www.fimela.com Open in urlscan Pro
35.190.21.225 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.fimela.com/
Effective URL:
https://www.fimela.com/
Submission: On November 05 via api (November 5th 2023, 3:06:40 pm UTC) from US — Scanned from DE

Summary HTTP 320 Redirects Links 16 Behaviour Indicators

Summary

This website contacted 82 IPs in 12 countries across 58 domains to perform 320 HTTP transactions. The main IP is 35.190.21.225, located in Kansas City, United States and belongs to GOOGLE, US. The main domain is www.fimela.com. The Cisco Umbrella rank of the primary domain is 242039.
TLS certificate: Issued by GTS CA 1D4 on November 3rd 2023. Valid for: 3 months.

This is the only time www.fimela.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	35.190.21.225 35.190.21.225	15169 (GOOGLE) (GOOGLE)
14	2.19.126.87 2.19.126.87	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6812:d63b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2.19.198.49 2.19.198.49	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:808::200e	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1	151.101.131.52 151.101.131.52	54113 (FASTLY) (FASTLY)
1	2606:4700::68... 2606:4700::6810:7baf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 3	108.157.4.121 108.157.4.121	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2.16.202.115 2.16.202.115	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.32.238.131 23.32.238.131	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	34.87.106.44 34.87.106.44	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 16	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	23.32.238.153 23.32.238.153	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
1 6	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
8	2.16.164.112 2.16.164.112	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
8	34.149.107.84 34.149.107.84	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	34.128.127.30 34.128.127.30	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	46.228.174.115 46.228.174.115	56396 (AMOBEE) (AMOBEE)
8	52.28.203.152 52.28.203.152	16509 (AMAZON-02) (AMAZON-02)
3	47.254.199.63 47.254.199.63	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2 4	172.64.151.101 172.64.151.101	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.120.63.153 34.120.63.153	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2602:803:c003... 2602:803:c003:200::41	26667 (RUBICONPR...) (RUBICONPROJECT)
1	52.29.129.24 52.29.129.24	16509 (AMAZON-02) (AMAZON-02)
3	5.196.111.65 5.196.111.65	16276 (OVH) (OVH)
3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	2.19.245.101 2.19.245.101	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	185.89.210.46 185.89.210.46	29990 (ASN-APPNEX) (ASN-APPNEX)
1	34.102.146.192 34.102.146.192	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
19	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700:10:... 2606:4700:10::ac43:266a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:243... 2600:9000:243d:2c00:a:e047:753:a221	16509 (AMAZON-02) (AMAZON-02)
3	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.66.248.77 18.66.248.77	16509 (AMAZON-02) (AMAZON-02)
1	34.96.70.87 34.96.70.87	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
27	2a00:1450:400... 2a00:1450:4001:830::2001	15169 (GOOGLE) (GOOGLE)
1	54.77.82.203 54.77.82.203	16509 (AMAZON-02) (AMAZON-02)
1 2	34.120.107.143 34.120.107.143	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 5	2a02:2638:3::c 2a02:2638:3::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	162.19.138.120 162.19.138.120	16276 (OVH) (OVH)
13	23.32.238.154 23.32.238.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
4	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
5	2.19.126.96 2.19.126.96	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1 1	3.120.100.40 3.120.100.40	16509 (AMAZON-02) (AMAZON-02)
10	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	35.190.0.66 35.190.0.66	15169 (GOOGLE) (GOOGLE)
2 2	95.101.200.166 95.101.200.166	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	37.157.4.28 37.157.4.28	198622 (ADFORM) (ADFORM)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:8fce:4ad0:61a1:a65c	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	151.101.193.44 151.101.193.44	54113 (FASTLY) (FASTLY)
6	151.101.1.44 151.101.1.44	54113 (FASTLY) (FASTLY)
1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	34.96.105.8 34.96.105.8	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	18.159.232.130 18.159.232.130	16509 (AMAZON-02) (AMAZON-02)
2 2	213.155.156.166 213.155.156.166	1299 (TWELVE99 ...) (TWELVE99 Arelion)
1	63.32.119.33 63.32.119.33	16509 (AMAZON-02) (AMAZON-02)
2 3	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:831::200d	15169 (GOOGLE) (GOOGLE)
1	34.102.185.47 34.102.185.47	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2.18.160.23 2.18.160.23	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	193.0.160.130 193.0.160.130	54312 (ROCKETFUEL) (ROCKETFUEL)
1	185.64.190.79 185.64.190.79	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	2a04:4e42:400... 2a04:4e42:400::300	54113 (FASTLY) (FASTLY)
2	141.226.224.32 141.226.224.32	200478 (TABOOLA-AS) (TABOOLA-AS)
320	82

3 35.190.21.225 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 225.21.190.35.bc.googleusercontent.com

www.fimela.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2.19.126.87 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-87.deploy.static.akamaitechnologies.com

cdn-production-assets-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d63b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.onesignal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.19.198.49 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-198-49.deploy.static.akamaitechnologies.com

cdn1-production-assets-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.131.52 (United States)

ASN54113 (FASTLY, US)

rtbcdn.andbeyond.media	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:7baf (United States)

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 108.157.4.121 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.16.202.115 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-202-115.deploy.static.akamaitechnologies.com

static-web.prod.vidiocdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.32.238.131 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-131.deploy.static.akamaitechnologies.com

personalization.vidio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.87.106.44 (Singapore, Singapore)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 44.106.87.34.bc.googleusercontent.com

adserver.kl-youniverse.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.32.238.153 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-153.deploy.static.akamaitechnologies.com

cdns.klimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebase.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.164.112 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-164-112.deploy.static.akamaitechnologies.com

cdn0-production-images-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.149.107.84 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 84.107.149.34.bc.googleusercontent.com

cdp.vidio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.128.127.30 (Jakarta, Indonesia)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 30.127.128.34.bc.googleusercontent.com

event.fimela.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)

targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com

c2shb.pubgw.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 47.254.199.63 (Kuala Lumpur, Malaysia)

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

as.innity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

display.bidder.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.64.151.101 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.63.153 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 153.63.120.34.bc.googleusercontent.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.29.129.24 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-129-24.eu-central-1.compute.amazonaws.com

tlx.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.196.111.65 (Le Grau-du-Roi, France)

ASN16276 (OVH, FR)
PTR: ip65.ip-5-196-111.eu

prg-apac.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

emtek-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
google-bidout-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.245.101 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-245-101.deploy.static.akamaitechnologies.com

a.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com

oa.openxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:243d:2c00:a:e047:753:a221 (United States)

ASN16509 (AMAZON-02, US)

cdn.prod.uidapi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.248.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-77.dus51.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.70.87 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 87.70.96.34.bc.googleusercontent.com

invstatic101.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.82.203 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.107.143 (Kansas City, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com

oajs.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:3::c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.120 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533571.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 23.32.238.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-32-238-154.deploy.static.akamaitechnologies.com

preview-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseinstallations.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.19.126.96 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-19-126-96.deploy.static.akamaitechnologies.com

cdn1-production-images-kly.akamaized.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

firebaseremoteconfig.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.120.100.40 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-100-40.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.0.66 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 66.0.190.35.bc.googleusercontent.com

ads.travelaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 95.101.200.166 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a95-101-200-166.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.28 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:8fce:4ad0:61a1:a65c (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 151.101.193.44 (United States)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
trc.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.1.44 (United States)

ASN54113 (FASTLY, US)

api.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

gcm.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.105.8 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 8.105.96.34.bc.googleusercontent.com

tr.blismedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.159.232.130 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-159-232-130.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.166 (Sweden) 2 redirects

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.119.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-119-33.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.248.245.213 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

am-trc-events.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.185.47 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 47.185.102.34.bc.googleusercontent.com

www.youniverse.id	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.160.23 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-160-23.deploy.static.akamaitechnologies.com

cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.130 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.79 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image8.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)

pips.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)

