urlscan.io logo urlscan.io
SecurityTrails logo

10bye.com Open in urlscan Pro
151.101.1.195  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://10bye.com/
Effective URL: https://10bye.com/
Submission: On February 13 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 41 IPs in 10 countries across 32 domains to perform 131 HTTP transactions. The main IP is 151.101.1.195, located in United States and belongs to FASTLY, US. The main domain is 10bye.com.
TLS certificate: Issued by GTS CA 1D4 on January 21st 2024. Valid for: 3 months.
This is the only time 10bye.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 151.101.1.195 54113 (FASTLY)
4 2a00:1450:400... 15169 (GOOGLE)
24 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
8 2a00:1450:400... 15169 (GOOGLE)
1 104.18.115.97 13335 (CLOUDFLAR...)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.219.150.34 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:401... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
1 2620:1ec:46::60 8075 (MICROSOFT...)
2 3 23.197.129.24 16625 (AKAMAI-AS)
3 104.19.175.1 13335 (CLOUDFLAR...)
1 41.63.96.130 22822 (LLNW)
1 152.199.21.185 15133 (EDGECAST)
16 2a00:1450:400... 15169 (GOOGLE)
2 172.217.18.102 15169 (GOOGLE)
8 138.201.63.116 ()
3 4 142.250.186.130 15169 (GOOGLE)
2 4 172.64.151.101 13335 (CLOUDFLAR...)
2 3 37.252.173.215 29990 (ASN-APPNEX)
1 4 144.76.91.199 24940 (HETZNER-AS)
3 138.201.63.165 24940 (HETZNER-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a0b:4d07:101::1 44239 (PROINITY ...)
2 91.121.248.44 16276 (OVH)
1 3 104.64.118.247 16625 (AKAMAI-AS)
1 85.10.231.200 24940 (HETZNER-AS)
1 3.11.113.23 16509 (AMAZON-02)
1 1 94.23.99.218 16276 (OVH)
1 2 2a01:4f8:d0a:... 24940 (HETZNER-AS)
1 49.12.16.151 24940 (HETZNER-AS)
2 172.217.18.98 15169 (GOOGLE)
1 18.66.147.120 16509 (AMAZON-02)
1 99.86.4.53 16509 (AMAZON-02)
2 35.178.247.241 ()
131 41
4    151.101.1.195 (United States)

ASN54113 (FASTLY, US)
10bye.com
4    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
24    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
8    2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    104.18.115.97 (None, )

ASN13335 (CLOUDFLARENET, US)
ipv4.icanhazip.com
5    2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    52.219.150.34 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-northeast-1-r-w.amazonaws.com
10bye.s3-ap-northeast-1.amazonaws.com
1    2a00:1450:4001:801::201b (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4016:80b::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
9    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a02:26f0:3500:88f::ab4 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
gmedia.playstation.com
1    2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
assets.xboxservices.com
3    23.197.129.24 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-197-129-24.deploy.static.akamaitechnologies.com
store.nintendo.co.jp
www.nintendo.co.jp
3    104.19.175.1 (None, )

ASN13335 (CLOUDFLARENET, US)
store-jp.nintendo.com
1    41.63.96.130 (Frankfurt am Main, Germany)

ASN22822 (LLNW, US)
PTR: https-41-63-96-130.hhn.llnw.net
jp.sharp
1    152.199.21.185 (United States)

ASN15133 (EDGECAST, US)
www.sony.jp
16    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    172.217.18.102 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s05-in-f102.1e100.net
ad.doubleclick.net
8    138.201.63.116 (Papenburg, Germany)

ASN- ()
PTR: static.116.63.201.138.clients.your-server.de
hal9000.redintelligence.net
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
cm.g.doubleclick.net
4    172.64.151.101 (San Francisco, United States)

ASN13335 (CLOUDFLARENET, US)
dsum-sec.casalemedia.com
3    37.252.173.215 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
4    144.76.91.199 (Bad Bellingen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.199.91.76.144.clients.your-server.de
hal900018.redintelligence.net
3    138.201.63.165 (Papenburg, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.165.63.201.138.clients.your-server.de
hal90005.redintelligence.net
1    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a0b:4d07:101::1 (Switzerland)

ASN44239 (PROINITY PROINITY, CH)
adv.office-partner.de
2    91.121.248.44 (Saint-Martin-d'Hères, France)

ASN16276 (OVH, FR)
PTR: ip44.ip-91-121-248.eu
pv.medialead.de
3    104.64.118.247 (Prague, Czech Republic)

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-118-247.deploy.static.akamaitechnologies.com
www.awin1.com
1    85.10.231.200 (Igersheim, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: 85-10-231-200.clients.your-server.de
www.media01.eu
1    3.11.113.23 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-11-113-23.eu-west-2.compute.amazonaws.com
track.webgains.com
1    94.23.99.218 (France)

ASN16276 (OVH, FR)
PTR: ip218.ip-94-23-99.eu
medialead.de
2    2a01:4f8:d0a:2321::2 (Nuremberg, Germany)

ASN24940 (HETZNER-AS, DE)
cdn.retailads.net
1    49.12.16.151 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: lb-1.futalis.de
futalis.de
2    172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net
www.googleadservices.com
1    18.66.147.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-120.fra60.r.cloudfront.net
analytics.webgains.io
1    99.86.4.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-53.fra6.r.cloudfront.net
cdn.track.production.webgains.team
2    35.178.247.241 (None, )

ASN- ()
api.webgains.io
Apex Domain
Subdomains		 Transfer
40 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114
tpc.googlesyndication.com — Cisco Umbrella Rank: 160
631 KB
16 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 80
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
ad.doubleclick.net — Cisco Umbrella Rank: 157
cm.g.doubleclick.net — Cisco Umbrella Rank: 258
99 KB
15 redintelligence.net
hal9000.redintelligence.net — Cisco Umbrella Rank: 37466
hal900018.redintelligence.net — Cisco Umbrella Rank: 263791
hal90005.redintelligence.net — Cisco Umbrella Rank: 214412
169 KB
9 gstatic.com
fonts.gstatic.com
www.gstatic.com
154 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2173
22 KB
5 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
storage.googleapis.com — Cisco Umbrella Rank: 335
76 KB
4 casalemedia.com
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 627
2 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
302 KB
4 10bye.com
10bye.com
147 KB
3 webgains.io
analytics.webgains.io — Cisco Umbrella Rank: 26690
api.webgains.io
19 KB
3 awin1.com
www.awin1.com — Cisco Umbrella Rank: 16791
2 KB
3 medialead.de
pv.medialead.de — Cisco Umbrella Rank: 43026
medialead.de — Cisco Umbrella Rank: 42752
852 B
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 252
3 KB
3 nintendo.com
store-jp.nintendo.com
132 KB
3 nintendo.co.jp
store.nintendo.co.jp
www.nintendo.co.jp — Cisco Umbrella Rank: 657039
219 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 139
2 retailads.net
cdn.retailads.net — Cisco Umbrella Rank: 168115
6 KB
2 playstation.com
gmedia.playstation.com — Cisco Umbrella Rank: 80308
25 KB
2 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 webgains.team
cdn.track.production.webgains.team — Cisco Umbrella Rank: 61820
437 B
1 futalis.de
futalis.de — Cisco Umbrella Rank: 279942
401 B
1 webgains.com
track.webgains.com — Cisco Umbrella Rank: 53021
2 KB
1 media01.eu
www.media01.eu — Cisco Umbrella Rank: 191457
752 B
1 office-partner.de
adv.office-partner.de — Cisco Umbrella Rank: 144946
923 B
1 sony.jp
www.sony.jp
8 KB
1 jp.sharp
jp.sharp — Cisco Umbrella Rank: 664886
85 KB
1 xboxservices.com
assets.xboxservices.com — Cisco Umbrella Rank: 40417
356 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6562
408 B
1 amazonaws.com
10bye.s3-ap-northeast-1.amazonaws.com
754 B
1 icanhazip.com
ipv4.icanhazip.com — Cisco Umbrella Rank: 8647
375 B
0 imgvc.com Failed
i.imgvc.com Failed
0 valuecommerce.com Failed
ad.jp.ap.valuecommerce.com Failed
131 32
Domain Requested by
24 pagead2.googlesyndication.com 10bye.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
16 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
8 hal9000.redintelligence.net googleads.g.doubleclick.net
hal900018.redintelligence.net
hal90005.redintelligence.net
8 fonts.gstatic.com fonts.googleapis.com
5 www.google-analytics.com 10bye.com
www.googletagmanager.com
www.google-analytics.com
4 hal900018.redintelligence.net 1 redirects googleads.g.doubleclick.net
hal900018.redintelligence.net
4 dsum-sec.casalemedia.com 2 redirects googleads.g.doubleclick.net
4 cm.g.doubleclick.net 3 redirects googleads.g.doubleclick.net
4 www.googletagmanager.com 10bye.com
www.googletagmanager.com
adv.office-partner.de
4 fonts.googleapis.com 10bye.com
googleads.g.doubleclick.net
hal900018.redintelligence.net
hal90005.redintelligence.net
4 10bye.com 1 redirects 10bye.com
3 www.awin1.com 1 redirects googleads.g.doubleclick.net
3 hal90005.redintelligence.net hal9000.redintelligence.net
hal90005.redintelligence.net
3 ib.adnxs.com 2 redirects googleads.g.doubleclick.net
3 store-jp.nintendo.com
3 region1.google-analytics.com www.googletagmanager.com
2 api.webgains.io analytics.webgains.io
2 www.googleadservices.com
2 cdn.retailads.net 1 redirects futalis.de
2 pv.medialead.de hal900018.redintelligence.net
googleads.g.doubleclick.net
2 ad.doubleclick.net googleads.g.doubleclick.net
2 store.nintendo.co.jp 2 redirects
2 gmedia.playstation.com
2 www.google.com 10bye.com
tpc.googlesyndication.com
1 cdn.track.production.webgains.team googleads.g.doubleclick.net
1 analytics.webgains.io track.webgains.com
1 futalis.de hal90005.redintelligence.net
1 medialead.de 1 redirects
1 track.webgains.com 10bye.com
1 www.media01.eu hal900018.redintelligence.net
1 adv.office-partner.de hal900018.redintelligence.net
1 www.gstatic.com googleads.g.doubleclick.net
1 www.sony.jp
1 www.nintendo.co.jp
1 jp.sharp
1 assets.xboxservices.com
1 www.google.de 10bye.com
1 stats.g.doubleclick.net www.google-analytics.com
1 storage.googleapis.com 10bye.com
1 10bye.s3-ap-northeast-1.amazonaws.com 10bye.com
1 ipv4.icanhazip.com 10bye.com
0 i.imgvc.com Failed
0 ad.jp.ap.valuecommerce.com Failed
131 44

This site contains links to these domains. Also see Links.

Domain
ck.jp.ap.valuecommerce.com
Subject Issuer Validity Valid
www.sawthis.today
GTS CA 1D4		 2024-01-21 -
2024-04-20		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-07 -
2024-04-06		 a year crt.sh
*.s3-ap-northeast-1.amazonaws.com
Amazon RSA 2048 M01		 2024-01-23 -
2025-01-09		 a year crt.sh
storage.googleapis.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
securecn.scene7.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-02-01 -
2025-03-01		 a year crt.sh
*.xboxservices.com
Microsoft Azure TLS Issuing CA 05		 2024-01-18 -
2024-06-27		 5 months crt.sh
*.jp.sharp
GlobalSign RSA OV SSL CA 2018		 2023-05-12 -
2024-06-12		 a year crt.sh
store-jp.nintendo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-03 -
2024-08-28		 a year crt.sh
www.nintendo.co.jp
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-21 -
2024-03-23		 a year crt.sh
www.sony.jp
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-11 -
2024-05-11		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh
redintelligence.net
R3		 2024-02-13 -
2024-05-13		 3 months crt.sh
adv.office-partner.de
R3		 2023-12-27 -
2024-03-26		 3 months crt.sh
pv.medialead.de
R3		 2024-02-02 -
2024-05-02		 3 months crt.sh
*.media01.eu
RapidSSL TLS RSA CA G1		 2023-05-16 -
2024-05-15		 a year crt.sh
*.webgains.com
Amazon RSA 2048 M01		 2023-05-15 -
2024-06-13		 a year crt.sh
*.futalis.de
R3		 2024-02-10 -
2024-05-10		 3 months crt.sh
www.awin1.com
DigiCert TLS RSA SHA256 2020 CA1		 2024-01-10 -
2025-01-10		 a year crt.sh
*.webgains.io
Amazon RSA 2048 M01		 2023-07-24 -
2024-08-22		 a year crt.sh
cdn.track.production.webgains.team
Amazon RSA 2048 M03		 2023-08-30 -
2024-09-27		 a year crt.sh
cdn.retailads.net
Encryption Everywhere DV TLS CA - G2		 2023-05-18 -
2024-05-17		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2024-01-29 -
2024-04-22		 3 months crt.sh

This page contains 21 frames:

Primary Page: https://10bye.com/
Frame ID: CAEE9864A872855C20A4CAEF036FF6C8
Requests: 42 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html
Frame ID: ED91DB8F054FE31FC19AAD85CB69668F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&adk=1812271804&adf=3025194257&lmt=1632227896&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_r&format=0x0&url=https%3A%2F%2F10bye.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769955&bpp=6&bdt=2162&idt=217&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1885067147150&frm=20&pv=2&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=231
Frame ID: 0600627265C04B868B523BD42203E3E4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Frame ID: F9276996B087771616A7A264C21ABC5F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Frame ID: BD4E354205AE590D893A1094138B8F84
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Frame ID: D683571B60D745EE8B59A4CF3C73A518
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B05C539DE53DD24AB992F327A29B43FD
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89269D51DAD854DC2AF42DE26A23CB7E
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV-qZky8Bx2OUxC0yUhFI66llFVgJy8EM8RFVg2zrwj_bOB1lNPAsa6586OD0T7ze0uj3Igu7cmFsrgeT4AacxohjIS04Im3oU_RWyBUinTssj2NASmqbNUezyeb6Nvfjm48AuC13aaHGaYWtyygrBnvBjyVS3rlbxIC8yFkA8cRMWrlzg
Frame ID: EF6D0E9A8497CE384F5A1E171C811C11
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: A71C0BB088359D9EA30B5DBA70F50D30
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWUfrxNecmKoVqfyRmEmLlbXVcAkC10fVQJWKMo9HKWb7DHUAuDNR0_aZ9vhP4Oxey48bZ1z9E2sszFP49vps9pnF0pL1e6RoIWeZcMYepdH0nP326B3cmMzqgzq8oFsV9ItxGAIustNpxrKFVfFrCFjet91RnBIHyrqLhVr-W-mDYv5xc
Frame ID: FC73716406350F78A56F875BB466CA6E
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Frame ID: B4136333731614F490FBD4A3AFFF80D3
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: D9093A0A9BBA98219694B5AEC55C8EDF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: 52825FC0B30CD327E39DD7445459760E
Requests: 3 HTTP requests in this frame

Frame: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Frame ID: 45904D8C4FA2CE54EF7A24F0C615D21A
Requests: 3 HTTP requests in this frame

Frame: https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent=
Frame ID: E604FB2D29F1A948AD78B9C7326C3EEC
Requests: 1 HTTP requests in this frame

Frame: https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_296283_1707856771_fd48ac72-caaf-11ee-8694-226555b1c0ac&dt_mode=iframe&dt_url=
Frame ID: 51B1C588D54368036FE20E4B3580AAB3
Requests: 1 HTTP requests in this frame

Frame: https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
Frame ID: 22957D3683EDFCFA8639E119AB9A25E2
Requests: 8 HTTP requests in this frame

Frame: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3544566947
Frame ID: A426571DCDFBB1FF11544BDED13D9CBE
Requests: 2 HTTP requests in this frame

Frame: https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
Frame ID: 7B2423DAECBF1EA421384011A4FF002E
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Frame ID: E5891721A427F1A3C12580C0BE421680
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

じゅうびぇ

Page URL History Show full URLs

  1. http://10bye.com/ HTTP 301
    https://10bye.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /demandware\.static/
Overall confidence: 100%
Detected patterns
  • zip\.co
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • analytics\.webgains\.io

Page Statistics

131
Requests

90 %
HTTPS

41 %
IPv6

32
Domains

44
Subdomains

41
IPs

10
Countries

2455 kB
Transfer

5443 kB
Size

36
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://10bye.com/ HTTP 301
    https://10bye.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 24
  • https://store.nintendo.co.jp/client_info/CX24DMSJKX/itemimage/HDH_S_GBZAA/HDH_S_GBZAA.main.jpg HTTP 301
  • https://store-jp.nintendo.com/
Request Chain 25
  • https://store.nintendo.co.jp/client_info/CX24DMSJKX/itemimage/HAC_S_KBAEA/HAC_S_KBAEA.main.jpg HTTP 301
  • https://store-jp.nintendo.com/
Request Chain 33
  • https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3445533&pid=886215688 HTTP 302
  • https://i.imgvc.com/vc/images/00/21/81/8f.png
Request Chain 69
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
Request Chain 70
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcvTg1VbLUIAAEPuAH7yvgAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
Request Chain 71
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECzz6dZ3j8JdZtnm31ju51Q&google_cver=1
Request Chain 72
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyNDEyNzA2OTY0MTMwNjY3Mg%3D%3D
Request Chain 74
  • https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0 HTTP 302
  • https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Request Chain 94
  • https://www.awin1.com/cshow.php?s=2840007&v=20646&q=409071&r=296283&pref1=64496600193150504444556012599018&pv=1 HTTP 302
  • https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_296283_1707856771_fd48ac72-caaf-11ee-8694-226555b1c0ac&dt_mode=iframe&dt_url=
Request Chain 97
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent= HTTP 302
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent=
Request Chain 110
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=40125500194152004444556012599005&ra_cnt_active=1&ra_cnt=1 HTTP 302
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3544566947
Request Chain 119
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFoOcgtPLZZuGFfycvcAP9IS5mATs1_zcdfHPi62XEr76n66LDhABIJvw43FglZKggrAHoAHOxdzFKMgBCakCKqzPSPn1sT6oAwHIA8sEqgTPAU_QLiUHEKu8SJA-XkniCqWyD6akKsmrBtsMk43kYWT19TJ1pEchr2lNjun8a9k0Gl_8tpbF-Wpw9EIxcUf2ycG4O9VdUtJGo41K3AL_p-cW1O7cqOfO87rY4f2sVXdkUsrdwIYCDersJseQMa41JditAMSO9VEind0fw7cdvXC9A_Qt0LXyFyojylbZaw0iG8qBq_jaxMsyrbSBbpCUt8G4HlK7x-9Km1xm9IAYSPNFfO8udlEeE_hXT79e6E8cCb6o26GuBlWjpPScLGRxUsAE54y5up0EiAX82t_jRpIFBAgEGAGSBQQIBRgEoAYugAfO_aylA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6--sQKoB9XJG6gHpr4b2AcA8gcEEMGrBNIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WMuY9qCWqYQDmgmjAWh0dHBzOi8vd3d3LmV4dHJha2FydGUuY29tLz9jaWQ9MjI0JnV0bV9zb3VyY2U9Z29vZ2xlX2NjJnV0bV9tZWRpdW09Y3BjJnV0bV90ZXJtPURlYml0Q2hlY2tpbmdTZXJ2aWNlcyZ1dG1fY29udGVudD02NzM5OTA3Njk2NTEmdXRtX2NhbXBhaWduPUxlYWRzQ3JlZGl0Q2FyZERpc3BsYXmACgHICwHYEwyIFAfQFQGYFgGAFwGyFxwKGggAEhRwdWItMjgwMzk2NTkxNzg1MzQ3NxgA&sigh=v_Zn04Es2lM&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_WddyveRC38LIv42MxAJPOslqRWLGnzzSdCk93J9EB0LY7JuMWcNGrBFDGPm6L-BjzjmG9pUi9zSI4tClvypPbrDnugWsHSMrDhgB&template_id=5000&cbvp=2&vis=1&nis=5 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210480196862915765466%22,%22debug_reporting%22:true,%22destination%22:%22https://extrakarte.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210883637966%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215662671857062203505%22}&andc=true

