05aa3644bdd642fbe8aaf9484ddf5a9ee45c7b91b6
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1a14b38c6142bb633e0b0b854f322084ae8843510cb7f23e19813d1b7d6b05d
d283c2f19bd9b24c108f07e36dc135213cc5c871ee0e9d68e23a2b840939ba49
d3de6de24e6fc1a778c54ef9ddff567d05e511a3cdb486ac44726f25b41f14c7
d5bb8e9097a2f622718cd4922fe78ee9957d7710c58adb81e119a48ce9ed9791
d60d8d04c537e3536054a8a33a7983b9890f016e6e95b852ab7481ed2cc3a3f4
d673a7d525e7aa67ad153cfda260a432e00f0c2e5fb3951d69b5eb00cec5f9e0
d7502e785bdc8f7184cab7e278053c49be4458393085eb2fbddabf35b895c310
da237220e71c957c394e8007fde60a30c9a7d2758a3fa72c72380d3ae79b986f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dddbfea33f7f0e37d565213750cbd97271093e612d4296fefeb0fe2b4bc05ccc
e064b50054165a75584e37d1714b47ea2f7fadc1da5a584d07e8743326f2d623
e08d52bff02cf2523795b9ce64c67d68a71d2b63d5a4374e43d5cd2ad11d3e6f
e189eb8fb761166a6d657a8dbea2c5d73e224e565716f36406ec7f7b68cd78c7
e28b6544e2fe9f3db1f2daaf197077f3bde9bb103ed6b232bf059c533ee12dd7
e2ec81b19233fd4cd6ef5adcb45c0cbec6bd5673716ba0454ce56b67486ece46
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e9c56f945418876e548e527d2f2b5f6036da8d7c1e842ae9a7be35802bd85c6f
eb9fd828cbea660832b8f899ee4e2207fc2f7eb69cceae58c588a1966338088b
ebc20a25271812014fc50e948ad4dbdcf89e2831fe1e3a38a561840cd8ea8311
ebe9819db65901730f1d3de1cefc5e502a42c1bdb3aae520c1374015a28e4e34
ebebace3fe9f2e5f577c5489fe05d538cefc13974dc4f7aa7caea907b03e630e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f448b5138be7634e7e3f16e9ddec3fdc6c265aaf05b1f741f99b2aa26b852165
f514543170b7d33d558d367a0047faf7d003acddeb3857f2cb929d6bfb5af190
f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c
f83b1a3ea61ad62e47fad82de5495a2547e2f12e591ad8108050538c566ae1e3
f94232cb8db8d584db2703b8753e58c82aad84539e57087519177b3065263bc6
f9f7ca92ac484587069e344faf7ecd9f82c53739d5008d5adcfafa7e705d9ba9
fdb328bff496e603b8fbd56d9b59114b5e4aeb7c5cf7a550563e5dc95cc25f33
fdb79cc61ca46e3e11b7239f4079531f3abddbb8e70407e08967c9f604ad87d8