cds.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
44	akamaized.net cdn-production-assets-kly.akamaized.net — Cisco Umbrella Rank: 114812 cdn1-production-assets-kly.akamaized.net — Cisco Umbrella Rank: 128573 cdn0-production-images-kly.akamaized.net — Cisco Umbrella Rank: 107743 preview-kly.akamaized.net — Cisco Umbrella Rank: 101172 cdn1-production-images-kly.akamaized.net — Cisco Umbrella Rank: 106912	1 MB
38	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	465 KB
37	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 149	385 KB
35	doubleclick.net 2 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 245	303 KB
27	taboola.com display.bidder.taboola.com — Cisco Umbrella Rank: 10365 cdn.taboola.com — Cisco Umbrella Rank: 1136 api.taboola.com — Cisco Umbrella Rank: 5292 am-trc-events.taboola.com — Cisco Umbrella Rank: 16673 images.taboola.com — Cisco Umbrella Rank: 1923 trc.taboola.com — Cisco Umbrella Rank: 705 pips.taboola.com — Cisco Umbrella Rank: 1694 cds.taboola.com — Cisco Umbrella Rank: 1933	635 KB
16	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 3040 accounts.google.com — Cisco Umbrella Rank: 24	82 KB
12	criteo.com 2 redirects gum.criteo.com — Cisco Umbrella Rank: 454 mug.criteo.com — Cisco Umbrella Rank: 2926 dis.criteo.com — Cisco Umbrella Rank: 597 ads.eu.criteo.com — Cisco Umbrella Rank: 10450 rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 17732 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552	118 KB
10	vidio.com personalization.vidio.com — Cisco Umbrella Rank: 67560 cdp.vidio.com — Cisco Umbrella Rank: 75709	15 KB
9	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 364 firebase.googleapis.com — Cisco Umbrella Rank: 3697 firebaseinstallations.googleapis.com — Cisco Umbrella Rank: 555 firebaseremoteconfig.googleapis.com — Cisco Umbrella Rank: 497 fonts.googleapis.com — Cisco Umbrella Rank: 31	64 KB
8	yahoo.com c2shb.pubgw.yahoo.com — Cisco Umbrella Rank: 1906	690 B
6	google.de www.google.de — Cisco Umbrella Rank: 6862	904 B
6	gstatic.com www.gstatic.com	70 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	297 KB
5	openx.net 1 redirects emtek-d.openx.net — Cisco Umbrella Rank: 113704 oajs.openx.net — Cisco Umbrella Rank: 1656 google-bidout-d.openx.net — Cisco Umbrella Rank: 1665 u.openx.net — Cisco Umbrella Rank: 659	1 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
5	fimela.com 1 redirects www.fimela.com — Cisco Umbrella Rank: 242039 event.fimela.com	371 KB
4	3lift.com 2 redirects tlx.3lift.com — Cisco Umbrella Rank: 572 eb2.3lift.com — Cisco Umbrella Rank: 417	2 KB
4	casalemedia.com 2 redirects htlb.casalemedia.com — Cisco Umbrella Rank: 511 dsum.casalemedia.com — Cisco Umbrella Rank: 1396 dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625	2 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 35	344 KB
3	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 335	20 KB
3	smartadserver.com prg-apac.smartadserver.com — Cisco Umbrella Rank: 10357	1008 B
3	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 513	2 KB
3	innity.com as.innity.com — Cisco Umbrella Rank: 28757	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 172	871 B
2	de17a.com 2 redirects d5p.de17a.com — Cisco Umbrella Rank: 4905	645 B
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 599	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2101	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 976 bcp.crwdcntrl.net — Cisco Umbrella Rank: 887	12 KB
2	id5-sync.com cdn.id5-sync.com — Cisco Umbrella Rank: 863 id5-sync.com — Cisco Umbrella Rank: 440	31 KB
2	pubmatic.com hbopenbid.pubmatic.com — Cisco Umbrella Rank: 502 image8.pubmatic.com — Cisco Umbrella Rank: 662	155 B
2	media.net prebid.media.net — Cisco Umbrella Rank: 1335 cs.media.net — Cisco Umbrella Rank: 1513	1 KB
2	unrulymedia.com targeting.unrulymedia.com — Cisco Umbrella Rank: 792	162 B
2	vidiocdn.com static-web.prod.vidiocdn.com — Cisco Umbrella Rank: 69008	9 KB
2	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 145 partner.googleadservices.com — Cisco Umbrella Rank: 1181	2 KB
2	onesignal.com cdn.onesignal.com — Cisco Umbrella Rank: 4223	71 KB
1	rfihub.com 1 redirects p.rfihub.com — Cisco Umbrella Rank: 868	755 B
1	youniverse.id www.youniverse.id — Cisco Umbrella Rank: 114767	2 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 353	150 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	5 KB
1	360yield.com match.360yield.com — Cisco Umbrella Rank: 2249	200 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 351	147 B
1	blismedia.com tr.blismedia.com — Cisco Umbrella Rank: 1824	174 B
1	ctnsnet.com 1 redirects gcm.ctnsnet.com — Cisco Umbrella Rank: 54581	611 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 764	465 B
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1737	298 B
1	travelaudience.com 1 redirects ads.travelaudience.com — Cisco Umbrella Rank: 5683	556 B
1	rlcdn.com id.rlcdn.com — Cisco Umbrella Rank: 728	99 B
1	agkn.com 1 redirects d.agkn.com — Cisco Umbrella Rank: 755	729 B
1	creativecdn.com invstatic101.creativecdn.com — Cisco Umbrella Rank: 2139	1 KB
1	uidapi.com cdn.prod.uidapi.com — Cisco Umbrella Rank: 2491	3 KB
1	openxcdn.net oa.openxcdn.net — Cisco Umbrella Rank: 1762	8 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 246	584 B
1	teads.tv a.teads.tv — Cisco Umbrella Rank: 1462	380 B
1	klimg.com cdns.klimg.com — Cisco Umbrella Rank: 78281	111 KB
1	kl-youniverse.com adserver.kl-youniverse.com — Cisco Umbrella Rank: 101871	4 KB
1	unpkg.com unpkg.com — Cisco Umbrella Rank: 903	2 KB
1	andbeyond.media rtbcdn.andbeyond.media — Cisco Umbrella Rank: 33163	2 KB
0	spotxchange.com Failed search.spotxchange.com Failed
320	58

	Domain	Requested by
19	static.criteo.net	securepubads.g.doubleclick.net ads.eu.criteo.com
18	tpc.googlesyndication.com	www.fimela.com 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
16	imageproxy.eu.criteo.net	ads.eu.criteo.com
15	securepubads.g.doubleclick.net	1 redirects www.fimela.com securepubads.g.doubleclick.net 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com www.googletagservices.com
14	cdn-production-assets-kly.akamaized.net	www.fimela.com cdn-production-assets-kly.akamaized.net
13	preview-kly.akamaized.net	www.fimela.com preview-kly.akamaized.net
10	cm.g.doubleclick.net	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com www.fimela.com
10	pagead2.googlesyndication.com	www.fimela.com pagead2.googlesyndication.com 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	cdn.taboola.com	www.fimela.com cdn.taboola.com
9	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com	securepubads.g.doubleclick.net www.fimela.com
9	www.google.com	2 redirects www.fimela.com 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com tpc.googlesyndication.com
8	c2shb.pubgw.yahoo.com	cdns.klimg.com
8	cdp.vidio.com	static-web.prod.vidiocdn.com
8	cdn0-production-images-kly.akamaized.net	www.fimela.com
6	www.google.de	www.fimela.com
6	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com www.fimela.com 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com www.googletagmanager.com
6	www.gstatic.com	www.fimela.com 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
5	www.googletagservices.com	www.fimela.com 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
5	cdn1-production-images-kly.akamaized.net	www.fimela.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com www.fimela.com
4	images.taboola.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
4	am-trc-events.taboola.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
4	region1.analytics.google.com	www.googletagmanager.com
4	gum.criteo.com	1 redirects static.criteo.net cdn.taboola.com
4	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
4	www.googletagmanager.com	www.fimela.com www.gstatic.com www.googletagmanager.com
4	cdn1-production-assets-kly.akamaized.net	www.fimela.com
3	trc.taboola.com	cdn.taboola.com
3	accounts.google.com	cdn-production-assets-kly.akamaized.net accounts.google.com
3	eb2.3lift.com	2 redirects
3	csm.eu.criteo.net	ads.eu.criteo.com
3	cdn.jsdelivr.net	securepubads.g.doubleclick.net 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
3	prg-apac.smartadserver.com	cdns.klimg.com
3	fastlane.rubiconproject.com	cdns.klimg.com
3	as.innity.com	cdns.klimg.com
3	sb.scorecardresearch.com	1 redirects www.fimela.com
3	www.fimela.com	1 redirects ajax.googleapis.com
2	cds.taboola.com	cdn.taboola.com
2	pips.taboola.com	cdn.taboola.com
2	dsum.casalemedia.com	2 redirects
2	d5p.de17a.com	2 redirects
2	api.taboola.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	rtb.fr3.eu.criteo.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
2	ads.eu.criteo.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
2	c1.adform.net	2 redirects
2	e.dlx.addthis.com	2 redirects
2	fonts.googleapis.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com www.fimela.com
2	firebaseremoteconfig.googleapis.com	www.gstatic.com
2	firebaseinstallations.googleapis.com	www.gstatic.com
2	oajs.openx.net	1 redirects www.fimela.com
2	targeting.unrulymedia.com	cdns.klimg.com
2	event.fimela.com	www.fimela.com
2	firebase.googleapis.com	www.gstatic.com
2	personalization.vidio.com	www.fimela.com www.youniverse.id
2	static-web.prod.vidiocdn.com	www.fimela.com www.youniverse.id
2	cdn.onesignal.com	www.fimela.com cdn.onesignal.com
1	image8.pubmatic.com
1	u.openx.net
1	dsum-sec.casalemedia.com
1	p.rfihub.com	1 redirects
1	cs.media.net
1	www.youniverse.id	www.fimela.com
1	match.adsrvr.org
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	match.360yield.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
1	x.bidswitch.net	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
1	tr.blismedia.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
1	gcm.ctnsnet.com	1 redirects
1	cms.quantserve.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
1	ag.innovid.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
1	dis.criteo.com	1 redirects
1	ads.travelaudience.com	1 redirects
1	id.rlcdn.com	0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
1	d.agkn.com	1 redirects
1	google-bidout-d.openx.net	oa.openxcdn.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	mug.criteo.com	www.fimela.com
1	id5-sync.com	cdn.id5-sync.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	invstatic101.creativecdn.com	securepubads.g.doubleclick.net
1	tags.crwdcntrl.net	securepubads.g.doubleclick.net
1	cdn.prod.uidapi.com	securepubads.g.doubleclick.net
1	cdn.id5-sync.com	securepubads.g.doubleclick.net
1	oa.openxcdn.net	securepubads.g.doubleclick.net
1	ib.adnxs.com	cdns.klimg.com
1	hbopenbid.pubmatic.com	cdns.klimg.com
1	a.teads.tv	cdns.klimg.com
1	emtek-d.openx.net	cdns.klimg.com
1	tlx.3lift.com	cdns.klimg.com
1	prebid.media.net	cdns.klimg.com
1	htlb.casalemedia.com	cdns.klimg.com
1	display.bidder.taboola.com	cdns.klimg.com
1	cdns.klimg.com	www.fimela.com
1	adserver.kl-youniverse.com	www.fimela.com
1	unpkg.com	www.googletagmanager.com
1	rtbcdn.andbeyond.media	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	ajax.googleapis.com	www.fimela.com
0	search.spotxchange.com Failed	cdns.klimg.com
320	100

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
instagram.com
www.twitter.com
www.pinterest.com
www.youtube.com
event.fimela.com
www.instagram.com
www.liputan6.com
www.bola.com
www.bola.net
www.brilio.net
www.kapanlagi.com
www.merdeka.com
www.otosia.com
www.dream.co.id