131 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
10bye.com/
Redirect Chain
  • http://10bye.com/
  • https://10bye.com/
5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
08d94081aae4a9e14e2e6b0e5867e7c975528dd42da8f77fa25db22daee669da
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
cache-control
max-age=3600
content-encoding
br
content-length
1926
content-type
text/html; charset=utf-8
date
Tue, 13 Feb 2024 20:39:27 GMT
etag
"36cd4fc30e93c9f2c07add3e45784ff23e5842c23e66f22c222261667d158ae3-br"
last-modified
Tue, 21 Sep 2021 12:38:16 GMT
strict-transport-security
max-age=31556926
vary
x-fh-requested-host, accept-encoding
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220073-FRA
x-timer
S1707856768.650937,VS0,VE126

Redirect headers

Accept-Ranges
bytes
Connection
close
Content-Length
0
Date
Tue, 13 Feb 2024 20:39:27 GMT
Location
https://10bye.com/
Retry-After
0
Server
Varnish
X-Cache
HIT
X-Cache-Hits
0
X-Served-By
cache-fra-etou8220055-FRA
X-Timer
S1707856768.607582,VS0,VE0
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
css
fonts.googleapis.com/ 		7 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Feb 2024 20:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 19:22:55 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Feb 2024 20:39:27 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		147 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c6d35b87f2d3be09a898e9b6bb718f40b0b9c1ebe772a3c05204b180e33407b1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:28 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51312
x-xss-protection
0
server
cafe
etag
9882816245151324084
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 13 Feb 2024 20:39:28 GMT
js
www.googletagmanager.com/gtag/ 		138 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-134728956-1
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bdf0289cae2382fc82e3bd7ae64f3b52630909165ce960aa9052e1d43fc54c9c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
53802
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Feb 2024 20:39:27 GMT
10.4fa9c754.chunk.js
10bye.com/static/js/ 		491 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10bye.com/static/js/10.4fa9c754.chunk.js
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f1ef4c9774d3d66f3ef935f2e01da016f9ab0cf099ce597758e427649c130300
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220073-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 13 Feb 2024 20:39:27 GMT
last-modified
Tue, 21 Sep 2021 12:38:16 GMT
x-timer
S1707856768.804110,VS0,VE3
etag
"1f0bdcffa105172661bffc76239a7fe549682c246c4118bc4da1e917a6ba5a0f-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
123321
x-cache-hits
1
main.7976e6b5.chunk.js
10bye.com/static/js/ 		112 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10bye.com/static/js/main.7976e6b5.chunk.js
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.1.195 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
eb593468b1ba6c3c29af04809eae45ae34129d0bf10410ec5ee9458680728565
Security Headers
Name Value
Strict-Transport-Security max-age=31556926

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220073-FRA
strict-transport-security
max-age=31556926
content-encoding
br
date
Tue, 13 Feb 2024 20:39:27 GMT
last-modified
Tue, 21 Sep 2021 12:38:16 GMT
x-timer
S1707856768.804229,VS0,VE3
etag
"2a186e5fcd1770d371a190d43636df8035d7e00e3143ad6bf9e3c5e4cf08d69e-br"
vary
x-fh-requested-host, accept-encoding
x-cache
HIT
content-type
text/javascript; charset=utf-8
cache-control
max-age=31536000, immutable
accept-ranges
bytes
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
24607
x-cache-hits
1
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://10bye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:51:30 GMT
x-content-type-options
nosniff
age
42477
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:51:30 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://10bye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:13:54 GMT
x-content-type-options
nosniff
age
41133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:13:54 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,500&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://10bye.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:56:16 GMT
x-content-type-options
nosniff
age
42191
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:56:16 GMT
/
ipv4.icanhazip.com/ 		11 B
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ipv4.icanhazip.com/
Requested by
Host: 10bye.com
URL: https://10bye.com/static/js/10.4fa9c754.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.115.97 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5206e3f20447988dd8129f3bbbad32a66a5289a720c6e708524ab2a9cb386c8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:27 GMT
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
text/plain
access-control-allow-origin
*
cf-ray
854fe17f9d111e53-FRA
alt-svc
h3=":443"; ma=86400
content-length
11
collect
www.google-analytics.com/debug/ 		271 B
460 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/debug/collect?v=1&tid=UA-134728956-1&cid=unknow&dp=%2F
Requested by
Host: 10bye.com
URL: https://10bye.com/static/js/main.7976e6b5.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
MPVS /
Resource Hash
f91ab0b676861b1fc92ffe1e6f321a5d307f16268b37f8eb1c9c3959f1758d24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
MPVS
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://10bye.com
cache-control
private
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
grant.json
10bye.s3-ap-northeast-1.amazonaws.com/ 		243 B
754 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://10bye.s3-ap-northeast-1.amazonaws.com/grant.json
Requested by
Host: 10bye.com
URL: https://10bye.com/static/js/main.7976e6b5.chunk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.150.34 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-ap-northeast-1-r-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
f7e23f6ceeb4570939ccfc34e0c28e4b43bd7097d846a84575a5468fac582e9f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:27 GMT
Server
AmazonS3
x-amz-request-id
MFK8XB0VJF543JDT
Vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method
Access-Control-Max-Age
-1
Access-Control-Allow-Methods
GET, HEAD
Access-Control-Allow-Origin
https://10bye.com
Content-Type
application/xml
Transfer-Encoding
chunked
Access-Control-Allow-Credentials
true
x-amz-id-2
0pk6rNmGIjVYoy+83Er80qup2kSUNFuwoAnkYVX0XVFl7RSEPJiagrb+XzImmtZK9CMF3r/pNgk=
latest.json
storage.googleapis.com/bye-biz.appspot.com/ 		567 KB
72 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/bye-biz.appspot.com/latest.json
Requested by
Host: 10bye.com
URL: https://10bye.com/static/js/main.7976e6b5.chunk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::201b Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
5ff8bcb23c86664e2e99eb925afc849d2461d1188fd87060ce9415447873d9ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:29 GMT
content-encoding
gzip
x-guploader-uploadid
ABPtcPohpCEJqQjJE80tbiQCNTvTDf7q0EOiVD6wCQsVqKvCJjbMd-RROpKwcWHfb8PqvISSwEw
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
73203
last-modified
Tue, 13 Feb 2024 15:05:59 GMT
server
UploadServer
etag
"4f057333cb94b9a7f13ea31d14781f35"
vary
Accept-Encoding, Origin
x-goog-generation
1707836759869139
content-type
application/json; charset=utf-8
access-control-allow-origin
https://10bye.com
x-goog-hash
crc32c=WuOytg==, md5=TwVzM8uUuafxPqMdFHgfNQ==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=600
x-goog-stored-content-length
73203
accept-ranges
bytes
expires
Tue, 13 Feb 2024 20:49:29 GMT
js
www.googletagmanager.com/gtag/ 		268 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-M01SPYK7S1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134728956-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a8d9ff124c05c65b2e624c8ca4f383284485d02936a19fbd93ea40effa86520c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
92717
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Feb 2024 20:39:27 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-134728956-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 13 Feb 2024 19:48:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
server
Golfe2
age
3078
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Tue, 13 Feb 2024 21:48:09 GMT
collect
www.google-analytics.com/j/ 		2 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=551268009&t=event&ni=1&_s=1&dl=https%3A%2F%2F10bye.com%2F&ul=en-us&de=UTF-8&dt=%E3%81%98%E3%82%85%E3%81%86%E3%81%B3%E3%81%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=general&ea=ip_dimension&el=81.95.5.44&_u=4GBAAUABAAAAACAAI~&jid=1965252177&gjid=186841790&cid=156531095.1707856768&tid=UA-134728956-1&_gid=2111919690.1707856768&_r=1&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd2=81.95.5.44&jsscut=1&cd1=156531095.1707856768&z=1838660948
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://10bye.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://10bye.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
249 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M01SPYK7S1&gtm=45je42c0v893876858za200&_p=1707856767849&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=156531095.1707856768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=1&sid=1707856767&sct=1&seg=0&dl=https%3A%2F%2F10bye.com%2F&dt=%E3%81%98%E3%82%85%E3%81%86%E3%81%B3%E3%81%87&en=page_view&_fv=1&_ss=1&tfd=474
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M01SPYK7S1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://10bye.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M01SPYK7S1&gtm=45je42c0v893876858za200&_p=1707856767849&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=156531095.1707856768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AAAI&_s=2&sid=1707856767&sct=1&seg=0&dl=https%3A%2F%2F10bye.com%2F&dt=%E3%81%98%E3%82%85%E3%81%86%E3%81%B3%E3%81%87&en=ip_dimension&_ee=1&ep.clientIp=81.95.5.44&ep.event_label=81.95.5.44&_et=1&tfd=481
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M01SPYK7S1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://10bye.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-134728956-1&cid=156531095.1707856768&jid=1965252177&gjid=186841790&_gid=2111919690.1707856768&_u=4GBAAUAAAAAAACAAI~&z=377588177
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://10bye.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 13 Feb 2024 20:39:28 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://10bye.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134728956-1&cid=156531095.1707856768&jid=1965252177&_u=4GBAAUAAAAAAACAAI~&z=79925299
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-134728956-1&cid=156531095.1707856768&jid=1965252177&_u=4GBAAUAAAAAAACAAI~&z=79925299
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4016:80b::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:28 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/ Frame ED91 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240208/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10bye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
73454
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4209
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 00:15:14 GMT
etag
3890843268177463596
expires
Tue, 27 Feb 2024 00:15:14 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/ 		406 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2803965917853477&plah=10bye.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1d6c122b5fa19d9330bd8da28671032001df9841f293408cc4e1c307036d0169
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:29 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141213
x-xss-protection
0
server
cafe
etag
11389385830221316469
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 20:39:29 GMT
ps-portal-remote-player-keyart-01-en-18aug23
gmedia.playstation.com/is/image/SIEPDC/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gmedia.playstation.com/is/image/SIEPDC/ps-portal-remote-player-keyart-01-en-18aug23?$facebook$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88f::ab4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
dd56ec379663b08d337121d527abaf097d71669c2a586dc77b9405301444a4d6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Feb 2024 20:39:30 GMT
-x-adobe-smart-imaging
880052
akamai-grn
0.94a12417.1707856770.59de0ac1
x-adobe-assetlist
[SIEPDC/ps-portal-remote-player-keyart-01-en-18aug23]
x-adobe-smart-imaging
880052
x-akamai-cache
Hit
content-length
17208
-x-adobe-assetlist
[SIEPDC/ps-portal-remote-player-keyart-01-en-18aug23]
last-modified
Thu, 24 Aug 2023 11:13:35 GMT
server
Unknown
x-adobe-modifierlist
[wid|resmode|iccembed|printres|icc|preset|fmt|hei]
etag
"6658a89bcbe99368df4b058553f44889"
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 14 Feb 2024 00:56:02 GMT
74b358fe-f784-43ef-8761-943a5a1908c2.png
assets.xboxservices.com/assets/74/b3/ 		355 KB
356 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets.xboxservices.com/assets/74/b3/74b358fe-f784-43ef-8761-943a5a1908c2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
13ac4d1e3799f5a35b98f91b370da03a16432041ad70a06e41c7e27773f2092d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
date
Tue, 13 Feb 2024 20:39:31 GMT
last-modified
Tue, 24 Aug 2021 17:35:25 GMT
etag
0x8D967258E8FE497
x-azure-ref
20240213T203930Z-14swyd71pp5f58bbemk0fe39d40000000hqg00000000kmvm
x-cache
TCP_MISS
content-type
image/png
x-ms-request-id
26535a39-301e-0049-71bc-5ea43b000000
cache-control
max-age=31536000
x-ms-version
2009-09-19
x-fd-int-roxy-purgeid
0
accept-ranges
bytes
content-length
363494
/
store-jp.nintendo.com/
Redirect Chain
  • https://store.nintendo.co.jp/client_info/CX24DMSJKX/itemimage/HDH_S_GBZAA/HDH_S_GBZAA.main.jpg
  • https://store-jp.nintendo.com/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-jp.nintendo.com/
Protocol
H2
Server
104.19.175.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Redirect headers

location
https://store-jp.nintendo.com/
date
Tue, 13 Feb 2024 20:39:30 GMT
server
AkamaiGHost
content-length
0
/
store-jp.nintendo.com/
Redirect Chain
  • https://store.nintendo.co.jp/client_info/CX24DMSJKX/itemimage/HAC_S_KBAEA/HAC_S_KBAEA.main.jpg
  • https://store-jp.nintendo.com/
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-jp.nintendo.com/
Protocol
H2
Server
104.19.175.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Redirect headers

location
https://store-jp.nintendo.com/
date
Tue, 13 Feb 2024 20:39:30 GMT
server
AkamaiGHost
content-length
0
support-icon-ps5-01-07oct20
gmedia.playstation.com/is/image/SIEPDC/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://gmedia.playstation.com/is/image/SIEPDC/support-icon-ps5-01-07oct20?$facebook$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:88f::ab4 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Unknown /
Resource Hash
eae87ff84c39e6cf0408f4bde3cc3f7051088d681f815037d6a07f4f7e91c284
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 13 Feb 2024 20:39:30 GMT
last-modified
Fri, 16 Oct 2020 14:22:06 GMT
server
Unknown
akamai-grn
0.94a12417.1707856770.59de0ac0
x-adobe-modifierlist
[wid|resmode|iccembed|printres|icc|preset|fmt|hei]
etag
"c2e21773bdf09e63337cb8136436b689"
x-adobe-assetlist
[SIEPDC/support-icon-ps5-01-07oct20]
access-control-allow-origin
*
content-type
image/webp
x-adobe-smart-imaging
69455
x-akamai-cache
Miss
content-length
7354
expires
Wed, 14 Feb 2024 06:39:30 GMT
ogp.jpg
jp.sharp/products/r6_simfree/d_common_v3/images/ 		84 KB
85 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jp.sharp/products/r6_simfree/d_common_v3/images/ogp.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
41.63.96.130 Frankfurt am Main, Germany, ASN22822 (LLNW, US),
Reverse DNS
https-41-63-96-130.hhn.llnw.net
Software
/
Resource Hash
7ff7df7441a1aa5d8f84504c26e1ba96aad5b9b972cc8e213a4dbc7c4b2b0a57
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self' yamada-denkiweb.com *.yamada-denkiweb.com yamada-denki.jp *.yamada-denki.jp ymall.jp *.ymall.jp nojima.co.jp *.nojima.co.jp edion.com *.edion.com edion.co.jp *.edion.co.jp biccamera.com *.biccamera.com biccamera.co.jp *.biccamera.co.jp kojima.net *.kojima.net sofmap.com *.sofmap.com sofmap.co.jp *.sofmap.co.jp joshinweb.jp *.joshinweb.jp joshin.co.jp *.joshin.co.jp ksdenki.com *.ksdenki.com ksdenki.co.jp *.ksdenki.co.jp yodobashi.com *.yodobashi.com yodobashi.co.jp *.yodobashi.co.jp xprice.co.jp *.xprice.co.jp cocorostore.jp.sharp st-cocorostore.jp.sharp st.jp.sharp;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:30 GMT
content-security-policy
frame-ancestors 'self' yamada-denkiweb.com *.yamada-denkiweb.com yamada-denki.jp *.yamada-denki.jp ymall.jp *.ymall.jp nojima.co.jp *.nojima.co.jp edion.com *.edion.com edion.co.jp *.edion.co.jp biccamera.com *.biccamera.com biccamera.co.jp *.biccamera.co.jp kojima.net *.kojima.net sofmap.com *.sofmap.com sofmap.co.jp *.sofmap.co.jp joshinweb.jp *.joshinweb.jp joshin.co.jp *.joshin.co.jp ksdenki.com *.ksdenki.com ksdenki.co.jp *.ksdenki.co.jp yodobashi.com *.yodobashi.com yodobashi.co.jp *.yodobashi.co.jp xprice.co.jp *.xprice.co.jp cocorostore.jp.sharp st-cocorostore.jp.sharp st.jp.sharp;
last-modified
Tue, 14 Sep 2021 01:02:47 GMT
etag
"150af-5cbea23d158ee"
vary
Accept
content-type
image/jpeg
cache-control
max-age=900
accept-ranges
bytes
content-length
86191
x-llid
fb32a87e91ea924f810a7b972e88e805
1ea940d81d45c31e46fc4e616e49ba17debec84583c1d73d1c5d3a15102c96d1a3ff7d7e18499ede9a5b7dbd42edcf5ff8d2461767375ea32adb490cbfac431b.jpg
store-jp.nintendo.com/dw/image/v2/BFGJ_PRD/on/demandware.static/-/Sites-all-master-catalog/ja_JP/dwde8fbdd2/products/VM_HDH_S_VAZAA/heroBanner/ 		131 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://store-jp.nintendo.com/dw/image/v2/BFGJ_PRD/on/demandware.static/-/Sites-all-master-catalog/ja_JP/dwde8fbdd2/products/VM_HDH_S_VAZAA/heroBanner/1ea940d81d45c31e46fc4e616e49ba17debec84583c1d73d1c5d3a15102c96d1a3ff7d7e18499ede9a5b7dbd42edcf5ff8d2461767375ea32adb490cbfac431b.jpg?sw=1368&amp;strip=false
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
104.19.175.1 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dbdd43ce01462d50a3e272c6af1cae1d0dbd8c439d887a88792062b8a2a79d17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:30 GMT
via
1.1 91353a8aba9ab05d79e9678e004043bc.cloudfront.net (CloudFront)
cf-cache-status
MISS
x-amz-meta-cleanquerystring
sw=1368&strip=false
x-amz-cf-pop
FRA60-P1
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
134549
x-amz-expiration
expiry-date="Thu, 21 Nov 2024 00:00:00 GMT", rule-id="transform_cache_ttl"
last-modified
Sun, 22 Oct 2023 01:51:10 GMT
server
cloudflare
etag
"b82dc413d91b76d921f000e1f9d019f3"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
public, max-age=2592000
accept-ranges
bytes
cf-ray
854fe18d6a7b2c6d-FRA
x-amz-cf-id
b-NIubfEOzinDOEQs8DNkqqLKPEOa8eDN3ojqWfQeq6fv3V8nkoFJA==
img-package--fotrnite.png
www.nintendo.co.jp/hardware/switch/modal/img/lineup/ 		218 KB
219 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nintendo.co.jp/hardware/switch/modal/img/lineup/img-package--fotrnite.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.197.129.24 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-197-129-24.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
626517b84819b349fb699b027ce0204605477e26b294b5a57eb9593e77905fc0
Security Headers
Name Value
Strict-Transport-Security max-age=315360000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=315360000
date
Tue, 13 Feb 2024 20:39:30 GMT
x-content-type-options
nosniff
last-modified
Mon, 12 Oct 2020 00:46:02 GMT
server
nginx
x-amz-request-id
V0ZFE3326XGQRDRD
x-amz-meta-cb-modifiedtime
Fri, 09 Oct 2020 07:30:34 GMT
content-type
image/png
content-length
223492
x-amz-id-2
dTzWX99FYiMV/w0Td3wyZK6R3sRtQdtmiYbdxoAdz8B/WB68MW4alhLuLPah4KdtkBCO7swV7rE=
CUH-2200BB02
www.sony.jp/imag/product/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sony.jp/imag/product/CUH-2200BB02?$ImageL$
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.21.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (tka/8917) /
Resource Hash
8a8fe1a2ccca773e5d851e559cad0f6bfb66d0ede859fcfe62c730e7d7c02e05
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
Strict-Transport-Security max-age=7776000
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy
frame-ancestors 'self'
date
Tue, 13 Feb 2024 20:39:30 GMT
referrer-policy
no-referrer-when-downgrade
strict-transport-security
max-age=7776000
last-modified
Tue, 13 Feb 2024 03:02:39 GMT
server
ECAcc (tka/8917)
x-ec-custom-error
1
age
63411
x-frame-options
SAMEORIGIN
x-cache
HIT
content-type
image/jpeg
accept-ranges
bytes
content-length
7612
x-xss-protection
1; mode=block
gifbanner
ad.jp.ap.valuecommerce.com/servlet/ 		0
0
gifbanner
ad.jp.ap.valuecommerce.com/servlet/ 		0
0
8f.png
i.imgvc.com/vc/images/00/21/81/
Redirect Chain
  • https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3445533&pid=886215688
  • https://i.imgvc.com/vc/images/00/21/81/8f.png
0
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=551268009&t=pageview&_s=2&dl=https%3A%2F%2F10bye.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E3%81%98%E3%82%85%E3%81%86%E3%81%B3%E3%81%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABAAAAACAAI~&jid=&gjid=&cid=156531095.1707856768&tid=UA-134728956-1&_gid=2111919690.1707856768&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd1=156531095.1707856768&z=1163224318
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 12:49:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28217
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=551268009&t=pageview&_s=3&dl=https%3A%2F%2F10bye.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=%E3%81%98%E3%82%85%E3%81%86%E3%81%B3%E3%81%87&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAAUABAAAAACAAI~&jid=&gjid=&cid=156531095.1707856768&tid=UA-134728956-1&_gid=2111919690.1707856768&gtm=457e42c0za200&gcd=13l3l3l3l1&dma_cps=sypham&dma=1&cd1=156531095.1707856768&z=1247946226
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 12:49:12 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
28217
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 0600 		0
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=jss32%20jss33&ign=false&pw=1600&ph=1200&x=0&y=1060.8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&cls=jss32%20jss33&ign=false&pw=1600&ph=1200&x=0&y=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240208&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2803965917853477&plah=10bye.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
449c470341e2a604bba309012c17f4bc4ac3d90ab6056c87720581e48a157d71
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12199
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame F927 		133 KB
44 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2803965917853477&plah=10bye.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0ab8ec3febc74a5ee84c39a1a66d9838eda1329874dee3b5a27575969303c779
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10bye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
44520
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 20:39:31 GMT
expires
Tue, 13 Feb 2024 20:39:31 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame BD4E 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2803965917853477&plah=10bye.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
feaaf3e6489541de55ba8900e29f8bfdf53ae07ddd6c5160fb9e3c2cf3e433f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10bye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11522
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 20:39:30 GMT
expires
Tue, 13 Feb 2024 20:39:30 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame D683 		28 KB
11 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2803965917853477&plah=10bye.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
56985873f7a0a8ef5b6756867909f531f1f5b72df605e973d932560071ac0c41
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10bye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
11510
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 20:39:30 GMT
expires
Tue, 13 Feb 2024 20:39:30 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2803965917853477&plah=10bye.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 13 Feb 2024 20:39:30 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B05C 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://10bye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
23546
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 14:07:04 GMT
expires
Wed, 12 Feb 2025 14:07:04 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8926 		829 B
998 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
83d4a245bc335218ba4d4fdb89e81d7c43954f41e57a14eedddd3e06e4030190
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7osiZxYhgM9JziMViX8qRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://10bye.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-7osiZxYhgM9JziMViX8qRw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 20:39:30 GMT
expires
Tue, 13 Feb 2024 20:39:30 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame B05C 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 13:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
25804
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 13:29:26 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8926 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240208&jk=4463060399122235&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame B05C 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?428B0g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:30 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
pixel
googleads.g.doubleclick.net/xbbe/ Frame EF6D 		0
20 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNV-qZky8Bx2OUxC0yUhFI66llFVgJy8EM8RFVg2zrwj_bOB1lNPAsa6586OD0T7ze0uj3Igu7cmFsrgeT4AacxohjIS04Im3oU_RWyBUinTssj2NASmqbNUezyeb6Nvfjm48AuC13aaHGaYWtyygrBnvBjyVS3rlbxIC8yFkA8cRMWrlzg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 20:39:30 GMT
expires
Tue, 13 Feb 2024 20:39:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame A71C 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33320
x-xss-protection
0
server
cafe
etag
12501049806231860069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 20:39:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame A71C 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 13:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
25805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 13:29:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame A71C 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 20:53:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
85535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 20:53:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A71C 		203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 21:29:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A71C 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BSNP6vy_KQ4j4F8B2AYZSndNz669udO-PrsUvY_EjpU91I4-k33nCSy5FZmAs2FKQakjtgi5zVosgaWcwevLBIXbj3d37EHewqQ9k94JCUHpj-cWA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A71C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1425344012393&version=m202401290101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A71C 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1425344012393&version=m202401290101&ct=77&x=1&cor=9000650388065227000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame A71C 		20 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AP9OkiE6LhdZhZrhGSXggTGU6KxmY7bWf7qWMeLoKZ9Yq32phr-Fx_MjtC_rylHTSTiv8Pv7goUp7Oy-HN6BrmFQgJHeYMMRB9u_4rCwuN_6Vl99A7amFmylEv95s5Y6G9SIluXnjVVm2r4cCXywVubpDGKvKfNQBkp9dxJGXO5gjYh_k&cry=1&dbm_d=AKAmf-DkUM_IFKMh0fS9bBhm5PWzn4eUHE6izn4k5i17bWhbAFg_5TZ470tlgp4cWqc7qovNHnv68RdhxPFs4noUyPbdZTHxfC_t8sUYm5r3uwIiLw-K6kaaZIPBNvNQRgiOzE2cVJ4nN9dIVkwZPVvcGGCqmpLpqP1O8zyMVQkLLbzhQsUiBv_ZO2f-ncLSEAoaDZebPJOIQ0SQaq1-23d1DhlEI_RZ1jT1qQbo3AAC3xDDMiCzYa55Ze03ilyVtvNZIh9j9VX7e_pym-Oie3wrCKP1Y8V5kdVarncIv1NqjBPapHKsmDwfjiPXjyYt37wJcMBZNpprxbU4b6_5aVIqJWl6pk24F9jHkSqXtdKTz0HpqfR7sG05y1RBYar-5yLF_gsc6qzmqhHzqVF8B5vMZV5WZSeFHz19d_3yM8901ApNNZX2ow9yI45FXChHB-JRrB3-Trmkd3RgZ79POqQ2ssRKxEtvZOHft0aa6jcAI3g8Etw9HT6s-DIEs_qGOk-uhXvJ0LaRoWNGngHkVeOkLpdk3uEUy1pZ2S_RK92SZaZFlkquAuvPLsyaYCieLy8-d4EIRCdhctafeTy4SUn2Iwea5kZbi7reXkP96rsJMr-2nss8L61kHFubHWyQFkyXRBkUmaGtHTIvYPb76uE89s3-Rr3OErRai3JlvKKJRU5b1USrE8gwamMMPeeqet4eEC1fNgzIKjftLIpd4_FmBStUqveSkcUrQUkzBTijMOuVP3Z3IQn5_FfDh9SM7dvIREcIT7Hdy1zaKYiuf1g3R8qDwdksZiMgiJmU7l0tS2x99ou6x5G-XgKKcBoY0wIlop9TwjvxqL-nklYzacseIq4THPTEkqed328tXQb2LZQ2Pz-3Fok3zL2h6C7TNXRL4hmGQFRI7SXn0gcLQRtIFmPKzWU83AmictuhOBptGSKYXXrZHeo9tUe_uQQrzr1zdaD1-1LUqBjLTBBkbgxwxf3v3cV0SmB1GleK7bieHALhRgP0ZXYFhJQRKrry5vOIn69n9FVulLFO_cIcgxCrivvwajLiKe4gpir7Z_eiZmRh2Zf5f393MeMKwveUA1WB6cEk9_mh2fUEySnxJW0kNks_uBtH5UBmyx1AjdnHkwAinhawft16JQyHykE9EF0Lo6Vm1FccpxZypggWkqHLK4TREN7LzdefFNHdvzuz8K8cM0C2jYNUmebTSHxM1DNZVZrT_wJiEAUB-brChBOKbbLJvtiHWYeVT_c4TKA4l3a4X3lXewPm7uGjoOAUk7S5HgkiPcfsQ4wZosjKW99wI0CVk47NeLkJXJ2QgvzA1yGYwCgyYnUkn6Bax39HnJuvPmOh6DESsrka9Tb7TiI3VfRXftUgi8Md_PlZUF6G5LNw4drPCKs_ebn41GALYHSfD5Im3C4XzHVVQBxFJIf8j1BnbQcKY0BtxPx4ZhjiJcklbc-9TdjM4YUf0udCau0d22xuzjpaktWmQsiYdQQ2daCAx-Ax33pXLZCRHg3-ZlqJVEW-BMW3sJxxt30nR_cI-s9AEsPtDB6f3UiU7JQL1HbI6Ji2lCoCqcG_CJMZSVjwlEyxevf15peIukaIcTlXfAtftznYP5lo6grc2wDrntsBbU7XHLVIBUUtPPTlLYX7JDmX_HKzL5zNeAnNaljgddjNkvew8aH9T-klaKqJlqiRRy7YDe9xiyNwm16l_my_YVAtRaweuTxgWopp0Bsyf_gxkqawx-RZ5-s_Qtw2fKvcMOGyc-eTgs2ZPuRWAoY42fAds7ey2L5UXu-O0brwI_RKZs5wNgKNAjcce7J70eacZUIngSuhrdnJD-7gbYU0Cjz7SImKioOfGXBxNhVz6i1ZrIqlFouEijDY_9Sn2BIMK1GwflHuragjj6Zev4fJ891bAoeyWt_eKQMk9BpzfS1vAFled7vKCjUR5WF0ETlwG38oskh3fz9AREdMt0sDqfq1SGrP8BK7_fqpHZv_l_9YYg8Xf9tuXuv5GfU-ZuvdryeozWF6NWNO3iIfzmCx4n-EB9GtoZ856oz-u3etfA-E3FqJSPKMGRsUXKy9sD9IrsT0t1ZIjWSfSv-aVj46taJGhf7joWX-s9yPp9gEai1x7ksLmL0eLpBMBXKmlzJ_cyWUazZCNJDT483rk7UhFH0SM9aZEiH_GSB_iIwmPMgXbvBj2c8mQd0AFvz3JCONGuHCcwJbRFPBobWwEOTqXcqfdOocMZU7umeHyEBrmCb7pLVMm_ZErNFteY_gkv0d4sPjgMDM05cOmosIsRorDAdV3wQxlrlusKTyUi4mVXfasnSoUJ7nEWIDxE9BjHDAV5uGr9hbpOjIBbKpvxHfvG03d8PWNFZIhCxba8Po2lKFi1RMwzsc_4bh1m3U88qVPh2ekbz88j5B4mEH8Xj4UKCLSJId5c3GaS17qZP5jMMRMo0bOrQfDRy0CXNvVJXyL_FNj9rnEJbYSWlxNgSJ6GwoHRhZZtRtHf3KcTMch3E_7hPuwDcLKMu9T0DQzPyQAAE9lldTN5TUd-FYPgPLP5D209E2iQYxHYr-rRRuSL3QylDZxOukNv6uvNRAnUb1O2k9p6vcsKQXYsGcpqF4jQNjQ48E0ED7DVxxljF8gKX08dfY0A4VBesVvYgeSG0KTs_90_jIFAbKfHuni6OHFmCtWAVlzQwClZnDZXC3DEWIZ_XGzdpjxK2SzCTHh9VtXWngBDDUKoYgmiCi5lAet7uWYvMB7vZAZ2CFjYWvFM_VlgyuR41XSLj9EDMIPEmIEFpmb1SRKN7lvsNhcZ8FkLYlJ5TYrtqc_d0IAdcCQwxJBR4oFBQkI4rtzvivNzs-bBT5dFwWs-JWdEveeBB9nsLlCThF7Rduk3E26TuUMEnhRWy6-Pr_jpFewWvrncD1S6GR1Q-zXt_Jlv6vLEZuC_-_OyfAbjdGqPzkMk8JlG68iNCDSsez3clPGzdIds-GqT_-gPFr9VA8ERxypigUvzQeF2JEZF6Uui8oc9IQxEl9pzw9waUGk1ItBivXV4_mFd7GZf8nc3w5EA-3iibWs2tSP7JKJwnAsO1vRM_Bl-D_rkDvzYn3cWLZvVZjEEAM0HZok7eMOy0P6yYSXHCxj00n4HyJYjMIU-ZGSPwM32R38eXzJWg4bZetzZ3drUZsJLguv2_yuPLjJFBVJAcE6Mp3zt9p9bgKHFFx5XtwlUWhfk_TpZjBTwv9s8O6jRpx5sUvsis-FQQjaMqx787zPLK_pLxGnesxrJZUuq7h6tnkWtb5JzkLw7zWXy-DZe1Ywu3-_I8f1xlKWxdo9qwG2LCyByr9WblEr7PAONPtZCf2LANLqSCOOO0B7hDTfYdqO93-yWSGIyLkp404SazF0uS-WMk5IxWb6q57WnVLNDgpfwBXvSNZcZNz-5-E6_SWjxZmES4ZArHyfmc11Mzn6ko3h4dndw5fsqoIFMO4Q2X03qr46n1cDkmyu2cvPyi0-9-Qs11XVXUW-SXhMrZNxJDlZNyxyf99NhqA3bOb4H8avmjW-SUnBNjlQesfVdrLzj2PKULppHiQM6n-LgPUp-1kHlXY4FWIwXkvssrM85VXdTYG5hifedqFexyaG5-oIMHQVOO4JbH0XJsxpnOFk5MX4sHSod5P9raKv6wxPI641sixXAAucUMBChKNRwaAIpcqkgKPEvfvYSRHOKxGNE0PpzQOeTSdXkaxPkMPhPHE4P8R_dekYfJUtcs1gsm798NMPU7T1oBUglHQYqEaLOcmOWeM5PMmaR2kKX6-8UVKsofpxpOjXW1vzLLHfP__nAZZVWquTnF2JOPbGE5jfTvE2rRrhsogH9-phOrlm3DKXiA6CPWVwu2pebz3ilGOE5CdRLGl2qBXanvQpDtGtcQ7yMK1wxq-Iv4r1PTHmYEy552W&cid=CAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2F10bye.com%2F&ds=l&xdt=1&iif=1&cor=9000650388065227000&adk=1761367584&idt=54&cac=0&dtd=9
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25d0eaeb97ca5e4b0097d05fea46007a360c10c0c282d25db855fb119e72b8c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13548
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame FC73 		624 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWUfrxNecmKoVqfyRmEmLlbXVcAkC10fVQJWKMo9HKWb7DHUAuDNR0_aZ9vhP4Oxey48bZ1z9E2sszFP49vps9pnF0pL1e6RoIWeZcMYepdH0nP326B3cmMzqgzq8oFsV9ItxGAIustNpxrKFVfFrCFjet91RnBIHyrqLhVr-W-mDYv5xc
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
222
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 20:39:30 GMT
expires
Tue, 13 Feb 2024 20:39:30 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
dv3.js
pagead2.googlesyndication.com/pagead/js/ Frame B413 		93 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/dv3.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:30 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33320
x-xss-protection
0
server
cafe
etag
12501049806231860069
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 20:39:30 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame B413 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 13:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
25805
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 13:29:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame B413 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 20:53:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
85535
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 20:53:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame B413 		203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
605
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 21:29:25 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B413 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A-vxFbBWhjHQsr6NnSbD1YVaoQh2xphLR47ccLOQZ-BMW86Xn-WprKQKKibcX0Q68E97t9lQCwqoDAUzHror0tEzPlOTmfA1OXeJGh29rj5ePUFZ4
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:30 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame A71C 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AP9OkiE6LhdZhZrhGSXggTGU6KxmY7bWf7qWMeLoKZ9Yq32phr-Fx_MjtC_rylHTSTiv8Pv7goUp7Oy-HN6BrmFQgJHeYMMRB9u_4rCwuN_6Vl99A7amFmylEv95s5Y6G9SIluXnjVVm2r4cCXywVubpDGKvKfNQBkp9dxJGXO5gjYh_k&cry=1&dbm_d=AKAmf-DkUM_IFKMh0fS9bBhm5PWzn4eUHE6izn4k5i17bWhbAFg_5TZ470tlgp4cWqc7qovNHnv68RdhxPFs4noUyPbdZTHxfC_t8sUYm5r3uwIiLw-K6kaaZIPBNvNQRgiOzE2cVJ4nN9dIVkwZPVvcGGCqmpLpqP1O8zyMVQkLLbzhQsUiBv_ZO2f-ncLSEAoaDZebPJOIQ0SQaq1-23d1DhlEI_RZ1jT1qQbo3AAC3xDDMiCzYa55Ze03ilyVtvNZIh9j9VX7e_pym-Oie3wrCKP1Y8V5kdVarncIv1NqjBPapHKsmDwfjiPXjyYt37wJcMBZNpprxbU4b6_5aVIqJWl6pk24F9jHkSqXtdKTz0HpqfR7sG05y1RBYar-5yLF_gsc6qzmqhHzqVF8B5vMZV5WZSeFHz19d_3yM8901ApNNZX2ow9yI45FXChHB-JRrB3-Trmkd3RgZ79POqQ2ssRKxEtvZOHft0aa6jcAI3g8Etw9HT6s-DIEs_qGOk-uhXvJ0LaRoWNGngHkVeOkLpdk3uEUy1pZ2S_RK92SZaZFlkquAuvPLsyaYCieLy8-d4EIRCdhctafeTy4SUn2Iwea5kZbi7reXkP96rsJMr-2nss8L61kHFubHWyQFkyXRBkUmaGtHTIvYPb76uE89s3-Rr3OErRai3JlvKKJRU5b1USrE8gwamMMPeeqet4eEC1fNgzIKjftLIpd4_FmBStUqveSkcUrQUkzBTijMOuVP3Z3IQn5_FfDh9SM7dvIREcIT7Hdy1zaKYiuf1g3R8qDwdksZiMgiJmU7l0tS2x99ou6x5G-XgKKcBoY0wIlop9TwjvxqL-nklYzacseIq4THPTEkqed328tXQb2LZQ2Pz-3Fok3zL2h6C7TNXRL4hmGQFRI7SXn0gcLQRtIFmPKzWU83AmictuhOBptGSKYXXrZHeo9tUe_uQQrzr1zdaD1-1LUqBjLTBBkbgxwxf3v3cV0SmB1GleK7bieHALhRgP0ZXYFhJQRKrry5vOIn69n9FVulLFO_cIcgxCrivvwajLiKe4gpir7Z_eiZmRh2Zf5f393MeMKwveUA1WB6cEk9_mh2fUEySnxJW0kNks_uBtH5UBmyx1AjdnHkwAinhawft16JQyHykE9EF0Lo6Vm1FccpxZypggWkqHLK4TREN7LzdefFNHdvzuz8K8cM0C2jYNUmebTSHxM1DNZVZrT_wJiEAUB-brChBOKbbLJvtiHWYeVT_c4TKA4l3a4X3lXewPm7uGjoOAUk7S5HgkiPcfsQ4wZosjKW99wI0CVk47NeLkJXJ2QgvzA1yGYwCgyYnUkn6Bax39HnJuvPmOh6DESsrka9Tb7TiI3VfRXftUgi8Md_PlZUF6G5LNw4drPCKs_ebn41GALYHSfD5Im3C4XzHVVQBxFJIf8j1BnbQcKY0BtxPx4ZhjiJcklbc-9TdjM4YUf0udCau0d22xuzjpaktWmQsiYdQQ2daCAx-Ax33pXLZCRHg3-ZlqJVEW-BMW3sJxxt30nR_cI-s9AEsPtDB6f3UiU7JQL1HbI6Ji2lCoCqcG_CJMZSVjwlEyxevf15peIukaIcTlXfAtftznYP5lo6grc2wDrntsBbU7XHLVIBUUtPPTlLYX7JDmX_HKzL5zNeAnNaljgddjNkvew8aH9T-klaKqJlqiRRy7YDe9xiyNwm16l_my_YVAtRaweuTxgWopp0Bsyf_gxkqawx-RZ5-s_Qtw2fKvcMOGyc-eTgs2ZPuRWAoY42fAds7ey2L5UXu-O0brwI_RKZs5wNgKNAjcce7J70eacZUIngSuhrdnJD-7gbYU0Cjz7SImKioOfGXBxNhVz6i1ZrIqlFouEijDY_9Sn2BIMK1GwflHuragjj6Zev4fJ891bAoeyWt_eKQMk9BpzfS1vAFled7vKCjUR5WF0ETlwG38oskh3fz9AREdMt0sDqfq1SGrP8BK7_fqpHZv_l_9YYg8Xf9tuXuv5GfU-ZuvdryeozWF6NWNO3iIfzmCx4n-EB9GtoZ856oz-u3etfA-E3FqJSPKMGRsUXKy9sD9IrsT0t1ZIjWSfSv-aVj46taJGhf7joWX-s9yPp9gEai1x7ksLmL0eLpBMBXKmlzJ_cyWUazZCNJDT483rk7UhFH0SM9aZEiH_GSB_iIwmPMgXbvBj2c8mQd0AFvz3JCONGuHCcwJbRFPBobWwEOTqXcqfdOocMZU7umeHyEBrmCb7pLVMm_ZErNFteY_gkv0d4sPjgMDM05cOmosIsRorDAdV3wQxlrlusKTyUi4mVXfasnSoUJ7nEWIDxE9BjHDAV5uGr9hbpOjIBbKpvxHfvG03d8PWNFZIhCxba8Po2lKFi1RMwzsc_4bh1m3U88qVPh2ekbz88j5B4mEH8Xj4UKCLSJId5c3GaS17qZP5jMMRMo0bOrQfDRy0CXNvVJXyL_FNj9rnEJbYSWlxNgSJ6GwoHRhZZtRtHf3KcTMch3E_7hPuwDcLKMu9T0DQzPyQAAE9lldTN5TUd-FYPgPLP5D209E2iQYxHYr-rRRuSL3QylDZxOukNv6uvNRAnUb1O2k9p6vcsKQXYsGcpqF4jQNjQ48E0ED7DVxxljF8gKX08dfY0A4VBesVvYgeSG0KTs_90_jIFAbKfHuni6OHFmCtWAVlzQwClZnDZXC3DEWIZ_XGzdpjxK2SzCTHh9VtXWngBDDUKoYgmiCi5lAet7uWYvMB7vZAZ2CFjYWvFM_VlgyuR41XSLj9EDMIPEmIEFpmb1SRKN7lvsNhcZ8FkLYlJ5TYrtqc_d0IAdcCQwxJBR4oFBQkI4rtzvivNzs-bBT5dFwWs-JWdEveeBB9nsLlCThF7Rduk3E26TuUMEnhRWy6-Pr_jpFewWvrncD1S6GR1Q-zXt_Jlv6vLEZuC_-_OyfAbjdGqPzkMk8JlG68iNCDSsez3clPGzdIds-GqT_-gPFr9VA8ERxypigUvzQeF2JEZF6Uui8oc9IQxEl9pzw9waUGk1ItBivXV4_mFd7GZf8nc3w5EA-3iibWs2tSP7JKJwnAsO1vRM_Bl-D_rkDvzYn3cWLZvVZjEEAM0HZok7eMOy0P6yYSXHCxj00n4HyJYjMIU-ZGSPwM32R38eXzJWg4bZetzZ3drUZsJLguv2_yuPLjJFBVJAcE6Mp3zt9p9bgKHFFx5XtwlUWhfk_TpZjBTwv9s8O6jRpx5sUvsis-FQQjaMqx787zPLK_pLxGnesxrJZUuq7h6tnkWtb5JzkLw7zWXy-DZe1Ywu3-_I8f1xlKWxdo9qwG2LCyByr9WblEr7PAONPtZCf2LANLqSCOOO0B7hDTfYdqO93-yWSGIyLkp404SazF0uS-WMk5IxWb6q57WnVLNDgpfwBXvSNZcZNz-5-E6_SWjxZmES4ZArHyfmc11Mzn6ko3h4dndw5fsqoIFMO4Q2X03qr46n1cDkmyu2cvPyi0-9-Qs11XVXUW-SXhMrZNxJDlZNyxyf99NhqA3bOb4H8avmjW-SUnBNjlQesfVdrLzj2PKULppHiQM6n-LgPUp-1kHlXY4FWIwXkvssrM85VXdTYG5hifedqFexyaG5-oIMHQVOO4JbH0XJsxpnOFk5MX4sHSod5P9raKv6wxPI641sixXAAucUMBChKNRwaAIpcqkgKPEvfvYSRHOKxGNE0PpzQOeTSdXkaxPkMPhPHE4P8R_dekYfJUtcs1gsm798NMPU7T1oBUglHQYqEaLOcmOWeM5PMmaR2kKX6-8UVKsofpxpOjXW1vzLLHfP__nAZZVWquTnF2JOPbGE5jfTvE2rRrhsogH9-phOrlm3DKXiA6CPWVwu2pebz3ilGOE5CdRLGl2qBXanvQpDtGtcQ7yMK1wxq-Iv4r1PTHmYEy552W&cid=CAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2F10bye.com%2F&ds=l&xdt=1&iif=1&cor=9000650388065227000&adk=1761367584&idt=54&cac=0&dtd=9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
41506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:07:44 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzg1Njc3MDkwMTk1MwogIHNlcnZlcl9pcDogMTM0MDU1ODI2CiAgcHJvY2Vzc19pZDogMjAzMDM0NjIzMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame A71C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzg1Njc3MDkwMTk1MwogIHNlcnZlcl9pcDogMTM0MDU1ODI2CiAgcHJvY2Vzc19pZDogMjAzMDM0NjIzMAp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAzOTk3MTY2NzAyMzczNTUwNzM1CmRlYnVnX2tleTogODM3MDQxNzI3MjM4NTUwOTY3OQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QUk9EVUNUX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9JTlRFUkFDVElPTl9EQVRFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIjIwMjQtMDItMTMiCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0ZMT09ETElHSFRfQ09ORklHX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxMTg2ODk0MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9DT1JFX1BMQVRGT1JNX1NFUlZJQ0UKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBVEZPUk1fVFlQRQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMAogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9RVUVSWV9DT1VOVFJZCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIHN0cmluZ192YWx1ZTogIlVTIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9QTEFDRU1FTlRfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMzMjE3NTQzNwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQURWRVJUSVNFUl9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogODc4MjQzNjk2CiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19MSU5FX0lURU1fSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDE2NjYwMTQyMDYzCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0RWM19DUkVBVElWRV9JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogNDE2MjE2Nzg3CiAgfQp9CmFyY2hldHlwZV9pZDogMTIKYXJjaGV0eXBlX2lkOiAxMwphcmNoZXR5cGVfaWQ6IDE0CmFyY2hldHlwZV9pZDogMTUKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL3JlZGludGVsbGlnZW5jZS5uZXQiCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4xLmNvbSIKYWR2ZXJ0aXNlcl9jb252ZXJzaW9uX2RvbWFpbnM6ICJodHRwczovL2RlYnVnY29udmVyc2lvbmRvbWFpbjIuY29tIgppbXByZXNzaW9uX2V2ZW50X3JlcG9ydGluZ193aW5kb3dfZGF5czogNApicm93c2VyX2F0dHJpYnV0aW9uX2FwaV9yZXF1ZXN0X3Byb2Nlc3NpbmdfYml0czogNzM4MTk3NTA0CjIxOiAxMjI3MTU4MzcK
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame A71C 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1707856770364053&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f18d76388d9d96001296b013677527432631b3d042ce6aded5f81b27c3f45ed1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:30 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4153
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame D909 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41331
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 09:10:39 GMT
expires
Wed, 12 Feb 2025 09:10:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240208&jk=4463060399122235&bg=!WFulWxTNAAaxkZ3akZE7ADQBe5WfOETc9GjNS_vIv-mt21cWaX_b36MmcNZ1_FIQwX_ptELXje8x5jeaCcJV0ij7Z_LuAgAAADBSAAAAAmgBBwoAVHZaJaizGbKz9r3rw_pPsPRyr4oAHsLqsQT7l9PnPq-os4smUvQmNtHgJg8jnCnH8UW04OlDA1iOlnyZPjym4fHoJ6SkxPHl7-wPLG6jcl-UefoNxpkCtEYalYSSeTfI0QS-0CYPoKuheDHc6Ovh9ioLZqsSh0t5V6_4BPmUBhkCpDlRYf9XzFwbEwKgktDA0fce82RyVr6XZ76NcXqYCXz1bbjP9PokAWYJaJO0kYVvRSfC-VwyOHT-5cU_zS7Apuw02cLRRy0_kagfBYfsZfOvgDGHldodP8ynlKEDjlZ4kPbNV9XH8_yJ9l0TOap1U-wXFWQJcyl40ASDXB0k4KFdmP3cxc5p7hZcM_UrdjM3pQ7uquu8pr1sgNN_4YwxQXbOWggyWEJKdJjyrO-PyTbA2Np8dst1v6FhJYFbzeBmH1gtiXypCu3VROvBw8c0xXpbp5ciEhK74hjg5dKDCtM3MrjMG6YNfx5brET1vaw7KBHQz6bIGXikkzFnQEdoRjR-oT-XbAEj0j4lp1E5IyNWREOay58d9W4xsm2gME6zTJsTSjglzilBI65lrp5ae7fGP7sejaCJvvBYRVy98LjgxvO_kba-4DW1rKDJwjzoBLptH8tCjegjm6xX21gsLutTex5870U9YL4oyvwPcILBgqBTKsWpBu2CWagKBpTNg8VyK5jy9nAXfMuX0Wj77Uw8EdEdUvF4v5DRyYAdxXRU8zHDSb5mJakx9y0gdxNKB4J8avKmd_aRNyLa131X3rp2C2zOZdycs8R_Qh6eOQbqznQA-1_iHZTv858Tn-oOOLXps9OB8LMd0toLhP3x35zjaIo8e3f654qibZQFFttMUDCnH9nWeC-99Q680m3hf3v5_xJWZL_QrVe6fZFoSHm2Z39PqUAWHywb1zvb9NjJ-RplIurRinIqrmpRKUzU7mELqqT6VNfZuN5Npk5uMMXGAaG94Md2stRoJDSkjmaPaG2yBU0QgZBp2WM_Bb0rnSW3HkI5IbKgqKHLKeXlXzmuep9iWjSfOywO
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame FC73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
43 B
339 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWUfrxNecmKoVqfyRmEmLlbXVcAkC10fVQJWKMo9HKWb7DHUAuDNR0_aZ9vhP4Oxey48bZ1z9E2sszFP49vps9pnF0pL1e6RoIWeZcMYepdH0nP326B3cmMzqgzq8oFsV9ItxGAIustNpxrKFVfFrCFjet91RnBIHyrqLhVr-W-mDYv5xc
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u6nhDS0xw3qcwkk%2Fwhw0nYnsZZp2ThwcZ7j6YEXp9Mmnq6r4tyIwYBdEh6G3ReCeUO%2Fg8EnYGtOCf2PBmIB2aIiR9PJ30Yt7wZGl%2Faa6birKhuHsTmq0UU%2BJVOf0SrCObCd9GZcmlJJ%2BEQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
854fe1932e721bdb-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FC73
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZcvTg1VbLUIAAEPuAH7yvgAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
43 B
770 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWUfrxNecmKoVqfyRmEmLlbXVcAkC10fVQJWKMo9HKWb7DHUAuDNR0_aZ9vhP4Oxey48bZ1z9E2sszFP49vps9pnF0pL1e6RoIWeZcMYepdH0nP326B3cmMzqgzq8oFsV9ItxGAIustNpxrKFVfFrCFjet91RnBIHyrqLhVr-W-mDYv5xc
Protocol
H3
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fpg9rFWQXBWrnYfetClCVTjdb2ZAp9biRwA0qQuf%2BBD88My7QQcS98Dt%2F1MueZ6JASNtyLQ6KpfBIO0FAamzJMaY%2FyN5UvY83H7F0kpkbx8elQzNpx6HVse%2FlRm3Cd04yn2vnjgbJQx%2Bzw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
854fe193899f997b-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEO7D59ty7NBdrccKPMv9pmQ&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame FC73
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESECzz6dZ3j8JdZtnm31ju51Q&google_cver=1
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESECzz6dZ3j8JdZtnm31ju51Q&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWUfrxNecmKoVqfyRmEmLlbXVcAkC10fVQJWKMo9HKWb7DHUAuDNR0_aZ9vhP4Oxey48bZ1z9E2sszFP49vps9pnF0pL1e6RoIWeZcMYepdH0nP326B3cmMzqgzq8oFsV9ItxGAIustNpxrKFVfFrCFjet91RnBIHyrqLhVr-W-mDYv5xc
Protocol
H2
Server
37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
an-x-request-uuid
4fe16f6b-99f7-4ab8-a995-2f9d83f218ad
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
81.95.5.44; 81.95.5.44; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ib.adnxs.com/setuid?entity=101&code=CAESECzz6dZ3j8JdZtnm31ju51Q&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame FC73
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyNDEyNzA2OTY0MTMwNjY3Mg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyNDEyNzA2OTY0MTMwNjY3Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CN-KGhDw3uOiAxjT7bvGATAB&v=APEucNWUfrxNecmKoVqfyRmEmLlbXVcAkC10fVQJWKMo9HKWb7DHUAuDNR0_aZ9vhP4Oxey48bZ1z9E2sszFP49vps9pnF0pL1e6RoIWeZcMYepdH0nP326B3cmMzqgzq8oFsV9ItxGAIustNpxrKFVfFrCFjet91RnBIHyrqLhVr-W-mDYv5xc
Protocol
H2
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
an-x-request-uuid
58002438-292f-44a7-9d84-e511c5ff9305
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzUyNDEyNzA2OTY0MTMwNjY3Mg%3D%3D
x-proxy-origin
81.95.5.44; 81.95.5.44; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame D909 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 13:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
25805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 13:29:26 GMT
request.php
hal900018.redintelligence.net/ Frame A71C
Redirect Chain
  • https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
  • https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&cl...
3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
HTTP/1.1
Server
144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
6f820af849043d7fa250c1e734dad60b6ece3154831b5478f229a3fadab78c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
64496600193150504444556012599018
Connection
close
Content-Length
1127
Expires
Tue, 13 Feb 2024 20:39:31 +0100