Subject Issuer	Validity	Valid
fimela.com GTS CA 1D4	`2023-11-03` - `2024-02-01`	3 months	crt.sh
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
andbeyond.media Certainly Intermediate R1	`2023-10-31` - `2023-11-30`	a month	crt.sh
*.scorecardresearch.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-15` - `2023-12-28`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.static6.com DigiCert TLS RSA SHA256 2020 CA1	`2023-08-02` - `2024-05-15`	9 months	crt.sh
adserver.kl-youniverse.com R3	`2023-10-05` - `2024-01-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdns.klimg.com R3	`2023-09-18` - `2023-12-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
cdp.vidio.com GTS CA 1D4	`2023-10-09` - `2024-01-07`	3 months	crt.sh
event.fimela.com R3	`2023-10-26` - `2024-01-24`	3 months	crt.sh
*.targeting.unrulymedia.com Sectigo RSA Domain Validation Secure Server CA	`2023-05-10` - `2024-05-10`	a year	crt.sh
web.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-10-17` - `2024-04-10`	6 months	crt.sh
*.innity.com Sectigo RSA Domain Validation Secure Server CA	`2022-11-08` - `2023-12-09`	a year	crt.sh
*.bidder.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
casalemedia.com Cloudflare Inc ECC CA-3	`2023-05-21` - `2024-05-20`	a year	crt.sh
prebid.media.net GTS CA 1D4	`2023-10-28` - `2024-01-26`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.openx.net RapidSSL TLS RSA CA G1	`2023-08-18` - `2024-08-18`	a year	crt.sh
teads.tv R3	`2023-11-03` - `2024-02-01`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2023-02-13` - `2024-03-15`	a year	crt.sh
oa.openxcdn.net GTS CA 1D4	`2023-09-25` - `2023-12-24`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
cdn.prod.uidapi.com R3	`2023-11-02` - `2024-01-31`	3 months	crt.sh
*.crwdcntrl.net Amazon RSA 2048 M01	`2023-10-08` - `2024-11-05`	a year	crt.sh
invstatic101.creativecdn.com GTS CA 1D4	`2023-10-24` - `2024-01-22`	3 months	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-26` - `2023-12-23`	3 months	crt.sh
*.id5-sync.com R3	`2023-11-01` - `2024-01-30`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
*.innovid.com RapidSSL TLS RSA CA G1	`2023-03-15` - `2024-04-14`	a year	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-07` - `2023-12-30`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
*.taboola.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-23` - `2024-11-22`	a year	crt.sh
quantserve.com R3	`2023-10-28` - `2024-01-26`	3 months	crt.sh
tr.blismedia.com GTS CA 1D4	`2023-10-04` - `2024-01-02`	3 months	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.360yield.com Amazon RSA 2048 M01	`2023-05-29` - `2024-06-26`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
accounts.google.com GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-10-16` - `2024-01-08`	3 months	crt.sh
youniverse.id GTS CA 1D4	`2023-10-31` - `2024-01-29`	3 months	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.fimela.com/
Frame ID: 7E42152EC0A62DA156071B9392D103FA
Requests: 141 HTTP requests in this frame

Frame: https://www.fimela.com/pages/widget-signature
Frame ID: C0A5D7A3FE980E33453D9B663D2D52F3
Requests: 26 HTTP requests in this frame

Frame: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7A292CEF802EC43341109AB57288C054
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html
Frame ID: 737DE6772E7C002585F7624DEBE87706
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.fimela.com
Frame ID: 41B2D8337A7C6B7CC9781A40D4C21F84
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1089981280613575&output=html&adk=1812271804&adf=3025194257&lmt=1699196793&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.fimela.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699196792860&bpp=4&bdt=772&idt=307&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1613126716053&frm=20&pv=2&ga_vid=130911004.1699196792&ga_sid=1699196793&ga_hid=211535687&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079296%2C31079344%2C44807047%2C44807335%2C44807454%2C31078297%2C31079384%2C31079156&oid=2&pvsid=280461385158023&tmod=1272286115&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&fsb=1&dtd=332
Frame ID: FDFB2064C4F52300801A6F8572530975
Requests: 1 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: CAAFB15371664EAE2031CCD6AC561F96
Requests: 1 HTTP requests in this frame

Frame: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 4035FAB628894BE12C613FA356C02F16
Requests: 6 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CBE78EEC1FC335B2E5F503468BBFF5D3
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 43C32F8CFD3AD00B290B29164D856EBB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A65A3CFFD353F2D688FC06AC7103F082
Requests: 9 HTTP requests in this frame

Frame: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 16065B7FC423A0BCD1699F5C64F6DB28
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUeveQAIY8oK7dVJAABSTHXIOBEpCzQIUOS4ig&u=%7CRr15wD2RH8bs8WWVZ4Y13IMZ5I7z0g7l9ujAwbPygC0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5PaJIo7hg_UG8XX80x7hSFPhP0RgGvdECQZf64IrwqD6ONyYivKGP6cWISNMV9T2jWd8HfTpJaEYAo0QrEwrEmFMkBwn4sv6TcDQyBuD0JCRKgRSBM82ti-Mp1o9PvI1_8o8Ar_dDT8ZX_DPPVKvasYGuYNYOh6lL78dY5Dyb0GfaZMQSLtZh82_AGTTWxBZ3NAwqNNJa-LPgBhp9pAjcrMaUC6Ej9kDs5Rqo-6jlg4U3lsrjYphQinlCrgEehPLSyLC1goDMnQjF2S-JA3GyfgIXGEjwqWUplV0SdriJVRYBnUvnE9qIxKEMzOXuXXNkcH3QvpJ5TeVF_stNvg-2EqOz8oMpyi86Lx7lYSP8xlIptAXRBp6Vatob59cpS5wAnF68bTuxHVFpuNTkdtcmjfOlGAvDwgZEBMjcypI7Ig7bNuEimM-ri_0FWQ2rZwSF-kksI29cs1QAkZkuXvAgSF8QX-ogRwByBsAhw8e6SxpV2xLwYH-qte0G3olTwt6fiGZJcnmG_uEyP-jvNDTsJkCfxHi8kKHfVub-FjMvBV_likTHfn5j-o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMfPeea9HZcrHIcmqtwfMpIGwCsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yODM4MzQ5NzMwOTY2NDM5yAEJqQIq3HRoEwGyPuACAKgDAcgDAqoErwJP0DWW82LKZbnt0kNVB0KhDkLcLtnzVlMfeWgjeFsU4v2HqlxJoAJ38wEIKk8u7J-ekLYTA1n-QbTMIf1iQna2BhJOFt6YjJ0XxXeitWM998bp6flBSEEhrhQMxZlIYGrTAfZntxBOQl5UNiltgU9xv_Xa-JCktHtvgmKvIlqRf3pp_Lc6OyiA9c6Qku1Xia5-QhltovL_kQXuYyiwNb5tF1yruB8h2YaX5sRPUMhzu8jzmGA3jVpyBnkEqIEwxDqthb2FNEFQGD0G73QlgN5h9MogwMP4t5p6tb31JbVhn5JwBq39Rng8ChWzPHdyqBNby4DbIEMz7OYwps_rQ40148UMfJ0I-lA-r6fgdprU1MCSkSQqrMoHuAPpO_5ejOr1hu6uYM0sb-zuhWw8W0bgBAGABsmzwMbp97XX3gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1TU21FeJZOsvDR3XjulXEGSknPPQ%26client%3Dca-pub-2838349730966439%26adurl%3D
Frame ID: 7E28DDF5E924664EA5E96DB8DA151CF4
Requests: 18 HTTP requests in this frame

Frame: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 5BC85C4754EFEE8B54C2C71B957018E2
Requests: 8 HTTP requests in this frame

Frame: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A158EBA3486B357052A0AE930A8BC878
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js
Frame ID: 3BC3E09EE5561B53F9B0FDBEF5E17AE4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Frame ID: 7692FBECAC85C0499898DCDB62F2889A
Requests: 15 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Frame ID: 097BEE6A031466B0A16233764F6A1E9B
Requests: 12 HTTP requests in this frame

Frame: data://truncated
Frame ID: 42FE0C23FF85CCA06FAFC27950D79DB6
Requests: 3 HTTP requests in this frame

Frame: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 07511C0E9B649B219A5FE2FA6DDBDDA1
Requests: 11 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUeveQAMqggK7ePBAAU0eLB4kDnKRBDTJXJTow&u=%7CRr15wD2RH8ZsJosYXl6IFV8PCGK4Syj6AGeTqsG5dDo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xZOo8mTeDbnt0r2yTMEpIfESH-9hkMGeEU5nicMYHz-moxIPjwg_L720TMr6cNjgm01Kt4THRNdsHoPXUbAi6rlpklF6TPLQA2btYZaqehdXdq6-qfDPhq5wPWCdU6c7YK094VOwqGs_T1sY5JMxSgBrtgrnYQ_fGgyGYqSP3__nNO56chNHdBadBitrRgY5mjhlC3wVN-VdNhz6T2WhG9cP91ArFwLLv1yRTjbpkeD5pjY9eJlrnBkUiX8dq4yenKgnl8KcmaYczXPASzKkARvHKYs0svLeHQLNwOb-bxOgl5WLly2UoNtbhb25O41ZCQZW6OMHa-lh3LzipTaCjvMOZZ59iNv22vgEt9_dg90ycxozglNLaPsuScNCigTVntmChWfZoefd5n6W3KhnP9WJeu84zscM3Y1UcWcA-sMir8JzEPa2f7R1xlcW6P2FvkWcoTreQPuQRIRG27hVWkjsCFJM-24C9vzmHGtAP-jXr-1gqX__KRp_8Bq6gPy-ZbEDK4qkThjgPxSplMFKeBNkd50kT9S3VBsknK89GID9w2RfnK0l-TX_O--rNe_GwQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2wckea9HZYjUMsHHtwf46JQoyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTI4MzgzNDk3MzA5NjY0MznIAQmpAircdGgTAbI-4AIAqAMByAMCqgSpAk_QYtnMdcjzSjMekF-d3ddnmeY4RQXss7lgfbVFUzS65hvZp9hizRI4bttLQrVEKadPjuqBWbScLJZxSvy-ytLX8tiWwfDHz5Tg7Lgfe5_GESfov8w45_-koSM506qfPedgJRCoL68fvV8-mlrWghNkLg8KIGto1-xITNv1e23iaV0GcNq-tAoN4YaAArKFSDTjV5ShvwEpbnSCoNk89pp-2FCvr2QjneHAWiuaSSi2dohAXC7205BjKUS3UYe32Y7hNlxWez9C5KhaMeQrjWN8FthRsYUq3h4qmoejfSI343976-5eZtJIOWeobpYDO1cfZJ0oGEdopzgo8DlYmgA_AbXlycD_rRmTNP_UUyPW-sbLmh9GASXks5QYMCl4H4wTWiFT4GEs3OAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Fxilc_WFP3kpy7Pdrigx0ifqibA%26client%3Dca-pub-2838349730966439%26adurl%3D
Frame ID: A194739D4FCBCBA59FE00BE83A519AE6
Requests: 24 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 2602FEBC6BE5969B5188AEFCBF503441
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 08D844C5B2159BB371AA1027E5E5CE39
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5326B6D4E24018FE75BC2402D791A5E3
Requests: 2 HTTP requests in this frame

Frame: https://www.youniverse.id/html/crossmatch-cookies-frame.html?senderCookies=4cc94913-9087-4593-b23b-3ab920160540&senderGAID=GA1.1.130911004.1699196792&senderHost=www.fimela.com&reqCallback=true
Frame ID: AEC1E1C840BDDDBFD59FB87C6CA094A3
Requests: 5 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Berita Lifestyle, Selebriti, Tips Cantik & Fashion Terbaru | Fimela.com

Page URL History Show full URLs

http://www.fimela.com/ HTTP 301
https://www.fimela.com/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Ahoy (Analytics) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneSignal (Marketing automation) Expand