Redirect headers

Pragma
no-cache
Date
Tue, 13 Feb 2024 20:39:31 GMT
Server
Apache
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Location
request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0&uidRedirect=1
Content-Type
text/html; charset=UTF-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Length
0
Expires
Tue, 13 Feb 2024 20:39:31 +0100
gen_204
pagead2.googlesyndication.com/pagead/ Frame B413 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=running&ord=1079169128080&version=m202401290101
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame B413 		0
20 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=dv3-render&msg=tlbr&ord=1079169128080&version=m202401290101&ct=77&x=1&cor=5232330982980540000
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame B413 		20 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUoS1BQnt9mFYppnwFVh2l-aN1597A70S_WuPHLXQLO1OXrxXJ7j2JE7wboCnTqSGaHH5C6jhcrfE6pn3OxOG7l9NFtT_epX1r3sKqOqkQisjkkMQyi_XME1hfWB6vIq-uhLspP7kDntYoXtLvBOwvFbdoMlLoqmW_qK2tysIVQ0WEa_Y&cry=1&dbm_d=AKAmf-DA6h1qHblrLe0cWbATlST1XTu-GjJ93vPd5ty5MKT5QZxJN5xAQGhjWdyrIIAIp4Xiili1mqsCMthlvuRSXc3C7sD2qCE-6YZr4T8HQR2sJUfRNlhq9WuC9YCv4VquVRECqk7AJddQLIorJ-xQ0BnwXuYm-rfuO9gIJVNksMX-lJcBAfeMvsXjpP9c62Uf5F4cgqdRz-NVWRsjavGITZf0tiZejufOm6oPVjPP20hIxbM0UzNOBkcOd0_P0vWen6q7-RxZ03Az5lP8VESZtwQmb6gN2mRG9NfjN6naWuzj1FBUvFAIbuyTrtEd_yeSPhHCtTG1S6t9_Z19XccbKigQhwJCNqtCDjTvDp2a__Fsu8L5POYL-9jkXiOw0oqmDQWFcOt70ECEUNzXy4-2Q6uoJr-6J74K4JYLXqidtjU3LIn8G4QF8WMxu_65sk3TfvNGKYnI7RrJS-Zc7rVHlct2dwookVzHcedAyl0bpwyvi93Xawuk_IpXvkCjOfgtdnUsLh6fpG6NtzLsJCnDpv2gaMxGxsUEM42b_bfTcPeuitM_wonrEwKP50fZTtt910Ae1gbqdNg9HuWtsa8b-LNGL3qHjvjIgsOfBsC1SL0RHB2Ow9Ua8UuCmq0eCKJxc73SZeXDCN_-iwUjX4NPTnTkZxYE8x_e_zKDIQsR9149-X8TxVKWcymqrOOzD8DLPH-L2YowLPP-jQELldLxWd2HaLpTeOeRwxF4g1hh_w80FVubd-Fn0eotA76bGb3j0A4ALT0Pabt64Bf9fp2wmv-nU9_NYGPDCfpdTwYKGUGU8S4Nwvh9QduGtKssnlVyAjs1U7d2Z_Dd42j-AwGgPaJAt2EULO3xOPkjvgWWgy1aEw3RhTWZ67CXn_YvT-9NI5j-Bxm73o11sdU6j0WSeU-yiugxXRXJunzEiBMfJ7o75PZ4_F5TaqIC1x8hLtJW3t943c6jvEJXbvjk36o87j4Ly1ISpfllAPKFqVnsGg36MKQv3WnynaLotZiEqDkqqXD4n5TEjD4GE3ABc2O0ahea9pFV0DnbF-XpYULQN_C6fvonPH-r7FIlVDJzws5_fvDsY6hoon9BvFEaF5vfC8g1hdMPPyt-Y6DIoT0eCKxwjnJvkoPuyrkufuzyWJLRX-ZMTGcoeQW-wT1tCVdzCXQjIw_gq5WKsirRHoUrddqfkK6ui26FMluecRmEB7qKgZL4hcXMQeq63m69gh5PY0ffxA7TH68qap83aIFl04VLlsYtsDzrgUCGyn2fcmyvxb09lT71IsM7zEW4l7EjRhuTFKy_rzgNqcR8e1woVqnFS-R6iILHt2bO63TwQh9RpkF3FhLrrE63nCzLFe3fktaLD8H1lzlXpo0qEu4lv9U3e6eBWL0qHbyG4Iuepdn-p7ChTVhpJmyUHE-XsFJy8lPaYkn1FJYv-4amIHnbJvnhxmboiUxiYaJh_h-TKBVjmVsTGfGycnL3gocGO6HXPoR2SBFGCuYJ-llPcUepAfQ_LrWTeDnZv31Rs_KrzqWg5U-Tswucn1a6ppyO5emczCfEEkcI54PG-dC_x9psVIzt6qWAktVDpvmK7SFfUtyDHEhoH-EJqSNxaeYKfdttIv5DdnECsOLpP7R-o2iDrbthN8cudSrKwnYG-irGo5TYXr4IPV2pKDsK7M-7dWI2w3eQKAa2ZTkxXo9AatpwxeNUwa2f3Z2VcWQ3ZUugjIKIJpM8SNqpoodUC90OxHtOmRCnun-Hl0__nSs3znA5pyciKioKhQ9t_F8J4Z2FidEHtRQf5e9kpyxinR12jaTzIa8_Mg7gcVPrDVlC4H0TqWshThM3nvZt3FRRmDasXXoeXOKwa9Bi2_FWdjrViIFfgJMKwWB8vM-pnbgepoSGIv62ryHNY6RmFXhag7ueOyEEbj3TtACOlietC25Yp7Y1WwmGS9GAsQEDUfNrJs6o9COHGX20kc7vPgsjqkSQqyp4ylRUjDyxk0nZJEhQGFOnK40i7pqoKveprQvyJg3ggvPk56AZ9S4C9QsN-6YejE9qaT8TaiZIF8hhRDRvzFdKH0GNnaCNahBZcva-gN0nTCp6z-VuxbZswZcoMyiDciW7N3UV6ixtvUPdO2nGB-lJXCcjrImPrP3A9VwEvFXbPSIc6sB_1bl2ykF-90Ukrxk1s2MX8l5RRPrZ8Kzkn15eOTrcruZRDe_J-9B9IdxhR5MEGEdHzbrCRtksAF0cyfq7JCbXptOZRhLknigOzUayrd6VVNQP8UMfr_Y_KtF3U8pIbjtZRM734OaCnFNpmwAHyerlHg4Q-A0FyjrMHifuVyLGEmabTKSYJlfFcQ3x5181STH-mkah1XqjeRdtDW_8HzZ3g9Kbf5zbesyPhb_yWEXakRQ2SY-9DvTIV0DsaLAtw98QC77eSEkGi25r7__LUf5bEaNgzgqAmI2mL3tevNg_BNxds6W8lO0H9wKCSoePAOGiZIwVrQUErGP2wPaq7bDsIu-tIMkA0oYqLyiDRGaGgxAB5E7aRvA_eYEgYR3x7lVcNmP-bMt8cvJBzRBdw8QizXX4HzvKtG8Njl8waTAYbkMzs0hvXAwgB3EJfHJz6SG6p6Zm2E07wBgwT2DS_d0NEV2nPG-U1H-ggCO-pSrluuhMauaH5CcRUpZR-eH34Fr_fSoiLF8S_UipAG1BdIQ5eAqCyAmiaI0ADzJyTzFzeTW8nx99whxDYGGIpecP3-migeDgk2p6UrhQPbzSPP_gdx39_XLcmk3qAHOeOfSqGY0C78VD06bmGC9ZGhq1EqMRz5oANhoIAOvkZcZEv2RCEgMJ1ePd8dbE5MraQWMp2C5Ih5IfjnFlhs8uaEKYyWZQm2whU5_dBjqK5-_DPpnBej-KCEekUHy-qqkQ1_NDD7JEfjKIYo218vDa1N4jjba_0_OWyFeeBZU9YVeWamlLMcfxJHtvf0JualUENC1fCOYQdQ-I6DhX1gPd7uP6E-oQGbUch37sfXQAY6kZDqKdueAQZomtrJRFBSxIj7jNvZ7cBPrLHzAsGcYbstTjiOEhVu8gBNmCmrOmt_8JShbyDkLHskczPEuhtAzXDtD3xCsEmINw58IPf2OqGroltAG52OoVp-k2e478Qu9940p_w7DqeOUDKh7frYjFXxXXaLijRjjvKo_e4bcO1Ef-Uu9b_aI0cxdyBatNy85N8X6OzsAuS8faN82JtdsVK00zfWwWqzyXiZEey6Jm1PvptBXZP4vQWDJo3_pUnD4DppBSH_1Q7sWDjL1iicEn13N97MftrZZo8D6Cz1Sgj_xSAZTkqKfAVzWc4OFugEOfr9Oiu5htCEfZtqrPDac8gCqXdST0Q7MzcjJUoDFY5lNh1GEIXRilgZtc-zdIS946I1-Q41HOBaPd-Et4zfyodAsMwZ5ilaiW3_NNtRXytU8qY2tzKNwoKonS8tSO_TeQdqvFUhzCoJUVrS4WZTkwlf_IQTI-pqoGJfNQCIhX_5JCxOmX2jdjCTOWYr9ZZSIxmpn8HnJ25C3COmY2IleKtkhSXNBwUbZufYJWjCMND5Oxjkx1qrIzjjQoEmjBwMZeCKVk5-Q0ZYKDh8v4sFbYydCgDRMORaD6cvFD86wWrLOf4KuLnWwnKv3QhBAAb3bEp7yBxil0UxfA_aQ1Y-ISXY72XtRSeGb5IVn-qw-DQelm3Y7_IYqPFVT1qQ9JimFtrIpLYGgi4fqSxwXoiBdgoGyQuCYbRig0dkdqIJ3s3SXusDYvQVlmfD_vkwaZs9UlQyqtyPtMoPsdXb3Se2DMa3eGHgfmUbLHvlUd60u7vnRtTyk4H6OS9j5v5Yw37l0OIru1MngrOJZlz7KDNrQPrMv7ttCgKbMZn5ygbWDj9MNY9a4ebMB6yNr7N4eTwd6PjOGlYoMG&cid=CAQSTwAvHhf_f0exH0Ym2Grh46d8JKjseN2qygDp2kb-AkuX4ZfRkrRwtpjIxinS-14fag6vPM8zRZ7g0q7ZII0E4sR5LB_mqtPYv35dRjNkVNkYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2F10bye.com%2F&ds=l&xdt=1&iif=1&cor=5232330982980540000&adk=497053792&idt=61&cac=0&dtd=4
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/dv3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d1711b810f4539ba05dc7dea26dfc5f725e460ff775ebd85dc71fe60cda9e25
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13804
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame D909 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=Bl8OcgtPLZcGGN5KP9u8P9r-SyAcAAAAAOAHgBAI&bg=!mZqlmtXNAAaxkZ3akZE7ADQBe5WfOG93n5z-54Cu4iAHhX840dGUgBpfh7dParlr_nDVvluDpHgGuc-zMl_xvib4j6ecAgAAAC9SAAAAAmgBB5kC_yhAdQb7whOxw9W0WSFWy0D9ZRez7oQZfj3VUgmf3vzmQeZ8WII_METhRg0HGfej7v1uwEmqH-m3ByjUQPBIw6hvUJ8o-KX1dVH-IFDeEtZezu9gt2qaoFlUFQBaQaL-ewABQ11ABxyiSElrP7Jq_uGXgIsURv5wNPYudH5-SXADH1M1KECwFHUEwvezx8td3Y9T4MaBalMoaFIssX_H4UUAimEz_qS6gYfaab_hQWs-j6O5LjgdfU3Mmp_NHz040-FmPn3tZSPQsgK3Hce2NTfsQyoNtmaYxT_aui0p4Ug4Ywekkh_UPAqL-DyW_WleIuzQjsgvJgQlmVWKjkRxe2gXjBGP2P-jtzbP4UiqQSh8VYTA2dQkpL_hL6qSE5MI2itadgOh1Lvq7TIvvwverco4CRl56-llVaWgKrCdZHJYNVxlFV_8MiqBVKjrQc795-3c5JCRJaj2H-7lamciwOHFSnpMAFX62QJ4uhmTV6946rfR3YtSQLtTW4rei3FSzG5VKWA1c1WmtO_zr5GrA_edAUiq2C0JvbVlGVzHgr_WCzIuPFhtBktzYKmmrszmPnkDDejhoqokQ7TLfX7zVyEBFcGAyCUWxcNYfoztrPunrCw2bZscyGf7fJTDOYmeZuvBMPi89rackTYo1iDZYnLJ0TPGtTZ-5TVF7_wN2X8vDncZBw0Y4dExShUZyaFMC_hC1ot9Ii5IEhfEIRR0ZFr7xzcOEUEPF0ChUNJd2LvARAZ4CSVhBWfjR_fvQOtl1fGrSWZLPDY4QQ4XTJAPDxQUNnKQ9ZlD9X8v4ZunnGBGpztkMJOLZ62b5iz4osclyOh8ZbGrhTORsjmBb_QmjEIq15rNk1aZawnB0TGxzySdqVl6tPPy2vKIkF1fAmqkcsy0OhJefkexTVOlKShPtmYZW2z7nQhr9BAfhzG_OoOU-6n_Npwsf0pXkQhpQ3gzXrYRFFSYJ31xNRv6m3eiM6r4uJpwhLHCwDreIokCqoelM2OwY1zP8nhhti43VDC5
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Q12zgMmT.js
tpc.googlesyndication.com/sodar/ Frame B413 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DUoS1BQnt9mFYppnwFVh2l-aN1597A70S_WuPHLXQLO1OXrxXJ7j2JE7wboCnTqSGaHH5C6jhcrfE6pn3OxOG7l9NFtT_epX1r3sKqOqkQisjkkMQyi_XME1hfWB6vIq-uhLspP7kDntYoXtLvBOwvFbdoMlLoqmW_qK2tysIVQ0WEa_Y&cry=1&dbm_d=AKAmf-DA6h1qHblrLe0cWbATlST1XTu-GjJ93vPd5ty5MKT5QZxJN5xAQGhjWdyrIIAIp4Xiili1mqsCMthlvuRSXc3C7sD2qCE-6YZr4T8HQR2sJUfRNlhq9WuC9YCv4VquVRECqk7AJddQLIorJ-xQ0BnwXuYm-rfuO9gIJVNksMX-lJcBAfeMvsXjpP9c62Uf5F4cgqdRz-NVWRsjavGITZf0tiZejufOm6oPVjPP20hIxbM0UzNOBkcOd0_P0vWen6q7-RxZ03Az5lP8VESZtwQmb6gN2mRG9NfjN6naWuzj1FBUvFAIbuyTrtEd_yeSPhHCtTG1S6t9_Z19XccbKigQhwJCNqtCDjTvDp2a__Fsu8L5POYL-9jkXiOw0oqmDQWFcOt70ECEUNzXy4-2Q6uoJr-6J74K4JYLXqidtjU3LIn8G4QF8WMxu_65sk3TfvNGKYnI7RrJS-Zc7rVHlct2dwookVzHcedAyl0bpwyvi93Xawuk_IpXvkCjOfgtdnUsLh6fpG6NtzLsJCnDpv2gaMxGxsUEM42b_bfTcPeuitM_wonrEwKP50fZTtt910Ae1gbqdNg9HuWtsa8b-LNGL3qHjvjIgsOfBsC1SL0RHB2Ow9Ua8UuCmq0eCKJxc73SZeXDCN_-iwUjX4NPTnTkZxYE8x_e_zKDIQsR9149-X8TxVKWcymqrOOzD8DLPH-L2YowLPP-jQELldLxWd2HaLpTeOeRwxF4g1hh_w80FVubd-Fn0eotA76bGb3j0A4ALT0Pabt64Bf9fp2wmv-nU9_NYGPDCfpdTwYKGUGU8S4Nwvh9QduGtKssnlVyAjs1U7d2Z_Dd42j-AwGgPaJAt2EULO3xOPkjvgWWgy1aEw3RhTWZ67CXn_YvT-9NI5j-Bxm73o11sdU6j0WSeU-yiugxXRXJunzEiBMfJ7o75PZ4_F5TaqIC1x8hLtJW3t943c6jvEJXbvjk36o87j4Ly1ISpfllAPKFqVnsGg36MKQv3WnynaLotZiEqDkqqXD4n5TEjD4GE3ABc2O0ahea9pFV0DnbF-XpYULQN_C6fvonPH-r7FIlVDJzws5_fvDsY6hoon9BvFEaF5vfC8g1hdMPPyt-Y6DIoT0eCKxwjnJvkoPuyrkufuzyWJLRX-ZMTGcoeQW-wT1tCVdzCXQjIw_gq5WKsirRHoUrddqfkK6ui26FMluecRmEB7qKgZL4hcXMQeq63m69gh5PY0ffxA7TH68qap83aIFl04VLlsYtsDzrgUCGyn2fcmyvxb09lT71IsM7zEW4l7EjRhuTFKy_rzgNqcR8e1woVqnFS-R6iILHt2bO63TwQh9RpkF3FhLrrE63nCzLFe3fktaLD8H1lzlXpo0qEu4lv9U3e6eBWL0qHbyG4Iuepdn-p7ChTVhpJmyUHE-XsFJy8lPaYkn1FJYv-4amIHnbJvnhxmboiUxiYaJh_h-TKBVjmVsTGfGycnL3gocGO6HXPoR2SBFGCuYJ-llPcUepAfQ_LrWTeDnZv31Rs_KrzqWg5U-Tswucn1a6ppyO5emczCfEEkcI54PG-dC_x9psVIzt6qWAktVDpvmK7SFfUtyDHEhoH-EJqSNxaeYKfdttIv5DdnECsOLpP7R-o2iDrbthN8cudSrKwnYG-irGo5TYXr4IPV2pKDsK7M-7dWI2w3eQKAa2ZTkxXo9AatpwxeNUwa2f3Z2VcWQ3ZUugjIKIJpM8SNqpoodUC90OxHtOmRCnun-Hl0__nSs3znA5pyciKioKhQ9t_F8J4Z2FidEHtRQf5e9kpyxinR12jaTzIa8_Mg7gcVPrDVlC4H0TqWshThM3nvZt3FRRmDasXXoeXOKwa9Bi2_FWdjrViIFfgJMKwWB8vM-pnbgepoSGIv62ryHNY6RmFXhag7ueOyEEbj3TtACOlietC25Yp7Y1WwmGS9GAsQEDUfNrJs6o9COHGX20kc7vPgsjqkSQqyp4ylRUjDyxk0nZJEhQGFOnK40i7pqoKveprQvyJg3ggvPk56AZ9S4C9QsN-6YejE9qaT8TaiZIF8hhRDRvzFdKH0GNnaCNahBZcva-gN0nTCp6z-VuxbZswZcoMyiDciW7N3UV6ixtvUPdO2nGB-lJXCcjrImPrP3A9VwEvFXbPSIc6sB_1bl2ykF-90Ukrxk1s2MX8l5RRPrZ8Kzkn15eOTrcruZRDe_J-9B9IdxhR5MEGEdHzbrCRtksAF0cyfq7JCbXptOZRhLknigOzUayrd6VVNQP8UMfr_Y_KtF3U8pIbjtZRM734OaCnFNpmwAHyerlHg4Q-A0FyjrMHifuVyLGEmabTKSYJlfFcQ3x5181STH-mkah1XqjeRdtDW_8HzZ3g9Kbf5zbesyPhb_yWEXakRQ2SY-9DvTIV0DsaLAtw98QC77eSEkGi25r7__LUf5bEaNgzgqAmI2mL3tevNg_BNxds6W8lO0H9wKCSoePAOGiZIwVrQUErGP2wPaq7bDsIu-tIMkA0oYqLyiDRGaGgxAB5E7aRvA_eYEgYR3x7lVcNmP-bMt8cvJBzRBdw8QizXX4HzvKtG8Njl8waTAYbkMzs0hvXAwgB3EJfHJz6SG6p6Zm2E07wBgwT2DS_d0NEV2nPG-U1H-ggCO-pSrluuhMauaH5CcRUpZR-eH34Fr_fSoiLF8S_UipAG1BdIQ5eAqCyAmiaI0ADzJyTzFzeTW8nx99whxDYGGIpecP3-migeDgk2p6UrhQPbzSPP_gdx39_XLcmk3qAHOeOfSqGY0C78VD06bmGC9ZGhq1EqMRz5oANhoIAOvkZcZEv2RCEgMJ1ePd8dbE5MraQWMp2C5Ih5IfjnFlhs8uaEKYyWZQm2whU5_dBjqK5-_DPpnBej-KCEekUHy-qqkQ1_NDD7JEfjKIYo218vDa1N4jjba_0_OWyFeeBZU9YVeWamlLMcfxJHtvf0JualUENC1fCOYQdQ-I6DhX1gPd7uP6E-oQGbUch37sfXQAY6kZDqKdueAQZomtrJRFBSxIj7jNvZ7cBPrLHzAsGcYbstTjiOEhVu8gBNmCmrOmt_8JShbyDkLHskczPEuhtAzXDtD3xCsEmINw58IPf2OqGroltAG52OoVp-k2e478Qu9940p_w7DqeOUDKh7frYjFXxXXaLijRjjvKo_e4bcO1Ef-Uu9b_aI0cxdyBatNy85N8X6OzsAuS8faN82JtdsVK00zfWwWqzyXiZEey6Jm1PvptBXZP4vQWDJo3_pUnD4DppBSH_1Q7sWDjL1iicEn13N97MftrZZo8D6Cz1Sgj_xSAZTkqKfAVzWc4OFugEOfr9Oiu5htCEfZtqrPDac8gCqXdST0Q7MzcjJUoDFY5lNh1GEIXRilgZtc-zdIS946I1-Q41HOBaPd-Et4zfyodAsMwZ5ilaiW3_NNtRXytU8qY2tzKNwoKonS8tSO_TeQdqvFUhzCoJUVrS4WZTkwlf_IQTI-pqoGJfNQCIhX_5JCxOmX2jdjCTOWYr9ZZSIxmpn8HnJ25C3COmY2IleKtkhSXNBwUbZufYJWjCMND5Oxjkx1qrIzjjQoEmjBwMZeCKVk5-Q0ZYKDh8v4sFbYydCgDRMORaD6cvFD86wWrLOf4KuLnWwnKv3QhBAAb3bEp7yBxil0UxfA_aQ1Y-ISXY72XtRSeGb5IVn-qw-DQelm3Y7_IYqPFVT1qQ9JimFtrIpLYGgi4fqSxwXoiBdgoGyQuCYbRig0dkdqIJ3s3SXusDYvQVlmfD_vkwaZs9UlQyqtyPtMoPsdXb3Se2DMa3eGHgfmUbLHvlUd60u7vnRtTyk4H6OS9j5v5Yw37l0OIru1MngrOJZlz7KDNrQPrMv7ttCgKbMZn5ygbWDj9MNY9a4ebMB6yNr7N4eTwd6PjOGlYoMG&cid=CAQSTwAvHhf_f0exH0Ym2Grh46d8JKjseN2qygDp2kb-AkuX4ZfRkrRwtpjIxinS-14fag6vPM8zRZ7g0q7ZII0E4sR5LB_mqtPYv35dRjNkVNkYAQ&dv3_ver=m202401290101&rfl=https%3A%2F%2F10bye.com%2F&ds=l&xdt=1&iif=1&cor=5232330982980540000&adk=497053792&idt=61&cac=0&dtd=4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:07:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
41507
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13937
x-xss-protection
0
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:07:44 GMT
attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzg1Njc3MTAzMTYzOQogIHNlcnZlcl9pcDogMTM1Mzg3OTA3CiAgcHJvY2Vzc19pZDogMjkzNjU2MDY4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0...
ad.doubleclick.net/ddm/activity/ Frame B413 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/ddm/activity/attribution_src_register;crd=cXVlcnlfZXZlbnRfaWQgewogIHRpbWVfdXNlYzogMTcwNzg1Njc3MTAzMTYzOQogIHNlcnZlcl9pcDogMTM1Mzg3OTA3CiAgcHJvY2Vzc19pZDogMjkzNjU2MDY4Mgp9CmZsb29kbGlnaHRfY29uZmlnX2lkOiAxMTg2ODk0MwphZHZlcnRpc2VyX2RvbWFpbjogImh0dHBzOi8vcmVkaW50ZWxsaWdlbmNlLm5ldCIKeGZhX2F0dHJpYnV0aW9uX2ludGVyYWN0aW9uX3R5cGU6IFZJRVcKaW1wcmVzc2lvbl9wcmlvcml0eTogMAppbXByZXNzaW9uX2V4cGlyeV9pbl9kYXlzOiAzMApldmVudF9pbXByZXNzaW9uX2lkOiAxMzk1Nzk4ODc4Nzk2Mjk2MTIwCmRlYnVnX2tleTogMTA1MTg1Mjg3OTM3MzUyNjc2MjcKaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUFJPRFVDVF9UWVBFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAyCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX0lOVEVSQUNUSU9OX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fSU5URVJBQ1RJT05fREFURQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICIyMDI0LTAyLTEzIgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9GTE9PRExJR0hUX0NPTkZJR19JRAogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBpbnQ2NF92YWx1ZTogMTE4Njg5NDMKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fQ09SRV9QTEFURk9STV9TRVJWSUNFCiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAwCiAgfQp9CmltcHJlc3Npb25fbWVhc3VyZW1lbnRfZGltZW5zaW9uc19kYXRhIHsKICBtZWFzdXJlbWVudF9kaW1lbnNpb246IElNUFJFU1NJT05fRElNRU5TSU9OX1BMQVRGT1JNX1RZUEUKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDAKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUVVFUllfQ09VTlRSWQogIG1lYXN1cmVtZW50X2RpbWVuc2lvbl92YWx1ZSB7CiAgICBzdHJpbmdfdmFsdWU6ICJVUyIKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fUExBQ0VNRU5UX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAzMzIxNzU0MzcKICB9Cn0KaW1wcmVzc2lvbl9tZWFzdXJlbWVudF9kaW1lbnNpb25zX2RhdGEgewogIG1lYXN1cmVtZW50X2RpbWVuc2lvbjogSU1QUkVTU0lPTl9ESU1FTlNJT05fRFYzX0FEVkVSVElTRVJfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDg3ODI0MzY5NgogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfTElORV9JVEVNX0lECiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uX3ZhbHVlIHsKICAgIGludDY0X3ZhbHVlOiAxNjY2MDE0MjA2MwogIH0KfQppbXByZXNzaW9uX21lYXN1cmVtZW50X2RpbWVuc2lvbnNfZGF0YSB7CiAgbWVhc3VyZW1lbnRfZGltZW5zaW9uOiBJTVBSRVNTSU9OX0RJTUVOU0lPTl9EVjNfQ1JFQVRJVkVfSUQKICBtZWFzdXJlbWVudF9kaW1lbnNpb25fdmFsdWUgewogICAgaW50NjRfdmFsdWU6IDQxNjIxNjc4NwogIH0KfQphcmNoZXR5cGVfaWQ6IDEyCmFyY2hldHlwZV9pZDogMTMKYXJjaGV0eXBlX2lkOiAxNAphcmNoZXR5cGVfaWQ6IDE1CmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9yZWRpbnRlbGxpZ2VuY2UubmV0IgphZHZlcnRpc2VyX2NvbnZlcnNpb25fZG9tYWluczogImh0dHBzOi8vZGVidWdjb252ZXJzaW9uZG9tYWluMS5jb20iCmFkdmVydGlzZXJfY29udmVyc2lvbl9kb21haW5zOiAiaHR0cHM6Ly9kZWJ1Z2NvbnZlcnNpb25kb21haW4yLmNvbSIKaW1wcmVzc2lvbl9ldmVudF9yZXBvcnRpbmdfd2luZG93X2RheXM6IDQKYnJvd3Nlcl9hdHRyaWJ1dGlvbl9hcGlfcmVxdWVzdF9wcm9jZXNzaW5nX2JpdHM6IDczODE5NzUwNAoyMTogMTIyNzE1ODM3Cg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s05-in-f102.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers
33lgkyejwpt3
hal9000.redintelligence.net/zone/ Frame B413 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1707856770362622&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6gz-gtPLZf6QFqyWvcAP-pyD8AGm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE5gFP0FzJemR04XJitgAdK6_Bci8p8tegcbA1tECDvdjTGpOKg1xnfwUPN5-Zr40lyQ63d5rZl9yqvyyYPp_8eLq_wqfX75oNyFmUpQL6Dt7Bu-Q88-vlRLZ8xvNxtzRPDTZDBdreun9hBQAuAt-eYa-CvcRwUSbby6ZwuIzEuqEuM5KQfJAgDl7fu8sqi19Hp5ps9C8cDKnKqb3YwYz8PQ3Aj11DfdQrwEds3srRhGuS1tuRb2eYsXty1eiJdSs5R1MNaGnSdKID-bng-H0pSMsDXQyfAKvJc7lBBi5vaMk6eX2SwDkGB8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY-ML3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_f0exH0Ym2Grh46d8JKjseN2qygDp2kb-AkuX4ZfRkrRwtpjIxinS-14fag6vPM8zRZ7g0q7ZII0E4sR5LB_mqtPYv35dRjNkVNkYAQ%26sig%3DAOD64_15whLUxZ6K764l1jIoPXDZntN7ZA%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-BoVxf5_prDAFBcKa9-TggnWjflNXWQePYDGg9X6vZ5u2PS7OPWzeXMoPjTpclirzYfBQakBtCAxwCmF2_xhX3-Qj_mCKlkZotCL3e6yd90w2jV046IJkC4PkAVsxcIzRfVWRpJIQO1OfK5xgqvhKIxbv9lxjwzuXUUsuCvJfe5iBeXsKw%26cry%3D1%26dbm_d%3DAKAmf-AQb2EyAR0BktA23A-O7UQO8GaWjAwvVlsfV1FRvHIE6PWwnL_nJAj4IbV6Su2COdrCT4yCtL3ICw9V4XCtUpAYfsd0AjFnMRpQYJmOEf6MAWrP5XirROvt40WyOrljFQSDg7DR_V-OAIDwhUSYFb19zoVZbo_NSmEazHVkIwLTps7lwFC6ly_-atob33T1BTqnxJwddrhN-C7GJ-MpA0QqZ5vMHUUdnQL8M77vomuNsp2CYqkyceaj03FmJTe9DtjeazrH7lps8cpXSuxWYpA8wgJz6eqJTrj-qVT2GTYmBh1G80Utp166D-kUS7jQ6k58Jn_9zh25EqPg91mI-1bTEPDW2dpknfjU-aR9rLTqOCtjXluSPNLLNgOL-0lzS1VyzhBTMg8wDMq3BgrqwCxCblZdZkYoemZL4e7NsBQ9_1n0RB50z4JKEXi_YQr5XTJP_MQK4pa6zs2bl6jTnwlUwBPmlaP5SJL7KF0_lsU0pJrO-XCeOxcxJ6TIQgXRgjSSbsK7M97VEXuhruFn7-0t5auyniQGtMsf17c7fGit2xBHbyU%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
67e9bdea66473ace99a04daa0b6b7625f761c969b049823b66cade6bd82d5c0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
4156
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
62bHydCX.html
tpc.googlesyndication.com/sodar/ Frame 5282 		38 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/62bHydCX.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
41332
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
13045
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 13 Feb 2024 09:10:39 GMT
expires
Wed, 12 Feb 2025 09:10:39 GMT
last-modified
Fri, 25 Aug 2023 23:48:00 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
request.php
hal90005.redintelligence.net/ Frame B413 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=529b279797&subid=&uid=8a2e0e134452c69e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6gz-gtPLZf6QFqyWvcAP-pyD8AGm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE5gFP0FzJemR04XJitgAdK6_Bci8p8tegcbA1tECDvdjTGpOKg1xnfwUPN5-Zr40lyQ63d5rZl9yqvyyYPp_8eLq_wqfX75oNyFmUpQL6Dt7Bu-Q88-vlRLZ8xvNxtzRPDTZDBdreun9hBQAuAt-eYa-CvcRwUSbby6ZwuIzEuqEuM5KQfJAgDl7fu8sqi19Hp5ps9C8cDKnKqb3YwYz8PQ3Aj11DfdQrwEds3srRhGuS1tuRb2eYsXty1eiJdSs5R1MNaGnSdKID-bng-H0pSMsDXQyfAKvJc7lBBi5vaMk6eX2SwDkGB8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY-ML3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_f0exH0Ym2Grh46d8JKjseN2qygDp2kb-AkuX4ZfRkrRwtpjIxinS-14fag6vPM8zRZ7g0q7ZII0E4sR5LB_mqtPYv35dRjNkVNkYAQ%26sig%3DAOD64_15whLUxZ6K764l1jIoPXDZntN7ZA%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-BoVxf5_prDAFBcKa9-TggnWjflNXWQePYDGg9X6vZ5u2PS7OPWzeXMoPjTpclirzYfBQakBtCAxwCmF2_xhX3-Qj_mCKlkZotCL3e6yd90w2jV046IJkC4PkAVsxcIzRfVWRpJIQO1OfK5xgqvhKIxbv9lxjwzuXUUsuCvJfe5iBeXsKw%26cry%3D1%26dbm_d%3DAKAmf-AQb2EyAR0BktA23A-O7UQO8GaWjAwvVlsfV1FRvHIE6PWwnL_nJAj4IbV6Su2COdrCT4yCtL3ICw9V4XCtUpAYfsd0AjFnMRpQYJmOEf6MAWrP5XirROvt40WyOrljFQSDg7DR_V-OAIDwhUSYFb19zoVZbo_NSmEazHVkIwLTps7lwFC6ly_-atob33T1BTqnxJwddrhN-C7GJ-MpA0QqZ5vMHUUdnQL8M77vomuNsp2CYqkyceaj03FmJTe9DtjeazrH7lps8cpXSuxWYpA8wgJz6eqJTrj-qVT2GTYmBh1G80Utp166D-kUS7jQ6k58Jn_9zh25EqPg91mI-1bTEPDW2dpknfjU-aR9rLTqOCtjXluSPNLLNgOL-0lzS1VyzhBTMg8wDMq3BgrqwCxCblZdZkYoemZL4e7NsBQ9_1n0RB50z4JKEXi_YQr5XTJP_MQK4pa6zs2bl6jTnwlUwBPmlaP5SJL7KF0_lsU0pJrO-XCeOxcxJ6TIQgXRgjSSbsK7M97VEXuhruFn7-0t5auyniQGtMsf17c7fGit2xBHbyU%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D3086080715%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769975%26bpp%3D1%26bdt%3D2182%26idt%3D228%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D344%26ady%3D1627%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D231&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=1804917293096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Requested by
Host: hal9000.redintelligence.net
URL: https://hal9000.redintelligence.net/zone/33lgkyejwpt3?subid=&gdpr=&gdpr_consent=&rnd=1707856770362622&extVar[]=DV360_SSP:1&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6gz-gtPLZf6QFqyWvcAP-pyD8AGm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE5gFP0FzJemR04XJitgAdK6_Bci8p8tegcbA1tECDvdjTGpOKg1xnfwUPN5-Zr40lyQ63d5rZl9yqvyyYPp_8eLq_wqfX75oNyFmUpQL6Dt7Bu-Q88-vlRLZ8xvNxtzRPDTZDBdreun9hBQAuAt-eYa-CvcRwUSbby6ZwuIzEuqEuM5KQfJAgDl7fu8sqi19Hp5ps9C8cDKnKqb3YwYz8PQ3Aj11DfdQrwEds3srRhGuS1tuRb2eYsXty1eiJdSs5R1MNaGnSdKID-bng-H0pSMsDXQyfAKvJc7lBBi5vaMk6eX2SwDkGB8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY-ML3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_f0exH0Ym2Grh46d8JKjseN2qygDp2kb-AkuX4ZfRkrRwtpjIxinS-14fag6vPM8zRZ7g0q7ZII0E4sR5LB_mqtPYv35dRjNkVNkYAQ%26sig%3DAOD64_15whLUxZ6K764l1jIoPXDZntN7ZA%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-BoVxf5_prDAFBcKa9-TggnWjflNXWQePYDGg9X6vZ5u2PS7OPWzeXMoPjTpclirzYfBQakBtCAxwCmF2_xhX3-Qj_mCKlkZotCL3e6yd90w2jV046IJkC4PkAVsxcIzRfVWRpJIQO1OfK5xgqvhKIxbv9lxjwzuXUUsuCvJfe5iBeXsKw%26cry%3D1%26dbm_d%3DAKAmf-AQb2EyAR0BktA23A-O7UQO8GaWjAwvVlsfV1FRvHIE6PWwnL_nJAj4IbV6Su2COdrCT4yCtL3ICw9V4XCtUpAYfsd0AjFnMRpQYJmOEf6MAWrP5XirROvt40WyOrljFQSDg7DR_V-OAIDwhUSYFb19zoVZbo_NSmEazHVkIwLTps7lwFC6ly_-atob33T1BTqnxJwddrhN-C7GJ-MpA0QqZ5vMHUUdnQL8M77vomuNsp2CYqkyceaj03FmJTe9DtjeazrH7lps8cpXSuxWYpA8wgJz6eqJTrj-qVT2GTYmBh1G80Utp166D-kUS7jQ6k58Jn_9zh25EqPg91mI-1bTEPDW2dpknfjU-aR9rLTqOCtjXluSPNLLNgOL-0lzS1VyzhBTMg8wDMq3BgrqwCxCblZdZkYoemZL4e7NsBQ9_1n0RB50z4JKEXi_YQr5XTJP_MQK4pa6zs2bl6jTnwlUwBPmlaP5SJL7KF0_lsU0pJrO-XCeOxcxJ6TIQgXRgjSSbsK7M97VEXuhruFn7-0t5auyniQGtMsf17c7fGit2xBHbyU%26adurl%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
94c201ca80b814cbe94ac7aef118c3bb77b8c62d1c86d7984782b80880e731a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Content-Type
application/x-javascript; charset=utf-8
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
X-NEORY-SubId
40125500194152004444556012599005
Connection
close
Content-Length
838
Expires
Tue, 13 Feb 2024 20:39:31 +0100
s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
pagead2.googlesyndication.com/bg/ Frame 5282 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 13:29:26 GMT
content-encoding
br
x-content-type-options
nosniff
age
25805
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15173
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 13:29:26 GMT
css
fonts.googleapis.com/ Frame F927 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Feb 2024 20:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 18:57:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Feb 2024 20:39:31 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame F927 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 16:38:17 GMT
content-encoding
br
x-content-type-options
nosniff
age
14474
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 16:38:17 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/ Frame F927 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 13:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
25806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8991
x-xss-protection
0
server
cafe
etag
11525033739721728465
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 13:29:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame F927 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 13:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
25806
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 13:29:25 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/ Frame F927 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20240208/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 12 Feb 2024 20:53:55 GMT
content-encoding
br
x-content-type-options
nosniff
age
85536
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8220
x-xss-protection
0
server
cafe
etag
16176141338659805634
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 26 Feb 2024 20:53:55 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame F927 		203 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:29:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
606
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62553
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 13 Feb 2024 21:29:25 GMT
c0f9635aabdd33ab086e3930fa461563.js
www.gstatic.com/mysidia/ Frame F927 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:04:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
41677
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15250
x-xss-protection
0
last-modified
Fri, 09 Feb 2024 05:57:34 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 13 May 2024 09:04:54 GMT
/
adv.office-partner.de/ Frame 4590 		930 B
923 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a0b:4d07:101::1 , Switzerland, ASN44239 (PROINITY PROINITY, CH),
Reverse DNS
Software
keycdn /
Resource Hash
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=604800
content-encoding
gzip
content-length
552
content-type
text/html
date
Tue, 13 Feb 2024 20:39:31 GMT
etag
"3a2-5c1ab16b3be00-gzip"
expires
Tue, 20 Feb 2024 20:39:31 GMT
last-modified
Thu, 06 May 2021 15:37:28 GMT
link
<https://adv-srv.office-partner.de/?utm_source=webgains&utm_campaign=webgains>; rel="canonical"
server
keycdn
vary
Accept-Encoding
x-accel-version
0.01
x-cache
HIT
x-edge-location
defr
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/epv/ Frame E604 		0
327 B 		Document
General
Check archive.org
Download Go to
Full URL
https://pv.medialead.de/trck/epv/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
content-length
0
content-type
application/javascript; charset=utf-8
date
Tue, 13 Feb 2024 20:39:31 GMT
host
pv.medialead.de
proxy-host
pv.medialead.de
server
nginx
vary
Origin
view.aspx
www.media01.eu/ Frame 51B1
Redirect Chain
  • https://www.awin1.com/cshow.php?s=2840007&v=20646&q=409071&r=296283&pref1=64496600193150504444556012599018&pv=1
  • https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_296283_1707856771_fd48ac72-caaf-11ee-8694-226555b1c0ac&d...
0
752 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_296283_1707856771_fd48ac72-caaf-11ee-8694-226555b1c0ac&dt_mode=iframe&dt_url=
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
85.10.231.200 Igersheim, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
85-10-231-200.clients.your-server.de
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Range, Content-Disposition, Content-Description, X-XSRF-TOKEN, X-Location
access-control-allow-methods
GET,POST
access-control-allow-origin
*
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 13 Feb 2024 20:39:30 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
last-modified
Tue, 13 Feb 2024 09:39:30 GMT
p3p
policyref="http://www.media01.eu/www.media01.eu/p3p.xml", CP="NOI NID PSA OUR BUS NAV STA"
pragma
no-cache
server
Microsoft-IIS/10.0
x-aspnet-version
4.0.30319
x-powered-by
ASP.NET
x-xss-protection
1; mode=block