Overall confidence: 100%
Detected patterns

cdn\.onesignal\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

320
Requests

94 %
HTTPS

37 %
IPv6

58
Domains

100
Subdomains

82
IPs

12
Countries

4576 kB
Transfer

11644 kB
Size

55
Cookies

16 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/fimeladotcom

Search URL Search Domain Scan URL

URL: https://instagram.com/fimeladotcom

Search URL Search Domain Scan URL

URL: https://www.twitter.com/fimeladotcom

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/fimela

Search URL Search Domain Scan URL

URL: https://www.youtube.com/fimeladotcom

Search URL Search Domain Scan URL

URL: https://event.fimela.com/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/fimeladotcom/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/fimeladotcom

Search URL Search Domain Scan URL

URL: https://www.liputan6.com/
Title: Liputan6.com

Search URL Search Domain Scan URL

URL: https://www.bola.com/
Title: Bola.com

Search URL Search Domain Scan URL

URL: https://www.bola.net/
Title: Bola.net

Search URL Search Domain Scan URL

URL: https://www.brilio.net/
Title: Brilio.net

Search URL Search Domain Scan URL

URL: https://www.kapanlagi.com/
Title: KapanLagi.com

Search URL Search Domain Scan URL

URL: https://www.merdeka.com/
Title: Merdeka.com

Search URL Search Domain Scan URL

URL: https://www.otosia.com/
Title: Otosia.com

Search URL Search Domain Scan URL

URL: https://www.dream.co.id/
Title: Dream.co.id

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.fimela.com/ HTTP 301
https://www.fimela.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 40

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&label=NirYCK_s6d4DEPienOAo&hn=www.googleadservices.com&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&value=0&auid=1812385534.1699196792&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&ocp_id=eK9HZfm8HI63x_APibiSqAI&sscte=1&crd=&eitems=ChEI8PqcqgYQmuD3s_GhjrT0ARIdABCEDVtO3SXus_-pSoAIkhSrhc7l4huFWPVPsGw&pscrd=Ek5DaEFJOFBxY3FnWVFqSzJIM2NEX2dkNTJFaVlBQ2F1NWpGWVBwcUc2aWlWQWNOVEZJZE5ZcXM0VWQ1c2NvZU9ITTdkcWQyYTdPa0daNWcaWkNoRUk4UHFjcWdZUXpLMjF0dS1rN2JhdEFSSXVBSTc4YjEtUlN2bWdKbE1GT1g3dXpwS2FfVjRuNUhLcUs5Z0pxTTRIbTdCdHliUko0MlQ2dzg2MzEwcmV6USITCPnY36mRrYIDFY7bEQgdCZwEJQ HTTP 302
https://www.google.com/pagead/1p-conversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&label=NirYCK_s6d4DEPienOAo&hn=www.googleadservices.com&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&value=0&auid=1812385534.1699196792&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFBxY3FnWVFqSzJIM2NEX2dkNTJFaVlBQ2F1NWpGWVBwcUc2aWlWQWNOVEZJZE5ZcXM0VWQ1c2NvZU9ITTdkcWQyYTdPa0daNWcaWkNoRUk4UHFjcWdZUXpLMjF0dS1rN2JhdEFSSXVBSTc4YjEtUlN2bWdKbE1GT1g3dXpwS2FfVjRuNUhLcUs5Z0pxTTRIbTdCdHliUko0MlQ2dzg2MzEwcmV6USITCPnY36mRrYIDFY7bEQgdCZwEJQ&is_vtc=1&ocp_id=eK9HZfm8HI63x_APibiSqAI&cid=CAQSGwDICaaN9i5y96tC8fZKX3JS4sJtVvUyuyltdQ&eitems=ChEI8PqcqgYQmuD3s_GhjrT0ARIdABCEDVul9mBPGSaDzSPkeciB-sd5RpUxHUyH28c&random=1479194912 HTTP 302
https://www.google.de/pagead/1p-conversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&label=NirYCK_s6d4DEPienOAo&hn=www.googleadservices.com&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&value=0&auid=1812385534.1699196792&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFBxY3FnWVFqSzJIM2NEX2dkNTJFaVlBQ2F1NWpGWVBwcUc2aWlWQWNOVEZJZE5ZcXM0VWQ1c2NvZU9ITTdkcWQyYTdPa0daNWcaWkNoRUk4UHFjcWdZUXpLMjF0dS1rN2JhdEFSSXVBSTc4YjEtUlN2bWdKbE1GT1g3dXpwS2FfVjRuNUhLcUs5Z0pxTTRIbTdCdHliUko0MlQ2dzg2MzEwcmV6USITCPnY36mRrYIDFY7bEQgdCZwEJQ&is_vtc=1&ocp_id=eK9HZfm8HI63x_APibiSqAI&cid=CAQSGwDICaaN9i5y96tC8fZKX3JS4sJtVvUyuyltdQ&eitems=ChEI8PqcqgYQmuD3s_GhjrT0ARIdABCEDVul9mBPGSaDzSPkeciB-sd5RpUxHUyH28c&random=1479194912&ipr=y

Request Chain 107

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.fimela.com%2F&rid=esp HTTP 302
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.fimela.com%2F&rid=esp&cc=1

Request Chain 118

https://gum.criteo.com/sid/json?origin=publishertagids&domain=fimela.com&sn=ChromeSyncframe&so=0&topUrl=www.fimela.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=yo13u3xDZDF6b0xhRG1QYVgwUmhoK1lBeTB6emFIcitORHpvcEh3cDJleGNacG1IR2ROdDRNUUEzMU1GMVV1dC9BUHlYTjR2c1BpaWpRMVZSVGQ4UStxZ1hrTkIzdjFPY1NUVkVNVGtWSHlGWlFkTUVNQWtMUytDWUQyU2FkMEhlTmExS0NHd0dJTUFKdVJGR3laM2ViTGdBcXh3TFpPa3VIVlVZYndZZHNVOVpXb1BrVGdpU3JZdGRDbnZsMXlySEM5M1ZCRHIvREdQcXpCNWxJODMyYm1sYzVoVTA2R1VDRk55MjJkbEtpclJIMm93c29teldtRW5PcXRsRDFTTU9USHlyU2ZrZER2cmp6c0g4TEd4NjVBY3ArZz09fA&cppv=2

Request Chain 172

https://d.agkn.com/pixel/2175/?google_gid=CAESEGq0-Z3y-q-6ihXHJ_EODNE&google_cver=1&google_push=AXcoOmST14cNWp8Dy1lT4Nuhuw6mFdlSF0A7nsHsYWPs7-GIc4ftt_EJ_KRfetRLIeed56FDtshH2ekyLxrwARzcHbpsupBONiJbkA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmST14cNWp8Dy1lT4Nuhuw6mFdlSF0A7nsHsYWPs7-GIc4ftt_EJ_KRfetRLIeed56FDtshH2ekyLxrwARzcHbpsupBONiJbkA&google_hm=Q0FFU0VHcTAtWjN5LXEtNmloWEhKX0VPRE5F

Request Chain 174

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEarqgwLirt6HK0U7ncGxAw&google_cver=1&google_push=AXcoOmRVVm9uvePFw9xJOlw_rguDiP4uXwlMc266NiigriGGjf9iiC-VrPqES7WfyKMCWvBqXHip57VGESC5udHXxYT3iyoPAGvy0as HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ts3H7ZzSRfIsUILLoK6vSg&google_push=AXcoOmRVVm9uvePFw9xJOlw_rguDiP4uXwlMc266NiigriGGjf9iiC-VrPqES7WfyKMCWvBqXHip57VGESC5udHXxYT3iyoPAGvy0as

Request Chain 175

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQJK5P5Shb6z4Ycv1FY7hI4j0uwsXlIabx8IA2T8q4JZDJG1Ev6duTcCCfX6xhkYm8-5E0W1yaxd_M13mIvvdsG8VdL9eui1Dg&google_gid=CAESEBkXJXgPqtbac6hBpE72hsc&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQJK5P5Shb6z4Ycv1FY7hI4j0uwsXlIabx8IA2T8q4JZDJG1Ev6duTcCCfX6xhkYm8-5E0W1yaxd_M13mIvvdsG8VdL9eui1Dg&google_gid=CAESEBkXJXgPqtbac6hBpE72hsc&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDUxNTA2MzQwMDAxMzkwNjEwNzI0NQ%3D%3D&google_push=AXcoOmQJK5P5Shb6z4Ycv1FY7hI4j0uwsXlIabx8IA2T8q4JZDJG1Ev6duTcCCfX6xhkYm8-5E0W1yaxd_M13mIvvdsG8VdL9eui1Dg

Request Chain 176

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ4u2679ol7KrVFPqNEQk0wEaXNLlq9oXGPmQRLGGpTNAZyrj_pwoRkhlviJbItBlKqk8QfNI0WVQbe7pLO4VmqfXQIRqIVugQ&google_gid=CAESEFUV5lsSQTKIYDOFVv1QXFA&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0jO4K6HhcbTeC-Lj9w5q_98qb0VD3uqZ7CANpw&google_push=AXcoOmQ4u2679ol7KrVFPqNEQk0wEaXNLlq9oXGPmQRLGGpTNAZyrj_pwoRkhlviJbItBlKqk8QfNI0WVQbe7pLO4VmqfXQIRqIVugQ

Request Chain 177

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIt38uyUCP0P0gRo2bU1mbU&google_cver=1&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33bOZ1kAnhCxZ3YqUktzoh5GMiKmTIo HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIt38uyUCP0P0gRo2bU1mbU&google_cver=1&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33bOZ1kAnhCxZ3YqUktzoh5GMiKmTIo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE3NDQ4OTc5MDAyMzgxMzU2OA&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33bOZ1kAnhCxZ3YqUktzoh5GMiKmTIo