Redirect headers

Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
0
Date
Tue, 13 Feb 2024 20:39:31 GMT
Location
https://www.media01.eu/view.aspx?trackid=4FFE2293E3AB03641C3925C92FA06F0B&dt_subid1=&dt_subid2=affiliate&dt_keywords=&dt_freetext=&awc=20646_296283_1707856771_fd48ac72-caaf-11ee-8694-226555b1c0ac&dt_mode=iframe&dt_url=
Node
Helix
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Strict-Transport-Security
max-age=86400
link.html
track.webgains.com/ Frame A71C 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64496600193150504444556012599018&nw=1
Requested by
Host: 10bye.com
URL: https://10bye.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.11.113.23 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-11-113-23.eu-west-2.compute.amazonaws.com
Software
nginx / PHP/7.4.26
Resource Hash
0c69445e2f19e1c7d74e0913877d11f4a7556294b1f32d1c41016619cca5c33c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:31 GMT
last-modified
Tue, 13 Feb 2024 20:39:31 GMT
server
nginx
x-powered-by
PHP/7.4.26
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=60
access-control-allow-headers
Authorization
expires
Tue, 13 Feb 2024 20:40:31 GMT
request_content.php
hal900018.redintelligence.net/ Frame 2295 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=6ca5e4d0ba&subid=&uid=2958a69e260e4021&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC9X95gtPLZZWcFr2_vcAPhNuUkAqm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE4AFP0FrsXZOXpKCSSTvbJh_AgTqifjXDdtfGtzSBwNJgjlK_SNPLpWMKyqaW2BR75PB48d2a3fdUmzqElqDr4BXa2ckKRf3oHlZQ3TvKde43OpjyVjYYY0i9zhWgjIw6GHZdyfqY4iQ6mJsB_fiDad4lO2AbvBvKXP10CkrsTGqT1s2X5MW3R-eiiHb0K2iCsLxOuUfL7yz66DmtqyXg4WZcc85tCqTVgoTgbwEcOR-9l3QFRE-rTNSInabudqxrkiR4IKWDjO2VOAdYD7AemE5WtpkSGiTj8oco1HDoMup9AcAE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAfgvbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY9rn3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_jrp8bEws5RsarVUxPWtWMK-jm8BJJGV64cfCka9YS69HJFQGiX26_b0wm85fPqkg-5USVxUgupvCWCX3V9sKre-LuUbY-ISAyokYAQ%26sig%3DAOD64_2cdR33yswNM901BuXO4BugnPQcsQ%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-CwQBITXEKCyLw3EPOlztET0ukoiJz8murigJEbdYMrZkzvZKJp1ItOTBE6Yf9Lzp34xfVr1J5QpSEsT-jbBQEtbPW_61FfVsJQFZZ_kyPzRGJQP5V33fGjGcg8w95tD5Es10cUiiYgPZs8Df5UUqmafcfJemRQhjy7WNT2EiOFpv_E1Bo%26cry%3D1%26dbm_d%3DAKAmf-A8llvhWksqJKDTRDDgnmxmERJvaay2yNNwUwvEfkTTL05XdZk06vRYUhrCjTlebz9vG7J7dD9So3lPZNjZHTMojtzvWSJZNRNfWMiTRjTDeoEUBGVmkJEELGPfOPn2hjsEeF1822lgF3qtS1INdx3qr9uqskYaigUypO95YLL7FAFEBH4QZ_0eoFGvceYrxGv-hlt5lmdYYJ3ibTx9vI4Rg0nS2sEBXt-FUjjmejBSUePL1A3KBxry8AxqWH4nyMg4c7CQ4gbwhe59YtETQZM_l_6Z011fstlVQVEefWFnU5vTvmXYoOJHY1UhD4ttzXOm1Tc0DAc8T2oDZVgz2OVeyg34d1SVBJfqcegEBqw-pgZM0fQGM4rj-1BRQIaEtlBXgV1FcKLtKoyBjBLoQ73ftRX_4VFQ0yMdp5O1--C4YpZj1ezVF-tANvBV1vG4WOYjPCUfP6lLz8G0wny6dGOfgd1MN_ORWVM1qRLZFxHz7UbQ0qLkLyd-23I3E4Z9UooOZvE8UD-H6OSOpVN1V2x_T9a4U-AO5HcBqLTqGyeF2Wy_Ia4%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D4094556035%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769976%26bpp%3D1%26bdt%3D2184%26idt%3D235%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D973%26ady%3D2279%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D4%26uci%3Da!4%26btvi%3D2%26fsb%3D1%26dtd%3D237&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=2529353435332&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
b71f68f37fcb358dc5f75e0fa8bf01c97cd5f4720f60e41f34f65f2ce4191196

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2077
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Feb 2024 20:39:31 GMT
Expires
Tue, 13 Feb 2024 20:39:31 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
e99aace94e6e5873881d3400993e1e7e
pv.medialead.de/trck/eview/ Frame A71C
Redirect Chain
  • https://medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent=
  • https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent=
43 B
360 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent=
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H2
Server
91.121.248.44 Saint-Martin-d'Hères, France, ASN16276 (OVH, FR),
Reverse DNS
ip44.ip-91-121-248.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:31 GMT
attribution-reporting-register-source
{"source_event_id":"17200521800104416","destination":"https://trck.easy-m.de","expiry":5184000,"filter_data":{}}
server
nginx
host
pv.medialead.de
vary
Origin
content-type
image/gif
access-control-allow-origin
*
access-control-expose-headers
X-Request-ID
access-control-allow-credentials
true
content-length
43
proxy-host
pv.medialead.de