Request Chain 180

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 229

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf9tkHJDjMrq6Sno4BAuHhWTuzTRa5-I6YMrdA7NdIUbKMjVRkNTyE6pa0cGTRr5OrtYSDNYDvesOJfj_Uwc5OcLuoXiBLfBcs5Puy0toGJF6GVf5UwT8lySfXa2lYJDyBNNccNkT1SlABFryLbvvdUh9y1NX6p9YtMGmn7KAy2brJG7LJ5Oebe4IQ0ReJMXFR6YrnIqagK0Y5GaeJT2XgGHxfotz45m7yRWQH9CdGYjZxkgUrGXSyE4Oe9sC-ZK1AZ51BqJSS8UWtvPou2qAZ9YAlS2EaKV94Uwg5uxX923hF5m5kECq9-En9SnCo5UuPNXV8qpDL0p-jwtFIcDDKj-llX_ybFXS-jzj96E9oZcs_38SvuzGxYs8FeECF9CI&sai=AMfl-YSSreyFuUiAfmIjTLzA-KehvkCQVpA2OdUshtrMBAzIRItGAC9b14waHqoMr0WG8vgPbbhwpOdPqd4sSaAyi-agWyFBtg9QBk-fhb-2A_yd-ccG2624zITF86V34y_8vg4DQVfNEbr766xdVvNHX1k&sig=Cg0ArKJSzKf65CtQrl8zEAE&uach_m=[UACH]&urlfix=1&adurl=https://tpc.googlesyndication.com/pagead/imgad/dot.gif HTTP 302
https://tpc.googlesyndication.com/pagead/imgad/dot.gif

Request Chain 239

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJA53lDsVuIvTb8BUUkdslA&google_cver=1&google_push=AXcoOmRtSlTRrJL6prXaQ7BSL9DElCbQmXc2W9ykOoxa7Kjvist4x9d8b6QnLKdLuR1kP5hZWzVQXEcFY2HBX1f4uADA8cLNlY8 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtSlTRrJL6prXaQ7BSL9DElCbQmXc2W9ykOoxa7Kjvist4x9d8b6QnLKdLuR1kP5hZWzVQXEcFY2HBX1f4uADA8cLNlY8&google_hm=zOV5gT8DSY2DWrzT15MVPos

Request Chain 242

https://d5p.de17a.com/cookies/google?google_gid=CAESEDzJHkJxhjosV_650ZH8XD4&google_cver=1&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWetARZFk HTTP 302
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDzJHkJxhjosV_650ZH8XD4&google_cver=1&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWetARZFk HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWetARZFk

Request Chain 244

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGc4JnYH5vm_Zrvvo3zaav4&google_cver=1&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWEyA6YBXwCu7Jefk7AtfZ-6GibBaomJUHG18eDtajnjLUU HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWEyA6YBXwCu7Jefk7AtfZ-6GibBaomJUHG18eDtajnjLUU&google_gid=CAESEGc4JnYH5vm_Zrvvo3zaav4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxODczMDIyODUyMzQ3NTYyMzc1Ng%3D%3D&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWEyA6YBXwCu7Jefk7AtfZ-6GibBaomJUHG18eDtajnjLUU

Request Chain 289

https://sb.scorecardresearch.com/c2/12418281/cs.js HTTP 302
https://sb.scorecardresearch.com/internal-c2/default/cs.js

Request Chain 321

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=802778&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy= HTTP 302
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=802778&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1 HTTP 302
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0 HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210827949852790

320 HTTP transactions
17 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.fimela.com/
Redirect Chain

http://www.fimela.com/
https://www.fimela.com/

369 KB
76 KB

356ms
325ms

Document
text/html

35.190.21.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.190.21.225 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

225.21.190.35.bc.googleusercontent.com

Software

nginx /

Resource Hash

0674c10755fa38a071c19729971be7aadf20e71905f28bf17c7c1d013538b3c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 315
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-length: 76854
content-type: text/html; charset=UTF-8
date: Sun, 05 Nov 2023 15:01:16 GMT
server: nginx
server-node: production-publishing-web-ig-ns3t
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-cache: HIT
x-cache-hits: 3
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-mode: ZombiE V4, knock knock
x-ttl: 300.000

Redirect headers

Content-Length: 0
Date: Sun, 05 Nov 2023 15:06:31 GMT
Location: https://www.fimela.com/
Server: Varnish
Via: 1.1 google
X-Varnish: 9284786

GET
H2 200 advertisement.df330292.js Show response
cdn-production-assets-kly.akamaized.net/builds/ 530 B
866 B 75ms
11ms Script
application/javascript 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/builds/advertisement.df330292.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: d6665412627ab58e882c11fa48134dbcd49cc4b406bed9df44b70225ffbb1749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtGWOr_qWiQnXGVHtyt-oPWjNLGsMNKEctRXmJNx8JB-u_pYGGWuGlXCheyH7WciJRCktwhFI5XL0Haln5bXqvGBw
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 331
last-modified: Tue, 03 Jan 2023 06:24:16 GMT
server: UploadServer
etag: "13498253d57bab5658b482da4c8ac623"
vary: Accept-Encoding
x-goog-generation: 1672727056781919
content-type: application/javascript
x-goog-hash: crc32c=5SSz5Q==, md5=E0mCU9V7q1ZYtILaTIrGIw==
cache-control: max-age=31536000
x-goog-stored-content-length: 331
accept-ranges: bytes
expires: Sat, 14 Sep 2024 01:54:35 GMT

GET
H2 200 fimela.5eb07dc9.css
cdn-production-assets-kly.akamaized.net/builds/ 342 KB
68 KB 95ms
33ms Stylesheet
text/css 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 84206d625d0624dd1c5243698b6176a45bd5046a1b6336209bd2d8b824f2a472

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvq_447FUPb2jHpAuTBmdmIQU_fCq_8rgqX5uZe5WZPKK6k491fZFF71HmXsdAJzi50bRG5CcEnmg
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
last-modified: Fri, 20 Oct 2023 07:24:04 GMT
server: UploadServer
etag: W/"2eb6b72a09dfa3d748eef3ae23ae2748"
vary: Accept-Encoding
x-goog-generation: 1697786644745004
content-type: text/css
x-goog-hash: crc32c=U9RU6Q==, md5=Lra3Kgnfo9dI7vOuI64nSA==
cache-control: max-age=31536000
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 68930
x-amz-checksum-crc32c: U9RU6Q==
accept-ranges: bytes
expires: Sat, 19 Oct 2024 07:56:45 GMT

GET
H2 200 20230914110803.desktop.fimela.css
cdn-production-assets-kly.akamaized.net/custom_scripts/ 71 KB
14 KB 76ms
14ms Stylesheet
text/css 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/custom_scripts/20230914110803.desktop.fimela.css
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 3e80cc2748c6fad5c6e2e8c0e2376230e48b9eda7aa46b2a345ad44e5275a5f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvdiaar2QrzReMX9ZOdLt9FaG_YmsjlsiFvMAgM5NdKvdf3nyh1AtZfotgkmGf2ZeoMX2EK_xu3p0ckDy_G9DBRwQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 13491
last-modified: Thu, 14 Sep 2023 04:08:03 GMT
server: UploadServer
etag: "5c61c44d7087299bcae2fa4a641bbff2"
vary: Accept-Encoding
x-goog-generation: 1694664483456861
content-type: text/css
x-goog-hash: crc32c=gIV1Yw==, md5=XGHETXCHKZvK4vpKZBu/8g==
cache-control: max-age=31536000
x-goog-stored-content-length: 73088
x-amz-checksum-crc32c: gIV1Yw==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.0/ 82 KB
29 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 10:09:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 536201
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29478
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 29 Oct 2024 10:09:51 GMT

GET
H2 200 gtm.e1ef7f9f.js Show response
cdn-production-assets-kly.akamaized.net/builds/ 50 KB
16 KB 33ms
31ms Script
application/javascript 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/builds/gtm.e1ef7f9f.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 363412612cec1a8a31c031a4a0304514b35bf95fec74c6678078664e8248d370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdsyr8WkvhlY5XE5-eYQzpRArr29lx1qFRSBvC12_xlI47hHptgtyj9SXSC6hzt3sySUuV7hJ5euE56cqjTHHI80AQNnNHaW
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15741
last-modified: Wed, 30 Aug 2023 08:01:41 GMT
server: UploadServer
etag: "727d8bd39afd3497827db59c117998d8"
vary: Accept-Encoding
x-goog-generation: 1693382501459757
content-type: application/javascript
x-goog-hash: crc32c=V6AMnA==, md5=cn2L05r9NJeCfbWcEXmY2A==
cache-control: max-age=31536000
x-goog-stored-content-length: 15741
x-amz-checksum-crc32c: V6AMnA==
accept-ranges: bytes
expires: Thu, 29 Aug 2024 08:37:45 GMT

GET
H2 200 OneSignalSDK.js Show response
cdn.onesignal.com/sdks/ 9 KB
3 KB 59ms
23ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalSDK.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2280
etag: W/"2a3bbde818bef34d53a0df862ead5d5f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 8216004f9bea18d6-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Nov 2023 15:06:32 GMT

GET
H2 200 037795600_1682647756-Fimela.png
cdn1-production-assets-kly.akamaized.net/logos/841/original/ 9 KB
10 KB 103ms
29ms Image
image/png 2.19.198.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1-production-assets-kly.akamaized.net/logos/841/original/037795600_1682647756-Fimela.png
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-49.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 3b9e09d815ca4ad1b4ff31aeb3750af2c67207cbc3eb78403bbd4de6787712aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ADPycdv3WTx6OKBx-SlmHwFy6BqIrsWh9iYJhhabOhiOUHcsHw_VZb0CF8CaJ0lhEaxlDq5APbHMNO4-U2rqAXQFJwp9ci_Dzz72
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 9560
last-modified: Fri, 28 Apr 2023 02:09:16 GMT
server: UploadServer
etag: "7846f213b8bfa814ce3b6b098c5c16c9"
x-goog-generation: 1682647756650324
content-type: image/png
x-goog-hash: crc32c=QoSNRQ==, md5=eEbyE7i/qBTOO2sJjFwWyQ==
cache-control: max-age=31536000
x-goog-stored-content-length: 9560
x-amz-checksum-crc32c: QoSNRQ==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 blank.png
cdn-production-assets-kly.akamaized.net/assets/images/ 69 B
579 B 59ms
10ms Image
image/png 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-production-assets-kly.akamaized.net/assets/images/blank.png
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: d3b7a3dda1b71a43233db018edcaa51ccc9342ab0f449e0d73cd4dd3b8fa16d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ADPycdvBWmaBSuCb088NzA2pGXVRb9dJ5wofMGwH5MRE8QM7360otMqJgHNT0e2OzXxc5EMpo8k07YScKwXIFc2HwbyyhvpnE4wr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 69
last-modified: Mon, 16 Jan 2023 03:56:08 GMT
server: UploadServer
etag: "c6b723e54f71b433dbf73e236d3bce9a"
x-goog-generation: 1673841368766936
content-type: image/png
x-goog-hash: crc32c=EYGOUA==, md5=xrcj5U9xtDPb9z4jbTvOmg==
cache-control: max-age=31536000
x-goog-stored-content-length: 69
accept-ranges: bytes
expires: Thu, 26 Sep 2024 08:32:32 GMT

GET
H2 200 023862700_1644565888-FimelAstro_Widget_Dekstop__178px_-_171px__prev.jpg
cdn1-production-assets-kly.akamaized.net/image_uploads/381/original/ 54 KB
55 KB 31ms
30ms Image
image/jpeg 2.19.198.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1-production-assets-kly.akamaized.net/image_uploads/381/original/023862700_1644565888-FimelAstro_Widget_Dekstop__178px_-_171px__prev.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-49.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 83fba3f3b124378c4c5f0f40cd084d01c5dd1541db5748dbdc4d02a521154773

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ABPtcPp0xEsyqYVJnO6Ey653egFeRwA9NruIzX0W6I0VIr2ethbMRMT24zKNNftnQZAje3tVBgE0scS2Ng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 55463
last-modified: Fri, 11 Feb 2022 07:51:28 GMT
server: UploadServer
etag: "b7f6faed92e31c01c5c6a886809c4686"
x-goog-generation: 1644565888453359
content-type: image/jpeg
x-goog-hash: crc32c=UZJeDw==, md5=t/b67ZLjHAHFxqiGgJxGhg==
cache-control: max-age=31536000
x-goog-stored-content-length: 55463
x-amz-checksum-crc32c: UZJeDw==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 297 KB
95 KB 78ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDJLBKS

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66c697e3fafc2745e1fccc5b1b11a4e65354cd0ab70439a0c5caf8224b83224a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 97041
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 raleway-v12-latin-regular.woff2
cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/ 20 KB
21 KB 61ms
16ms Font
application/octet-stream 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/raleway-v12-latin-regular.woff2
Requested by: Host: cdn-production-assets-kly.akamaized.net
URL: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 3650de8bc2dd8352b01aa49e9f0ae225098e86a31da32b04d81abb76b598d0d6

Request headers

Referer: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ADPycdsxj2paTY3NLxZoknl-B4YDIDFu2JNrm7pbDMp8_mmNrHsKSKfYzplfNX2ao8Mf3xr-9cwYUjIX2OJQShabqll46nYIjB1a
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 20444
last-modified: Thu, 19 Jan 2023 05:36:38 GMT
server: UploadServer
etag: "2075794c8e9e7e48e5fbf1b2313e7adf"
access-control-max-age: 31536000
x-goog-generation: 1674106598649191
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=hyI2+Q==, md5=IHV5TI6efkjl+/GyMT563w==
cache-control: max-age=31536000
access-control-allow-methods: GET
x-goog-stored-content-length: 20444
accept-ranges: bytes
expires: Tue, 24 Sep 2024 04:55:13 GMT

GET
H2 200 raleway-v12-latin-700.woff2
cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/ 20 KB
21 KB 64ms
20ms Font
application/octet-stream 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/raleway-v12-latin-700.woff2
Requested by: Host: cdn-production-assets-kly.akamaized.net
URL: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 04e4826be27264de184e934234f9f5166f0cca0a8088424d2cff44e5ee37f591

Request headers

Referer: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ADPycdvtv2OOCKAbj8opEQX8q1HJHv1ZoSYrmqweeL4eXWli9JaoHNraXdmucINR3n3pgLfU17ud4E3-1vpWryRSOf-NWPdQK3Fz
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 20612
last-modified: Thu, 31 Aug 2023 07:47:10 GMT
server: UploadServer
etag: "dcbe8703a0a177b692121274ade573cf"
access-control-max-age: 31536000
x-goog-generation: 1693468030409681
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=YrTMUA==, md5=3L6HA6Chd7aSEhJ0reVzzw==
cache-control: max-age=31536000
access-control-allow-methods: GET
x-goog-stored-content-length: 20612
x-amz-checksum-crc32c: YrTMUA==
accept-ranges: bytes
expires: Wed, 25 Sep 2024 14:38:46 GMT

GET
H2 200 frank-ruhl-libre-v3-latin-regular.woff2
cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/FrankRuhlLibre/ 19 KB
20 KB 60ms
17ms Font
application/octet-stream 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/FrankRuhlLibre/frank-ruhl-libre-v3-latin-regular.woff2
Requested by: Host: cdn-production-assets-kly.akamaized.net
URL: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 36fec2dd200001a2276aa93f7e5d08bd51c8eb245aaee0c69fddb2ec0530ad45

Request headers

Referer: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ADPycdtdsmDZR28-bc_dxM_Ok60pdEyA0fHwU9F7cvQ8fnGHqjJYZX8k92eIdDuFULTiOuc8QwvgYEWm_exJTdCZ4YyPng
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 19772
last-modified: Tue, 03 Jan 2023 06:24:26 GMT
server: UploadServer
etag: "f44dd825a28e7ac660932c7e853ac4c7"
access-control-max-age: 31536000
x-goog-generation: 1672727066515218
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=vAWQ8A==, md5=9E3YJaKOesZgkyx+hTrExw==
cache-control: max-age=31536000
access-control-allow-methods: GET
x-goog-stored-content-length: 19772
accept-ranges: bytes
expires: Tue, 10 Sep 2024 12:45:16 GMT

GET
H2 200 OneSignalPageSDKES6.js Show response
cdn.onesignal.com/sdks/ 284 KB
68 KB 35ms
34ms Script
application/javascript 2606:4700::6812:d63b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151604

Requested by

Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:d63b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: HIT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains
age: 2280
etag: W/"7f9669464fe15e6a516c0eb693b26dbb"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=259200
cf-ray: 821600501c7f18d6-FRA
access-control-allow-headers: OneSignal-Subscription-Id
alt-svc: h3=":443"; ma=86400
expires: Wed, 08 Nov 2023 15:06:32 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 57ms
13ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDJLBKS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 05 Nov 2023 13:49:42 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 4610
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sun, 05 Nov 2023 15:49:42 GMT

GET
H2 200 / Show response
www.googleadservices.com/pagead/conversion/10939207544/ 3 KB
2 KB 115ms
42ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion/10939207544/?random=1699196792376&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&label=NirYCK_s6d4DEPienOAo&hn=www.googleadservices.com&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&value=0&bttype=purchase&auid=1812385534.1699196792&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDJLBKS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c7edf8a1c7a2289d0aee27be5c9dfd82ab1ae0417d10d7ce9fbaf221e58d1dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1667
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 request_js_552778.js Show response
rtbcdn.andbeyond.media/ 1 KB
2 KB 83ms
12ms Script
text/javascript 151.101.131.52
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtbcdn.andbeyond.media/request_js_552778.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDJLBKS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.131.52 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 8c4a73a728698256a3c265eaf2745df68c8f4404df61e18e2a19eb6c4afa912a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230054-FRA
date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 varnish
last-modified: Mon, 16 May 2022 05:11:55 GMT
server: AmazonS3
x-amz-request-id: ESDBN3QPHJ2AAY0T
age: 1163
etag: "6e97bc00f530f456d1e214f7212ec35e"
x-timer: S1699196792.455186,VS0,VE1
x-cache: HIT
content-type: text/javascript
accept-ranges: bytes
content-length: 1449
x-amz-id-2: OUdmNY/SD797cSI4Yk3AU6ACMXKjPU+w7eh+tiNNHVd6u36sUyroSnXig2iTdbysNIrUKeO5HpxCm77hBNWyJw==
x-cache-hits: 1

GET
H2 200 web-vitals.umd.js Show response
unpkg.com/web-vitals@1.1.0/dist/ 4 KB
2 KB 41ms
18ms Script
application/javascript 2606:4700::6810:7baf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/web-vitals@1.1.0/dist/web-vitals.umd.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDJLBKS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:7baf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 305424
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01HE6X21M14C35T5A2SDEJ57S5-fra
server: cloudflare
etag: W/"1060-9qPq4bqeRCeFWudNuS98Bp0PQDY"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 8216005088c49ba4-FRA

GET
H2 204 b
sb.scorecardresearch.com/ 0
226 B 101ms
15ms Image
text/plain 108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=12418281&ns__t=1699196792358&ns_c=UTF-8&c8=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&c7=https%3A%2F%2Fwww.fimela.com%2F&c9=
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 13w_GpOCgoEcjGKhBOfJN-S0Zk82eL-N7p-26sF-2xVVFBfQjy11xA==
x-cache: Miss from cloudfront

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/9.10.0/ 86 KB
19 KB 72ms
30ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.10.0/firebase-app.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97a6c6a88dabfb26c2387ffd82de82fc9d7bcf4242c6be4a5d26918838fef0ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 02:52:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 389633
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19579
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 19:21:35 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 02:52:39 GMT

GET
H2 200 firebase-analytics.js Show response
www.gstatic.com/firebasejs/9.10.0/ 24 KB
8 KB 70ms
29ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.10.0/firebase-analytics.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b558429e85c7f891955b4af827fe7311159447084984a4251575a995726b19c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Mon, 30 Oct 2023 12:31:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 527711
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8379
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 19:20:41 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 29 Oct 2024 12:31:21 GMT

GET
H2 200 firebase-remote-config.js Show response
www.gstatic.com/firebasejs/9.10.0/ 26 KB
26 KB 58ms
17ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/9.10.0/firebase-remote-config.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d8ed02b0cec8379cca3e4f290fe963604de8902dd64c9208eb1612d70491283b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 11:08:49 GMT
x-content-type-options: nosniff
age: 187063
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26446
x-xss-protection: 0
last-modified: Thu, 15 Sep 2022 19:21:02 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 02 Nov 2024 11:08:49 GMT

GET
H2 200 blank-transparent.png
cdn-production-assets-kly.akamaized.net/assets/images/ 68 B
595 B 11ms
11ms Image
image/png 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn-production-assets-kly.akamaized.net/assets/images/blank-transparent.png
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ADPycdsRtS38tRiimqJq_Oao1zw-tf4RCo3N4cdXOvCHl-YSNpNe3xmQC4gy2LDa4G2f31TKn7kGKWgsUbYv6Gu_mTdE-Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 68
last-modified: Thu, 31 Aug 2023 07:47:13 GMT
server: UploadServer
etag: "91e42db1c66c0b276abf6234dc50b2eb"
x-goog-generation: 1693468033102019
content-type: image/png
x-goog-hash: crc32c=FWkPzg==, md5=keQtscZsCydqv2I03FCy6w==
cache-control: max-age=31536000
x-goog-stored-content-length: 68
x-amz-checksum-crc32c: FWkPzg==
accept-ranges: bytes
expires: Sun, 29 Sep 2024 13:09:30 GMT