Redirect headers

location
https://pv.medialead.de/trck/eview/e99aace94e6e5873881d3400993e1e7e?subid=64496600193150504444556012599018&t=htlp&gdpr=1&consent=1&gdpr_consent=
date
Tue, 13 Feb 2024 20:39:31 GMT
server
nginx
content-length
138
content-type
text/html
truncated
/ Frame A71C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
50fd82fffa98f7ba53bad40e570696d3ca199aa911eb4f2baac3f25df883f2d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/9920367951217753875/ Frame F927 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/9920367951217753875/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d1e6017fa3381dc72b9e0a28f35de53373984b7fcd67a03a8682e7bbcbdaf306
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires
Wed, 12 Feb 2025 11:49:45 GMT
date
Tue, 13 Feb 2024 11:49:45 GMT
x-content-type-options
nosniff
age
31786
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15729
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 15:41:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons
true
truncated
/ Frame F927 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame F927 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/svg+xml
css
fonts.googleapis.com/ Frame 2295 		5 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Feb 2024 20:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 18:59:53 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Feb 2024 20:39:31 GMT
/
hal9000.redintelligence.net/scale/ Frame 2295 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/30229/creativesup/1200x627_Office-Partner.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
f715c45e8b3d762a3488c95e44226ce48e8069e8f864790ab54b4c225ac87e48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
25838
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2295 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/6383/creativesup/produkte-kredite-privatkredit-mann-auf-pferd-teaser-logout-1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
03cd0c4153d5ffb396435175859981002c5199aa38867ee251ebfc455c88b0ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
27714
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 2295 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/73943/creativesup/STIHL-Native-Generic-1200x627.jpg
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
18626282d1e0435ca8dc3867786c25ad49af070cdb0b5ecfa38c36cfc7b220f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
30463
Vary
Accept-Encoding
Content-Type
image/png
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-M01SPYK7S1&gtm=45je42c0v893876858za200&_p=1707856767849&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=156531095.1707856768&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=AEAI&_s=3&sid=1707856767&sct=1&seg=0&dl=https%3A%2F%2F10bye.com%2F&dt=%E3%81%98%E3%82%85%E3%81%86%E3%81%B3%E3%81%87&en=scroll&epn.percent_scrolled=90&_et=3&tfd=3730
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-M01SPYK7S1&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://10bye.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://10bye.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ Frame 4590 		184 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Requested by
Host: adv.office-partner.de
URL: https://adv.office-partner.de/?utm_source=webgains&utm_campaign=webgains
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
7b83fcf0c14a666da37e8038a58b3ab39b69e16189da1fb058e18ed3ba4c50ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
67138
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 20:13:41 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 13 Feb 2024 20:39:31 GMT
truncated
/ Frame F927 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4c43b5a4b3195c9906e79dc2c16dba6c63ebd73cf6aac667c1e3850409aaf934

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ Frame 5282 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BllVfg9PLZZf3AYO2x_APqrih-AoAAAAAOAHgBAI&bg=!ammlaSbNAAaxkZ3akZE7ADQBe5WfOPps0U8vm-p2LaJqNbrP96O47n_JdMRKPyxZX6QPUjYBcxQF6axttzODF5eeUILWAgAAAGFSAAAAAWgBBwoATnCggf7qWf46M1fjaH88ijVQuObHzNXZ3t-peDoQzcc9NqGVIGqu999ofGkp4Ip6tKvIIHMZn8G_ZcuPU-v4qNRs2uI2aMKMnXSMMWeopZkDBqPh7SXrrWfvnF_6G1FwRGgWwtjoIH0EHO6Gb0Eb1moObWrwmr0PNKQNmkbfKhXmBVwsRClJW7ox9WQlKASj1cT_OsMQpkeHCqL7ZHLAPzjwBQ86zXrWViHOsEFYk3r-3zvRLxla4iJJq8bxgup_lYqYCBrc9eqj1XTm4PZ1BB9ZB96IESHyGDWc0XK-gYIxYDu65bPcD2Ua5hPLnEMbDPIceLEtsNw2vHaPrt5hS9NVICJF3iD8M2ybEJ19qpALdjYrhtABxKUJjb-WErpv9JrwLw6DENm79DXTIsZG-9E6o4U2e_-bv7Hn6k0ei2TD5_jF9W3CudS5lo81RojUQu6NO4D5W8isLBpjenrgD1C_vkLXIWusBqpa3vihmlCgciP4PUrkouPAkGFd_X1GJrXA00PS_hSHl0Xya8VLaDUMw_WWjBbVnK8XaXh3wj4RuD14JaXVeGir_HO87bfjLmRD-TpSXSdwTj0CFtC8gPaSqeLIlsPmPFxYWBFn1zxpYsGgF9y1CcJsGnNY85GpoV4rY0SCAim6FYvE79XaZPVkioRy470ymTYetNFLoPyBzV4F0i3-3Aw3QqGhsp4WOx8b5dvvlbn32OWQeei_sazoK87RorIHcUrm2Ra4heyjDh43YW_HD2iGqMUVya83rEhluMYwpKHKQk_VnwHX4md7jYUeX61-0raDBG9WH7-1c2KXlW80fi24Krf1EfCTH71aH8eBb6AwY2lIOlJup6HM5hDqeTkJLycKafnkudOS_PadzWglirFGK037jSDuDnKtO_inGlfj3bT_4bCAIycDz0Two8BPbC3qHR2cpvy1OvyfBrrSqiMUSS2TEWnSYYsyGjGBLjXcH_OYPPpbt1nJ1pTB08mm_4AzR4XIhh42dcBDwmSHQbvc71vuT6TmAk2yq-JtBpYnxqknPIrgbH6Z0dky6MrqCceU7Hg3eBLxnzmLjTdJxdt4obpWFA-f2d5N9yOyXpKB7YjoRRVHyCitIIQ00QwfNJjpgXiPFxJlTGmsG3AikA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 13 Feb 2024 20:39:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
htlp
futalis.de/ Frame A426
Redirect Chain
  • https://cdn.retailads.net/tb.php?t=150337V2172132532M&subid=40125500194152004444556012599005&ra_cnt_active=1&ra_cnt=1
  • https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3544566947
350 B
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3544566947
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=529b279797&subid=&uid=8a2e0e134452c69e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6gz-gtPLZf6QFqyWvcAP-pyD8AGm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE5gFP0FzJemR04XJitgAdK6_Bci8p8tegcbA1tECDvdjTGpOKg1xnfwUPN5-Zr40lyQ63d5rZl9yqvyyYPp_8eLq_wqfX75oNyFmUpQL6Dt7Bu-Q88-vlRLZ8xvNxtzRPDTZDBdreun9hBQAuAt-eYa-CvcRwUSbby6ZwuIzEuqEuM5KQfJAgDl7fu8sqi19Hp5ps9C8cDKnKqb3YwYz8PQ3Aj11DfdQrwEds3srRhGuS1tuRb2eYsXty1eiJdSs5R1MNaGnSdKID-bng-H0pSMsDXQyfAKvJc7lBBi5vaMk6eX2SwDkGB8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY-ML3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_f0exH0Ym2Grh46d8JKjseN2qygDp2kb-AkuX4ZfRkrRwtpjIxinS-14fag6vPM8zRZ7g0q7ZII0E4sR5LB_mqtPYv35dRjNkVNkYAQ%26sig%3DAOD64_15whLUxZ6K764l1jIoPXDZntN7ZA%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-BoVxf5_prDAFBcKa9-TggnWjflNXWQePYDGg9X6vZ5u2PS7OPWzeXMoPjTpclirzYfBQakBtCAxwCmF2_xhX3-Qj_mCKlkZotCL3e6yd90w2jV046IJkC4PkAVsxcIzRfVWRpJIQO1OfK5xgqvhKIxbv9lxjwzuXUUsuCvJfe5iBeXsKw%26cry%3D1%26dbm_d%3DAKAmf-AQb2EyAR0BktA23A-O7UQO8GaWjAwvVlsfV1FRvHIE6PWwnL_nJAj4IbV6Su2COdrCT4yCtL3ICw9V4XCtUpAYfsd0AjFnMRpQYJmOEf6MAWrP5XirROvt40WyOrljFQSDg7DR_V-OAIDwhUSYFb19zoVZbo_NSmEazHVkIwLTps7lwFC6ly_-atob33T1BTqnxJwddrhN-C7GJ-MpA0QqZ5vMHUUdnQL8M77vomuNsp2CYqkyceaj03FmJTe9DtjeazrH7lps8cpXSuxWYpA8wgJz6eqJTrj-qVT2GTYmBh1G80Utp166D-kUS7jQ6k58Jn_9zh25EqPg91mI-1bTEPDW2dpknfjU-aR9rLTqOCtjXluSPNLLNgOL-0lzS1VyzhBTMg8wDMq3BgrqwCxCblZdZkYoemZL4e7NsBQ9_1n0RB50z4JKEXi_YQr5XTJP_MQK4pa6zs2bl6jTnwlUwBPmlaP5SJL7KF0_lsU0pJrO-XCeOxcxJ6TIQgXRgjSSbsK7M97VEXuhruFn7-0t5auyniQGtMsf17c7fGit2xBHbyU%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D3086080715%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769975%26bpp%3D1%26bdt%3D2182%26idt%3D228%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D344%26ady%3D1627%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D231&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=1804917293096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
49.12.16.151 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
lb-1.futalis.de
Software
/
Resource Hash
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
350
content-type
text/html; charset=utf-8

Redirect headers

content-length
0
content-type
text/html; charset=utf-8
date
Tue, 13 Feb 2024 20:39:31 GMT
location
https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3544566947
p3p
policyref="https://www.retailads.net/w3c/p3p.xml",CP="NOI CUR OUR STP"
server
Apache
xphp81
true
request_content.php
hal90005.redintelligence.net/ Frame 7B24 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request.php?zone=33lgkyejwpt3&nw=20&renderingType=javascript&namespace=529b279797&subid=&uid=8a2e0e134452c69e&screenSize=1600x1200&screenSizeAvail=1600x1200&clientSize=160x600&scrollPos=0x0&extData[]=&extVar[]=DV360_SSP%3A1&envData=&gdpr=&gdpr_consent=&ud=&redirectClick=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fdbm%2Fclk%3Fsa%3DL%26ai%3DC6gz-gtPLZf6QFqyWvcAP-pyD8AGm5b2gaZ2cnKfJD_AuEAEgm_DjcWCVkqCCsAfIAQmpAiqsz0j59bE-qAMByAObBKoE5gFP0FzJemR04XJitgAdK6_Bci8p8tegcbA1tECDvdjTGpOKg1xnfwUPN5-Zr40lyQ63d5rZl9yqvyyYPp_8eLq_wqfX75oNyFmUpQL6Dt7Bu-Q88-vlRLZ8xvNxtzRPDTZDBdreun9hBQAuAt-eYa-CvcRwUSbby6ZwuIzEuqEuM5KQfJAgDl7fu8sqi19Hp5ps9C8cDKnKqb3YwYz8PQ3Aj11DfdQrwEds3srRhGuS1tuRb2eYsXty1eiJdSs5R1MNaGnSdKID-bng-H0pSMsDXQyfAKvJc7lBBi5vaMk6eX2SwDkGB8AE64_8jvcD4AQDiAXvr5aIPpAGAaAGTYAHrK31nwOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G6gHmgaoB_PRG6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpY-ML3oJaphAOACgGYCwHICwGADAGqDQJERbATh--xFdATANgTA4gUAdgUAdAVAfgWAYAXAQ%26ae%3D1%26num%3D1%26cid%3DCAQSTwAvHhf_f0exH0Ym2Grh46d8JKjseN2qygDp2kb-AkuX4ZfRkrRwtpjIxinS-14fag6vPM8zRZ7g0q7ZII0E4sR5LB_mqtPYv35dRjNkVNkYAQ%26sig%3DAOD64_15whLUxZ6K764l1jIoPXDZntN7ZA%26client%3Dca-pub-2803965917853477%26dbm_c%3DAKAmf-BoVxf5_prDAFBcKa9-TggnWjflNXWQePYDGg9X6vZ5u2PS7OPWzeXMoPjTpclirzYfBQakBtCAxwCmF2_xhX3-Qj_mCKlkZotCL3e6yd90w2jV046IJkC4PkAVsxcIzRfVWRpJIQO1OfK5xgqvhKIxbv9lxjwzuXUUsuCvJfe5iBeXsKw%26cry%3D1%26dbm_d%3DAKAmf-AQb2EyAR0BktA23A-O7UQO8GaWjAwvVlsfV1FRvHIE6PWwnL_nJAj4IbV6Su2COdrCT4yCtL3ICw9V4XCtUpAYfsd0AjFnMRpQYJmOEf6MAWrP5XirROvt40WyOrljFQSDg7DR_V-OAIDwhUSYFb19zoVZbo_NSmEazHVkIwLTps7lwFC6ly_-atob33T1BTqnxJwddrhN-C7GJ-MpA0QqZ5vMHUUdnQL8M77vomuNsp2CYqkyceaj03FmJTe9DtjeazrH7lps8cpXSuxWYpA8wgJz6eqJTrj-qVT2GTYmBh1G80Utp166D-kUS7jQ6k58Jn_9zh25EqPg91mI-1bTEPDW2dpknfjU-aR9rLTqOCtjXluSPNLLNgOL-0lzS1VyzhBTMg8wDMq3BgrqwCxCblZdZkYoemZL4e7NsBQ9_1n0RB50z4JKEXi_YQr5XTJP_MQK4pa6zs2bl6jTnwlUwBPmlaP5SJL7KF0_lsU0pJrO-XCeOxcxJ6TIQgXRgjSSbsK7M97VEXuhruFn7-0t5auyniQGtMsf17c7fGit2xBHbyU%26adurl%3D&documentReferer=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Fpagead%2Fads%3Fclient%3Dca-pub-2803965917853477%26output%3Dhtml%26h%3D600%26slotname%3D9531781684%26adk%3D1556158748%26adf%3D3086080715%26pi%3Dt.ma~as.9531781684%26w%3D283%26fwrn%3D4%26fwrnh%3D100%26lmt%3D1632227896%26rafmt%3D1%26format%3D283x600%26url%3Dhttps%253A%252F%252F10bye.com%252F%26fwr%3D0%26fwrattr%3Dtrue%26rpe%3D1%26resp_fmts%3D4%26wgl%3D1%26uach%3DWyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.%26dt%3D1707856769975%26bpp%3D1%26bdt%3D2182%26idt%3D228%26shv%3Dr20240208%26mjsv%3Dm202402060101%26ptt%3D9%26saldr%3Daa%26abxe%3D1%26prev_fmts%3D0x0%252C283x600%26nras%3D1%26correlator%3D1885067147150%26frm%3D20%26pv%3D1%26ga_vid%3D156531095.1707856768%26ga_sid%3D1707856770%26ga_hid%3D551268009%26ga_fc%3D1%26u_tz%3D60%26u_his%3D2%26u_h%3D1200%26u_w%3D1600%26u_ah%3D1200%26u_aw%3D1600%26u_cd%3D24%26u_sd%3D1%26dmc%3D8%26adx%3D344%26ady%3D1627%26biw%3D1600%26bih%3D1200%26scr_x%3D0%26scr_y%3D0%26eid%3D44759876%252C44759927%252C44759837%252C44808397%252C31081035%252C44795921%252C95324581%252C95320868%252C95324154%252C95324161%26oid%3D2%26pvsid%3D4463060399122235%26tmod%3D1545294318%26uas%3D0%26nvt%3D1%26fc%3D1920%26brdim%3D0%252C0%252C0%252C0%252C1600%252C0%252C1600%252C1200%252C1600%252C1200%26vis%3D1%26rsz%3D%257C%257CpEebr%257C%26abl%3DCS%26pfx%3D0%26fu%3D128%26bc%3D31%26bz%3D1%26psd%3DW251bGwsbnVsbCxudWxsLDNd%26ifi%3D3%26uci%3Da!3%26btvi%3D1%26fsb%3D1%26dtd%3D231&ancestorOrigins=https%3A%2F%2Fgoogleads.g.doubleclick.net%2Chttps%3A%2F%2F10bye.com&random=1804917293096&isIframe=1&container=&adPos=0x0&adPosCheck=1x1&adtagId=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
cb0d254a3a4c773d7f236277c7a3423489edb56ff34428733b15f35ed374f42b

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
close
Content-Encoding
gzip
Content-Length
2042
Content-Type
text/html; charset=utf-8
Date
Tue, 13 Feb 2024 20:39:31 GMT
Expires
Tue, 13 Feb 2024 20:39:31 +0100
P3P
CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
Pragma
no-cache
Server
Apache
Vary
Accept-Encoding
cshow.php
www.awin1.com/ Frame B413 		43 B
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=2519595&v=14098&q=379097&r=296283&pref1=40125500194152004444556012599005&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Feb 2024 20:39:31 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
cshow.php
www.awin1.com/ Frame B413 		43 B
704 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.awin1.com/cshow.php?s=3502280&v=23861&q=476504&r=296283&pref1=40125500194152004444556012599005&pv=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=3086080715&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769975&bpp=1&bdt=2182&idt=228&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=344&ady=1627&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=231
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.64.118.247 Prague, Czech Republic, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-64-118-247.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 13 Feb 2024 20:39:31 GMT
Strict-Transport-Security
max-age=86400
Node
Helix
Content-Type
image/gif
P3P
policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Cache-Control
no-store, no-cache, max-age=0, must-revalidate
Awin-Akamai-Rule-Set
default
Connection
keep-alive
Content-Length
43
Expires
0
truncated
/ Frame B413 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
802907ebe830c498d3bd238dd2089bda70c634b9ca537bede560ef015d9131ec

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame F927 		33 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:12:32 GMT
x-content-type-options
nosniff
age
41219
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 09:12:32 GMT
viewability
hal900018.redintelligence.net/ Frame 2295 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal900018.redintelligence.net/viewability?s=64496600193150504444556012599018&a=22a4d776&vb=m
Requested by
Host: hal900018.redintelligence.net
URL: https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
144.76.91.199 Bad Bellingen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.199.91.76.144.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal900018.redintelligence.net/request_content.php?s=64496600193150504444556012599018&a=f94524b5
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2295 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 07:59:08 GMT
x-content-type-options
nosniff
age
45623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 2295 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal900018.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:47:53 GMT
x-content-type-options
nosniff
age
42698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:47:53 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame F927
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CFoOcgtPLZZuGFfycvcAP9IS5mATs1_zcdfHPi62XEr76n66LDhABIJvw43FglZKggrAHoAHOxdzFKMgBCakCKqzPSPn1sT6oAwHIA8sEqgTPAU_QLiUHEKu8SJA-XkniCqWyD6akKsmrBts...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210480196862915765466%22,%22debug_reporting%22:true,%22destination%22:%22https://extrakarte.com%22,%22event_report_window%2...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210480196862915765466%22,%22debug_reporting%22:true,%22destination%22:%22https://extrakarte.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210883637966%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215662671857062203505%22}&andc=true
Protocol
H3
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:31 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"10480196862915765466","debug_reporting":true,"destination":"https://extrakarte.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10883637966"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"15662671857062203505"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Tue, 13 Feb 2024 20:39:31 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 13 Feb 2024 20:39:31 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"10480196862915765466","debug_reporting":true,"destination":"https://extrakarte.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10883637966"],"22":["true"],"4":["02-13"],"6":["true"]},"priority":"500","source_event_id":"15662671857062203505"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
pagead2.googlesyndication.com/bg/ Frame E589 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Iz_JHV4l5fZH2lEwuRpjHaPHNWUwFDhgi74JYFsnLYc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=1464098597&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769974&bpp=1&bdt=2181&idt=218&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=659&ady=512&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 09:01:34 GMT
content-encoding
br
x-content-type-options
nosniff
age
41877
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19746
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 17:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 12 Feb 2025 09:01:34 GMT
js
www.googletagmanager.com/gtag/ Frame 4590 		281 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-Q7C756EV6G&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TBMT2SF
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e9bc2088ea5540d5acf232a09754bd86e00db1bdf0ff153dbf62aef9638252ff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adv.office-partner.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95292
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 13 Feb 2024 20:39:31 GMT
pvClk.min.js
analytics.webgains.io/ Frame A71C 		56 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://analytics.webgains.io/pvClk.min.js
Requested by
Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=498343&wgcampaignid=99582&js=1&viewref=64496600193150504444556012599018&nw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-120.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d85ff4ff5419e721ef04483dd4995db0a4c89dc414071eceedd4f31a628b6c86