GET
H2 200 20231018074008.desktop.fimela.js Show response
cdn-production-assets-kly.akamaized.net/custom_scripts/ 54 KB
16 KB 16ms
16ms Script
text/javascript 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/custom_scripts/20231018074008.desktop.fimela.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: a84e8beb198a7dda034dba1662c2eba295af1f2963ef9c49214ee8517c58a651

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycduHp0QB_zdoAiiUWwPqLT5GMBbeVw6Bp_K--Acqi5B4-4ipcc29kXadquP42S1jh0arVOI
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15790
last-modified: Wed, 18 Oct 2023 00:40:08 GMT
server: UploadServer
etag: "6bf87f24fc68b134d81a9ee5a74794d0"
vary: Accept-Encoding
x-goog-generation: 1697589608964027
content-type: text/javascript
x-goog-hash: crc32c=Onre7Q==, md5=a/h/JPxosTTYGp7lp0eU0A==
cache-control: max-age=31536000
x-goog-stored-content-length: 54828
x-amz-checksum-crc32c: Onre7Q==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 fimela.697daf0f.js Show response
cdn-production-assets-kly.akamaized.net/builds/ 740 KB
186 KB 23ms
23ms Script
application/javascript 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/builds/fimela.697daf0f.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 5f579e1dadd53e0e79defb2030e2f53f760c3d787bc6e60107e436e0df563703

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrpC29-uU_g1vyDMgtOrvyZ6PwgDJlNvfUNc5xmoqlLRVSIO5RFKL8_6VrR16wfNmWMA9Y
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
last-modified: Fri, 03 Nov 2023 06:08:15 GMT
server: UploadServer
etag: W/"22b4eb15723255ee7d614e95f57626bb"
vary: Accept-Encoding
x-goog-generation: 1698991695967744
content-type: application/javascript
x-goog-hash: crc32c=bW3EGQ==, md5=IrTrFXIyVe59YU6V9XYmuw==
cache-control: max-age=31536000
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 189534
x-amz-checksum-crc32c: bW3EGQ==
accept-ranges: bytes
expires: Sat, 02 Nov 2024 06:48:01 GMT

GET
H2 200 grunticon.loader.013163f9.js Show response
cdn-production-assets-kly.akamaized.net/builds/ 3 KB
2 KB 15ms
4ms Script
application/javascript 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/builds/grunticon.loader.013163f9.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: f27654c4163fb3c1d254ad97604592a5942bc7773925dd68046ff732befde135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtdNhhcpm6H_0tKu4zaoTg8VCrhavfTgdfUe2LVlXFu0VBZtqe9SzlEVdbbYeHjSvFLW32zbIn_biFARA2U7pjo9Q
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 1542
last-modified: Mon, 30 Jan 2023 06:30:31 GMT
server: UploadServer
etag: "a7ac846e2a7695be12dd9f8e660696ae"
vary: Accept-Encoding
x-goog-generation: 1675060231246418
content-type: application/javascript
x-goog-hash: crc32c=w0YMzQ==, md5=p6yEbip2lb4S3Z+OZgaWrg==
cache-control: max-age=31536000
x-goog-stored-content-length: 1542
accept-ranges: bytes
expires: Sat, 28 Sep 2024 06:28:32 GMT

GET
H2 200 ahoy-falcon-2022-01-13-02-35-43.js Show response
static-web.prod.vidiocdn.com/ahoy/ 15 KB
5 KB 121ms
43ms Script
application/javascript 2.16.202.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-web.prod.vidiocdn.com/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-115.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 57a070b33299c9f4fb90f8ec33ad7bc757bcd4523d2fc9438d54031992d21a32

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 08:20:30 GMT
server: UploadServer
etag: "c805d2d1d4987fcfda26b9bfd5956759"
vary: Accept-Encoding, Accept-Encoding, Origin
x-guploader-uploadid: ADPycdtoUT9VBZgUvV54L4uFXJMo-SWVBf1qECDt0ud9k_ftJGHPRxh-iy6ef7TLkjMYPCfaK9AS4uMx8HB7PKH0hR3FgQ
x-goog-hash: crc32c=q/fApw==, md5=yAXS0dSYf8/aJrm/1ZVnWQ==
content-type: application/javascript
access-control-allow-origin: https://www.fimela.com
cache-control: no-transform, max-age=31453341
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4447

GET
H2 200 embed-internal.8324be04cc0adb1be9165f1847ed900281851c7a.js Show response
personalization.vidio.com/ 18 KB
7 KB 97ms
9ms Script
application/javascript 23.32.238.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://personalization.vidio.com/embed-internal.8324be04cc0adb1be9165f1847ed900281851c7a.js?enable_ptid=false
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-131.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 80f0ca9c170debfbc6d04f92a1c62b0ddab77287947094956313cce1c41d9f69

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 05:04:57 GMT
server: UploadServer
etag: "e6e84f9b8501ca62996cc680fb173510"
vary: Accept-Encoding
x-guploader-uploadid: ADPycdupdlHE_aZKKRbuYQV6d4qAbCjXjwn7FrPd3U-muLGfrvrvn1KLdK-DJUIFJekCdulCVCTGk-FQJBboIvoD2GW7eEccHf3E
x-goog-hash: crc32c=s6OG1g==, md5=5uhPm4UBymKZbMaA+xc1EA==
content-type: application/javascript
access-control-allow-methods: GET,POST
cache-control: public, max-age=3600
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 7113

GET
H2 200 asyncjs.php Show response
adserver.kl-youniverse.com/ 10 KB
4 KB 662ms
208ms Script
text/javascript 34.87.106.44
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://adserver.kl-youniverse.com/asyncjs.php

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

34.87.106.44 Singapore, Singapore, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

44.106.87.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

3d690cf3b06f092db10d31d2dc09829309bb7377128f15e62181356619dd2e82

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
content-type: text/javascript;charset=UTF-8
cache-control: private, max-age=3600
expire: Sun, 05 Nov 2023 16:06:32 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 101 KB
31 KB 126ms
78ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7cca5b5e3b1fa2aa1bfe2f971f304c352507d7d6f029f49f38d458b4ac92741

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31711
x-xss-protection: 0
server: cafe
etag: 946 / 19666 / m202310310101 / config-hash: 7101305502720886139
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 loader.js Show response
cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/ 355 KB
111 KB 123ms
29ms Script
application/javascript 23.32.238.153
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.153 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-153.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 33858706321f5ad6609abde33b626180ef17a8fc3f67e94a1cd329b67f81f174

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: public
date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
last-modified: Thu, 23 Feb 2023 06:35:53 GMT
server: nginx
etag: W/"63f70949-58ce7"
vary: Accept-Encoding
content-type: application/javascript
server-node: klimg-cdn-ig-fmbm
access-control-allow-origin: *
cache-control: public, max-age=20
x-node: node-cloud
content-length: 113329
expires: Sun, 05 Nov 2023 15:06:52 GMT

GET
DATA 200
OK truncated
/ 666 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 56a3fd7b037a9573a6e37e885735694e4da54d5865ff33080c4f64b04815740d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 423 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c74f4140e27ccfd8133c4317f8e0f8454b4d1141fc1aed44b4beae0fd0c2645a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 897 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 41c5e1ac20da55215bca6c2c6a5dc97874dd4f09e475e43e5e4e40f526e1d18e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 815 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 36345ad9a9a08df5091f2e9eaa7f6c8753f95f7304fc56587fc40ac91475e774

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 749 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f9a1bcefcfdbd195287b5d4c564d275fc2bbc1d6d439708892bb1a1c9c59f826

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 avenir-roman.woff
cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/Avenir/ 15 KB
16 KB 22ms
13ms Font
application/font-woff 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/assets/fonts/fimela/Avenir/avenir-roman.woff
Requested by: Host: cdn-production-assets-kly.akamaized.net
URL: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: d3de9e47adb1a7aba5926a13700cfdd735c72be45509d98cb626cfb070232c61

Request headers

Referer: https://cdn-production-assets-kly.akamaized.net/builds/fimela.5eb07dc9.css
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
x-guploader-uploadid: ADPycdsh_f92-TVPdQ51WSy81RB5nFhTcSS-0RZJcu8xOTZf3iHbEI7hL6NJ9d2QZRbaNNpvmPy09bsTaOZ3B3pj_mddkg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 15324
last-modified: Mon, 28 Aug 2023 08:29:06 GMT
server: UploadServer
etag: "3e6e6ecb456ad5d99252830c1e910070"
access-control-max-age: 31536000
x-goog-generation: 1693211346841087
content-type: application/font-woff
access-control-allow-origin: *
x-goog-hash: crc32c=Wp6GgQ==, md5=Pm5uy0Vq1dmSUoMMHpEAcA==
cache-control: max-age=31536000
access-control-allow-methods: GET
x-goog-stored-content-length: 15324
x-amz-checksum-crc32c: Wp6GgQ==
accept-ranges: bytes
expires: Tue, 27 Aug 2024 22:23:41 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 24ms
21ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=211535687&t=pageview&_s=1&dl=https%3A%2F%2Fwww.fimela.com%2F&dp=%2F&dh=www.fimela.com&ul=en-us&de=UTF-8&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgQABAAAAAC~&jid=1238067483&gjid=2010317423&cid=130911004.1699196792&tid=UA-108534636-7&_gid=674876548.1699196792&_slc=1&gtm=GTM-PDJLBKS&cg1=ChannelPage&cg2=&cg5=ChannelPage&cd4=0&cd7=&cd17=ChannelPage&cd18=root&cd19=&cd20=false&cd21=1699196792371.yosozjm&cd22=2023-11-05T16%3A06%3A32.371%2B01%3A00&cd25=Desktop&cd26=&cd37=&cd41=0&cd44=0&cd45=&cd46=&cd47=&gcd=11l1l1l1l1&z=1109012614

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 62ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-108534636-7&cid=130911004.1699196792&jid=1238067483&gjid=2010317423&_gid=674876548.1699196792&_u=YGBAgQABAAAAAG~&z=1152347381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
23ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=211535687&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.fimela.com%2F&ul=en-us&de=UTF-8&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Web%20Vitals&ea=FCP&el=v1-1699196792515-8791064785085&ev=947&_u=aHDAAQABAAAAAG~&jid=1950909855&gjid=258603599&cid=130911004.1699196792&tid=UA-108534636-7&_gid=674876548.1699196792&_r=1&gtm=45He3b11n81PDJLBKSv77758889&cd4=0&cd7=&cd17=ChannelPage&cd18=root&cd19=&cd20=130911004.1699196792&cd21=1699196792517.egzqgs9j&cd22=2023-11-05T16%3A06%3A32.517%2B01%3A00&cd25=Desktop&cd26=&cd37=&cd41=0&cd44=0&cd45=&cd46=&cd47=&gcd=11l1l1l1l1&z=2084265440

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/10939207544/
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=120...
https://www.google.com/pagead/1p-conversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fw...
https://www.google.de/pagead/1p-conversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fww...