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 01:58:09 GMT
content-encoding
gzip
via
1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
last-modified
Wed, 07 Feb 2024 14:11:16 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
67283
x-amz-server-side-encryption
AES256
etag
W/"1ae708ab523e5f77c29668b2cac9b72f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
x-amz-cf-id
Nv-kWIeYfg0_ArUO8q8-icNovvr1_dIjsD07SjBK1RGZNDhNjcLS0g==
1x1.gif
cdn.track.production.webgains.team/7121/ Frame A71C 		85 B
437 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.track.production.webgains.team/7121/1x1.gif?Expires=1707857071&Signature=fnqZRnYxZIh5EGG~PJli0CDgWxmK8IChhldEOys3OgULwK2Rt~IaRHyDnCjUSf3lkNv1EmrFCvVpeO~F6LjM7zstgElevPUUyAiV66t21Ero0~ZS0-aqN9j9cvWewQ-rVT3rFKNMNzFh-znddbz17ENRa0vT2sv4LKNarbkxviUtPqd53aXlsLKtCBI-Y9pX~JM3hZ7u-~lHWoxjzNDRoZwTMyYt~zuKOuX7ncuQNEnKpt~uYo490lawWq3AItN-f8JRMHnNCqwJCsX6yB03baM9~92DB1dPA4W63ubyQMJ5u62Ar2b2qkvOtBH5m4sDW36UmxsqNiHFb1hvPFNsMA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&h=600&slotname=9531781684&adk=1556158748&adf=4094556035&pi=t.ma~as.9531781684&w=283&fwrn=4&fwrnh=100&lmt=1632227896&rafmt=1&format=283x600&url=https%3A%2F%2F10bye.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769976&bpp=1&bdt=2184&idt=235&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C283x600%2C283x600&nras=1&correlator=1885067147150&frm=20&pv=1&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=973&ady=2279&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=237
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.53 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-53.fra6.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

x-amz-version-id
null
date
Tue, 13 Feb 2024 05:09:53 GMT
via
1.1 e7e7960d7731a7583cedd8f1ff1aca38.cloudfront.net (CloudFront)
last-modified
Fri, 06 May 2022 11:40:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
55779
etag
"70af33d70b6810475aae19743c8c435b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/gif
accept-ranges
bytes
content-length
85
x-amz-cf-id
q9SWQU66gFaXuqFwCzgwNrrHmwwehw8qstswtrSEQ0O_mo95ELfyBQ==
ts.js
cdn.retailads.net/ Frame A426 		5 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.retailads.net/ts.js
Requested by
Host: futalis.de
URL: https://futalis.de/htlp?utm_medium=affiliate&utm_source=retailads&utm_campaign=150337&ra_id=3544566947
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
2a01:4f8:d0a:2321::2 Nuremberg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
Software
Apache /
Resource Hash
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://futalis.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 20:39:31 GMT
last-modified
Wed, 05 Apr 2023 20:14:46 GMT
server
Apache
etag
"1416-5f89c717cdc2f"
content-type
application/javascript
xphp81
true
accept-ranges
bytes
content-length
5142
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2210480196862915765466%22,%22debug_reporting%22:true,%22destination%22:%22https://extrakarte.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210883637966%22],%2222%22:[%22true%22],%224%22:[%2202-13%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2215662671857062203505%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s42-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Tue, 13 Feb 2024 20:39:31 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ Frame 7B24 		5 KB
705 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 13 Feb 2024 20:39:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 13 Feb 2024 19:36:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 13 Feb 2024 20:39:31 GMT
/
hal9000.redintelligence.net/scale/ Frame 7B24 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/55487/creativesup/1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
0da5752a3373745c49aae507b0f6d761eb7b6370f15268f345c7d9044a8f87b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
20628
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7B24 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/3839/creativesup/father_daughter_1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
6dfcb14c0c0092d1e9ebf15cc22c4aeed2cc4a3785c6394728280ee13ac6b21e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
26371
Vary
Accept-Encoding
Content-Type
image/png
/
hal9000.redintelligence.net/scale/ Frame 7B24 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hal9000.redintelligence.net/scale/?nw=20&mode=bb&width=150&height=90&url=https://cdn.contentspread.net/24i/advertiser/74889/creativesup/AEG-1200x627.jpg
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.116 Papenburg, Germany, ASN (),
Reverse DNS
static.116.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
4598433715f527c4611a35aa1f68a21f8a4998069c9e4e72c106c7e9194b76d1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Content-Encoding
gzip
Server
Apache
Connection
close
Content-Length
19525
Vary
Accept-Encoding
Content-Type
image/png
viewability
hal90005.redintelligence.net/ Frame 7B24 		0
150 B 		Script
General
Check archive.org
Download Go to
Full URL
https://hal90005.redintelligence.net/viewability?s=40125500194152004444556012599005&a=cb2f7913&vb=m
Requested by
Host: hal90005.redintelligence.net
URL: https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
138.201.63.165 Papenburg, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.165.63.201.138.clients.your-server.de
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://hal90005.redintelligence.net/request_content.php?s=40125500194152004444556012599005&a=7982dc67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Tue, 13 Feb 2024 20:39:31 GMT
Server
Apache
Connection
close
Content-Length
0
Content-Type
text/html; charset=UTF-8
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7B24 		14 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90005.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 07:59:08 GMT
x-content-type-options
nosniff
age
45623
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14824
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 07:59:08 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v22/ Frame 7B24 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v22/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://hal90005.redintelligence.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 13 Feb 2024 08:47:53 GMT
x-content-type-options
nosniff
age
42698
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14892
x-xss-protection
0
last-modified
Thu, 01 Jun 2023 22:52:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 12 Feb 2025 08:47:53 GMT
tracking-event
api.webgains.io/ Frame A71C 		16 B
209 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Requested by
Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.247.241 -, , ASN (),
Reverse DNS
Software
nginx / PHP/8.1.14
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://googleads.g.doubleclick.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 13 Feb 2024 20:39:32 GMT
x-content-type-options
nosniff
server
nginx
x-powered-by
PHP/8.1.14
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, private
x-xss-protection
1; mode=block
tracking-event
api.webgains.io/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.webgains.io/tracking-event
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.178.247.241 -, , ASN (),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
Authorization, Content-Type
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin
*
date
Tue, 13 Feb 2024 20:39:32 GMT
server
nginx

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ad.jp.ap.valuecommerce.com
URL
https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3445533&pid=886215465
Domain
ad.jp.ap.valuecommerce.com
URL
https://ad.jp.ap.valuecommerce.com/servlet/gifbanner?sid=3445533&pid=886219605
Domain
i.imgvc.com
URL
https://i.imgvc.com/vc/images/00/21/81/8f.png
Domain
googleads.g.doubleclick.net
URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2803965917853477&output=html&adk=1812271804&adf=3025194257&lmt=1632227896&plat=1%3A16777216%2C2%3A16777216%2C3%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x810_r&format=0x0&url=https%3A%2F%2F10bye.com%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&aseiel=1~2~4~6~8~16&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707856769955&bpp=6&bdt=2162&idt=217&shv=r20240208&mjsv=m202402060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1885067147150&frm=20&pv=2&ga_vid=156531095.1707856768&ga_sid=1707856770&ga_hid=551268009&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44808397%2C31081035%2C44795921%2C95324581%2C95320868%2C95324154%2C95324161&oid=2&pvsid=4463060399122235&tmod=1545294318&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=231

Verdicts & Comments Add Verdict or Comment

52 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 function| gtag function| gtagPageview function| gtagIpEvent function| gtagEvent function| gtagFavoriteEvent function| gtagSearchCloudEvent function| gtagGoToLinkEvent object| dataLayer object| webpackJsonpcreate-react-app number| 2f1acc6c3a606b082e5eef5e54414ffb object| regeneratorRuntime function| enableAds object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga string| ip object| gaplugins object| gaGlobal object| gaData object| googletag function| onYouTubeIframeAPIReady object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle string| google_user_agent_client_hint object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| GoogleGcLKhOms

36 Cookies

Domain/Path Name / Value
.10bye.com/ Name: _gid
Value: GA1.2.2111919690.1707856768
.10bye.com/ Name: _gat_gtag_UA_134728956_1
Value: 1
.10bye.com/ Name: _ga
Value: GA1.1.156531095.1707856768
.doubleclick.net/ Name: IDE
Value: AHWqTUm2x49lb-ehYhHP-ReCicm0OoecnTYJSBFDjEVwIMt7NPFWWc4Gsha5c-11
.doubleclick.net/ Name: APC
Value: AfxxVi6c5MmAyaJIFauLgeFrkVdZRvDdEYDzrYIpfUnjDVQKFNy6xQ
.doubleclick.net/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: XANDR_PANID
Value: -_C1WtNZa2h_v6HhGe9SSDW_m7ZH6X330-UcAVtLyzf94qTjx5bhSmCNK5EEvuqRS2DP3CsOBsZsyTnd2X_YmvveqX_yKjP9CA65Mtg_j9Q.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 3524127069641306672
.redintelligence.net/ Name: 8lcfmzhxc8d6_uid
Value: c18c2f4b35a55972
.casalemedia.com/ Name: CMID
Value: ZcvTg1VbLUIAAEPuAH7yvgAA
.casalemedia.com/ Name: CMPS
Value: 5152
.casalemedia.com/ Name: CMPRO
Value: 5152
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaRrgWx-!@wnfH8K6pQK`!5=E<*L5?%Ln[qhpAfzMWb1od5D3E#n4]78[U>s[.3vO9Xj%nugO%v4VB%nnkd**uXM
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.10bye.com/ Name: __gads
Value: ID=9dc4ee17379b4908:T=1707856770:RT=1707856770:S=ALNI_MbhPTdkskAeIqhMILf-LmwTFBrEOg
.10bye.com/ Name: __gpi
Value: UID=00000d586543ef8e:T=1707856770:RT=1707856770:S=ALNI_MbCN674qGqW08j4NhDCaAFH7cMUKQ
.10bye.com/ Name: __eoi
Value: ID=70b60ad22940c835:T=1707856770:RT=1707856770:S=AA-AfjZCSIioOmg6UDR1AEpdXRIb
.awin1.com/ Name: awpv20646
Value: 296283|1707856771|fd48ac72-caaf-11ee-8694-226555b1c0ac
.10bye.com/ Name: _ga_M01SPYK7S1
Value: GS1.1.1707856767.1.0.1707856771.0.0.0
.retailads.net/ Name: ppb2172
Value: 3544566947
.office-partner.de/ Name: source
Value: {"webgains_webgains":{"timestamp":1707856771341,"clickCookie":false}}
www.media01.eu/ Name: DTU
Value: AAED0A66E1E7BEC7249EAD96AC842DFA
.awin1.com/ Name: awpv23861
Value: 296283|1707856771|fd56b631-caaf-11ee-b3cc-2233d0695e79
.awin1.com/ Name: awpv14098
Value: 296283|1707856771|fd583cd1-caaf-11ee-94b4-2233c304522e
.awin1.com/ Name: AWSESS
Value: 429086:2519595
.futalis.de/ Name: raSIDb
Value: 3544566947
.googleadservices.com/ Name: ar_debug
Value: 1
store-jp.nintendo.com/ Name: dwac_dfdb85e0f8f44acd413bcad61a
Value: pIAW1d7rfuJkrnthxEyjzJ0XJqPiD_JGQRI%3D|dw-only|||JPY|false|Asia%2FTokyo|true
store-jp.nintendo.com/ Name: cqcid
Value: ad6HEwsKGZ5iaFUVbLyIbNDYer
store-jp.nintendo.com/ Name: cquid
Value: ||
store-jp.nintendo.com/ Name: sid
Value: pIAW1d7rfuJkrnthxEyjzJ0XJqPiD_JGQRI
store-jp.nintendo.com/ Name: dwanonymous_9101a1424ac0941de06d82159b3e37d0
Value: ad6HEwsKGZ5iaFUVbLyIbNDYer
store-jp.nintendo.com/ Name: __cq_dnt
Value: 0
store-jp.nintendo.com/ Name: dw_dnt
Value: 0
store-jp.nintendo.com/ Name: dwsid
Value: Bi7hkKQI74KxMPT2LzJQYj-50eaY7GMmlIwBC0144_joQ9jzolqq8aNHd-kVQa995bEE9PqvCDVDEyLnWnICZQ==

92 Console Messages

Source Level URL
Text
network error URL: https://10bye.s3-ap-northeast-1.amazonaws.com/grant.json
Message:
Failed to load resource: the server responded with a status of 403 (Forbidden)
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://10bye.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31556926

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10bye.com
10bye.s3-ap-northeast-1.amazonaws.com
ad.doubleclick.net
ad.jp.ap.valuecommerce.com
adv.office-partner.de
analytics.webgains.io
api.webgains.io
assets.xboxservices.com
cdn.retailads.net
cdn.track.production.webgains.team
cm.g.doubleclick.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
futalis.de
gmedia.playstation.com
googleads.g.doubleclick.net
hal9000.redintelligence.net
hal900018.redintelligence.net
hal90005.redintelligence.net
i.imgvc.com
ib.adnxs.com
ipv4.icanhazip.com
jp.sharp
medialead.de
pagead2.googlesyndication.com
pv.medialead.de
region1.google-analytics.com
stats.g.doubleclick.net
storage.googleapis.com
store-jp.nintendo.com
store.nintendo.co.jp
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.media01.eu
www.nintendo.co.jp
www.sony.jp
ad.jp.ap.valuecommerce.com
googleads.g.doubleclick.net
i.imgvc.com
104.18.115.97
104.19.175.1
104.64.118.247
138.201.63.116
138.201.63.165
142.250.186.130
144.76.91.199
151.101.1.195
152.199.21.185
172.217.18.102
172.217.18.98
172.64.151.101
18.66.147.120
2001:4860:4802:34::36
23.197.129.24
2620:1ec:46::60
2a00:1450:4001:800::2002
2a00:1450:4001:801::201b
2a00:1450:4001:806::2002
2a00:1450:4001:80b::200e
2a00:1450:4001:811::2008
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2003
2a00:1450:400c:c0a::9b
2a00:1450:4016:80b::2003
2a01:4f8:d0a:2321::2
2a02:26f0:3500:88f::ab4
2a0b:4d07:101::1
3.11.113.23
35.178.247.241
37.252.173.215
41.63.96.130
49.12.16.151
52.219.150.34
85.10.231.200
91.121.248.44
94.23.99.218
99.86.4.53
03cd0c4153d5ffb396435175859981002c5199aa38867ee251ebfc455c88b0ce
08409d08d8d118c6c6d1c375e079bfce656ac367ff4d1dd9551fff110033c185
08d94081aae4a9e14e2e6b0e5867e7c975528dd42da8f77fa25db22daee669da
0ab8ec3febc74a5ee84c39a1a66d9838eda1329874dee3b5a27575969303c779
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0c69445e2f19e1c7d74e0913877d11f4a7556294b1f32d1c41016619cca5c33c
0da5752a3373745c49aae507b0f6d761eb7b6370f15268f345c7d9044a8f87b0
13ac4d1e3799f5a35b98f91b370da03a16432041ad70a06e41c7e27773f2092d
18626282d1e0435ca8dc3867786c25ad49af070cdb0b5ecfa38c36cfc7b220f6
1d6c122b5fa19d9330bd8da28671032001df9841f293408cc4e1c307036d0169
233fc91d5e25e5f647da5130b91a631da3c73565301438608bbe09605b272d87
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
25d0eaeb97ca5e4b0097d05fea46007a360c10c0c282d25db855fb119e72b8c6
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
384179ee8fb1fd393558e28ea811532ea776e8cd69f9e94f379ddefb78948bd7
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
449c470341e2a604bba309012c17f4bc4ac3d90ab6056c87720581e48a157d71
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4598433715f527c4611a35aa1f68a21f8a4998069c9e4e72c106c7e9194b76d1
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c43b5a4b3195c9906e79dc2c16dba6c63ebd73cf6aac667c1e3850409aaf934
4d1711b810f4539ba05dc7dea26dfc5f725e460ff775ebd85dc71fe60cda9e25
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
50fd82fffa98f7ba53bad40e570696d3ca199aa911eb4f2baac3f25df883f2d0
5206e3f20447988dd8129f3bbbad32a66a5289a720c6e708524ab2a9cb386c8f
525e7c89461afb3f73ea7030fbceba4f9e9383570159926acee637b4f86b8148
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56985873f7a0a8ef5b6756867909f531f1f5b72df605e973d932560071ac0c41
582e283baa4cce4006055beb2eb8fe257c1ec5ef573a40f173b880636089e8cd
59281e56c234b99f06646fb232513834dcad32d928f0b969f2fb0ae3791c1b0d
5ff8bcb23c86664e2e99eb925afc849d2461d1188fd87060ce9415447873d9ca
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
626517b84819b349fb699b027ce0204605477e26b294b5a57eb9593e77905fc0
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67e9bdea66473ace99a04daa0b6b7625f761c969b049823b66cade6bd82d5c0d
694adc42b1e12c4edc69f43c2aaafea20e28d55d4ee73c3505cd1bf8b90e3452
6dfcb14c0c0092d1e9ebf15cc22c4aeed2cc4a3785c6394728280ee13ac6b21e
6f820af849043d7fa250c1e734dad60b6ece3154831b5478f229a3fadab78c17
7b348b30ea1fe43857e68fc462c29e5c6e63c97666af75135c4396a272e54762
7b83fcf0c14a666da37e8038a58b3ab39b69e16189da1fb058e18ed3ba4c50ff
7ff7df7441a1aa5d8f84504c26e1ba96aad5b9b972cc8e213a4dbc7c4b2b0a57
802907ebe830c498d3bd238dd2089bda70c634b9ca537bede560ef015d9131ec
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83d4a245bc335218ba4d4fdb89e81d7c43954f41e57a14eedddd3e06e4030190
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8a8fe1a2ccca773e5d851e559cad0f6bfb66d0ede859fcfe62c730e7d7c02e05
94c201ca80b814cbe94ac7aef118c3bb77b8c62d1c86d7984782b80880e731a9
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a8d9ff124c05c65b2e624c8ca4f383284485d02936a19fbd93ea40effa86520c
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b71f68f37fcb358dc5f75e0fa8bf01c97cd5f4720f60e41f34f65f2ce4191196
bdf0289cae2382fc82e3bd7ae64f3b52630909165ce960aa9052e1d43fc54c9c
c6d35b87f2d3be09a898e9b6bb718f40b0b9c1ebe772a3c05204b180e33407b1
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca57b79a870bbf54700730858603a70d79743779c1b059922ec401bfddc5adc9
cb0d254a3a4c773d7f236277c7a3423489edb56ff34428733b15f35ed374f42b
d1e6017fa3381dc72b9e0a28f35de53373984b7fcd67a03a8682e7bbcbdaf306
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d85ff4ff5419e721ef04483dd4995db0a4c89dc414071eceedd4f31a628b6c86
dbdd43ce01462d50a3e272c6af1cae1d0dbd8c439d887a88792062b8a2a79d17
dd56ec379663b08d337121d527abaf097d71669c2a586dc77b9405301444a4d6
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9bc2088ea5540d5acf232a09754bd86e00db1bdf0ff153dbf62aef9638252ff
eae87ff84c39e6cf0408f4bde3cc3f7051088d681f815037d6a07f4f7e91c284
eb593468b1ba6c3c29af04809eae45ae34129d0bf10410ec5ee9458680728565
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ed0e7e64215a9663152e2d5c1c9a5ba0fe76c9f5de3dfe71bf45f0a64e977c69
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f18d76388d9d96001296b013677527432631b3d042ce6aded5f81b27c3f45ed1
f1ef4c9774d3d66f3ef935f2e01da016f9ab0cf099ce597758e427649c130300
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f715c45e8b3d762a3488c95e44226ce48e8069e8f864790ab54b4c225ac87e48
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7e23f6ceeb4570939ccfc34e0c28e4b43bd7097d846a84575a5468fac582e9f
f91ab0b676861b1fc92ffe1e6f321a5d307f16268b37f8eb1c9c3959f1758d24
feaaf3e6489541de55ba8900e29f8bfdf53ae07ddd6c5160fb9e3c2cf3e433f2