42 B
455 B

34ms
33ms

Image
image/gif

2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&label=NirYCK_s6d4DEPienOAo&hn=www.googleadservices.com&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&value=0&auid=1812385534.1699196792&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFBxY3FnWVFqSzJIM2NEX2dkNTJFaVlBQ2F1NWpGWVBwcUc2aWlWQWNOVEZJZE5ZcXM0VWQ1c2NvZU9ITTdkcWQyYTdPa0daNWcaWkNoRUk4UHFjcWdZUXpLMjF0dS1rN2JhdEFSSXVBSTc4YjEtUlN2bWdKbE1GT1g3dXpwS2FfVjRuNUhLcUs5Z0pxTTRIbTdCdHliUko0MlQ2dzg2MzEwcmV6USITCPnY36mRrYIDFY7bEQgdCZwEJQ&is_vtc=1&ocp_id=eK9HZfm8HI63x_APibiSqAI&cid=CAQSGwDICaaN9i5y96tC8fZKX3JS4sJtVvUyuyltdQ&eitems=ChEI8PqcqgYQmuD3s_GhjrT0ARIdABCEDVul9mBPGSaDzSPkeciB-sd5RpUxHUyH28c&random=1479194912&ipr=y

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-conversion/10939207544/?random=41676805&cv=11&fst=1699196792376&bg=ffffff&guid=ON&async=1&gtm=45He3b11v77758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&label=NirYCK_s6d4DEPienOAo&hn=www.googleadservices.com&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&value=0&auid=1812385534.1699196792&uamb=0&uaw=0&fmt=3&ct_cookie_present=false&sscte=1&crd=&pscrd=Ek5DaEFJOFBxY3FnWVFqSzJIM2NEX2dkNTJFaVlBQ2F1NWpGWVBwcUc2aWlWQWNOVEZJZE5ZcXM0VWQ1c2NvZU9ITTdkcWQyYTdPa0daNWcaWkNoRUk4UHFjcWdZUXpLMjF0dS1rN2JhdEFSSXVBSTc4YjEtUlN2bWdKbE1GT1g3dXpwS2FfVjRuNUhLcUs5Z0pxTTRIbTdCdHliUko0MlQ2dzg2MzEwcmV6USITCPnY36mRrYIDFY7bEQgdCZwEJQ&is_vtc=1&ocp_id=eK9HZfm8HI63x_APibiSqAI&cid=CAQSGwDICaaN9i5y96tC8fZKX3JS4sJtVvUyuyltdQ&eitems=ChEI8PqcqgYQmuD3s_GhjrT0ARIdABCEDVul9mBPGSaDzSPkeciB-sd5RpUxHUyH28c&random=1479194912&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=211535687&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.fimela.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=headline&ea=impression&el=headline%3A%3Aimpression%3A%3Atop%3A%3A%3A%3A%3A%3A&_u=aHDAgQABAAAAAG~&jid=&gjid=&cid=130911004.1699196792&tid=UA-108534636-7&_gid=674876548.1699196792&gtm=GTM-PDJLBKS&cg1=ChannelPage&cg2=&cd4=0&cd7=&cd17=ChannelPage&cd18=root&cd19=&cd20=130911004.1699196792&cd21=1699196792563.58p612rt&cd22=2023-11-05T16%3A06%3A32.563%2B01%3A00&cd25=Desktop&cd26=&cd41=0&cd44=0&cd45=&cd46=&gcd=11l1l1l1l1&z=2131492819

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 17:45:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76868
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 webConfig Show response
firebase.googleapis.com/v1alpha/projects/-/apps/1:1031270433652:web:ecaa223f7397c59bca6221/ 273 B
386 B 34ms
33ms Fetch
application/json 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1031270433652:web:ecaa223f7397c59bca6221/webConfig

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.10.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d8559b978abb26ebc3324fe598aa7e9a665ef434fb29edc8c31fc1150b19abf7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.fimela.com/
x-goog-api-key: AIzaSyDGt_EBulRPrTRA5fyA8mTJy4oyu-bxXYE
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 196
x-xss-protection: 0

OPTIONS
H2 200 webConfig
firebase.googleapis.com/v1alpha/projects/-/apps/1:1031270433652:web:ecaa223f7397c59bca6221/ Frame 0
0 128ms
30ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebase.googleapis.com/v1alpha/projects/-/apps/1:1031270433652:web:ecaa223f7397c59bca6221/webConfig

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-api-key
Access-Control-Request-Method: GET
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 05 Nov 2023 15:06:32 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 153 KB
52 KB 109ms
64ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1089981280613575

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fbc37753c881d843ab6d7655dcf38274783a2268e6199ea0232cba1cac25f80e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52315
x-xss-protection: 0
server: cafe
etag: 4538721572011309082
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 058833700_1699147696-image_123650291_-_2023-11-05T080322.289.JPG
cdn0-production-images-kly.akamaized.net/hUunUUwr6lmXtM5PEQepHjbpHXo=/0x5:960x546/1024x576/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4635938/original/ 23 KB
23 KB 74ms
16ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/hUunUUwr6lmXtM5PEQepHjbpHXo=/0x5:960x546/1024x576/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4635938/original/058833700_1699147696-image_123650291_-_2023-11-05T080322.289.JPG
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: cfaf1d79e848a7de982c0c2aaa7f14b179336d26785085ff84e0af54b6104a59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:32 GMT
server: nginx
x-ttl: 300.000
etag: "a08ce1fc7eb72feb776f0d446288bd8b2fa5906d"
x-varnish: 4227098
server-node: production-thumbor-web-ig-9sgm
content-type: image/webp
cache-control: public, max-age=31534046
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 23172
expires: Mon, 04 Nov 2024 14:33:58 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
18ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-108534636-7&cid=130911004.1699196792&jid=1950909855&gjid=258603599&_gid=674876548.1699196792&_u=aHDAAQABAAAAAG~&z=160905189

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 91ms
51ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-108534636-7&cid=130911004.1699196792&jid=1238067483&_u=YGBAgQABAAAAAG~&z=1641657253

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 112ms
53ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-108534636-7&cid=130911004.1699196792&jid=1238067483&_u=YGBAgQABAAAAAG~&z=1641657253

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fimela-icons.data.svg.d6a58ac1.css
cdn-production-assets-kly.akamaized.net/builds/ 200 KB
57 KB 24ms
24ms Stylesheet
text/css 2.19.126.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-production-assets-kly.akamaized.net/builds/fimela-icons.data.svg.d6a58ac1.css
Requested by: Host: cdn-production-assets-kly.akamaized.net
URL: https://cdn-production-assets-kly.akamaized.net/builds/grunticon.loader.013163f9.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-87.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: a9d5966000be058d1871c0592a4a4f6872dc7d8e049f99c5cce2b3a9f04bfbf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdtYkWNWyidGdWsqMrNsKbJeN_IMufvqULgPzYLf7TcJKjt4YGx_bfwbxamcrFjZL9_OQjmXpYXOM5_C95y6SxUYdQ
x-goog-storage-class: STANDARD
x-guploader-response-body-transformations: gunzipped
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
last-modified: Wed, 02 Aug 2023 09:29:08 GMT
server: UploadServer
etag: W/"52ab3c30f2ce399fee7669fe0370a88d"
vary: Accept-Encoding
x-goog-generation: 1690968548768357
content-type: text/css
x-goog-hash: crc32c=g6u8Wg==, md5=Uqs8MPLOOZ/udmn+A3CojQ==
cache-control: max-age=31536000
warning: 214 UploadServer gunzipped
x-goog-stored-content-length: 58066
x-amz-checksum-crc32c: g6u8Wg==
accept-ranges: bytes
expires: Thu, 01 Aug 2024 10:07:48 GMT

OPTIONS
H2 200 visits
cdp.vidio.com/ahoy/ Frame 0
0 379ms
317ms Preflight
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/ahoy/visits
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 google
x-envoy-upstream-service-time: 2

POST
H2 200 visits Show response
cdp.vidio.com/ahoy/ 0
40 B 318ms
317ms XHR
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/ahoy/visits
Requested by: Host: static-web.prod.vidiocdn.com
URL: https://static-web.prod.vidiocdn.com/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.fimela.com
date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 google
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 widget-signature Show response
www.fimela.com/pages/ Frame C0A5 21 KB
5 KB 347ms
346ms Document
text/html 35.190.21.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.fimela.com/pages/widget-signature
Requested by: Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.0/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.21.225 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 225.21.190.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: ca242940728052d8ed3ec52be790164043f9e58aefe045b5d5443fa5c2b075fe

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-methods: GET
access-control-allow-origin: http://pilkada.liputan6.com
age: 410
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, private
content-encoding: gzip
content-length: 5302
content-type: text/html; charset=UTF-8
date: Sun, 05 Nov 2023 14:59:42 GMT
server: nginx
server-node: production-publishing-web-ig-mr6f
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-cache: HIT
x-cache-hits: 1
x-mode: ZombiE V4, knock knock
x-ttl: 300.000

GET
H/1.1 200
OK head_party.webp
event.fimela.com/assets/ 287 KB
288 KB 936ms
449ms Image
text/plain 34.128.127.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://event.fimela.com/assets/head_party.webp

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

34.128.127.30 Jakarta, Indonesia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

30.127.128.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

6184b63c2030de47e35cb01a465f57080c76089826f8563ed60ba7f0fd27a3b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Sun, 05 Nov 2023 15:13:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2023 03:23:29 GMT
Server: nginx
ETag: "47d7e-6041b7386d1b7"
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 294270

GET
H/1.1 200
OK logo.png
event.fimela.com/assets/ 2 KB
2 KB 721ms
229ms Image
image/png 34.128.127.30
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://event.fimela.com/assets/logo.png

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305

Server

34.128.127.30 Jakarta, Indonesia, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

30.127.128.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

a5cd26add278438eb7d5a02693d139ae589d34b97e46574fc3d5346fdd2ace85

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date: Sun, 05 Nov 2023 15:13:43 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 30 Aug 2023 03:23:29 GMT
Server: nginx
ETag: "770-6041b738a4c6d"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1904

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 425 KB
133 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 13:24:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6133
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 136288
x-xss-protection: 0
server: cafe
etag: 17302374607849014435
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Mon, 04 Nov 2024 13:24:19 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 53ms
52ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-108534636-7&cid=130911004.1699196792&jid=1950909855&_u=aHDAAQABAAAAAG~&z=610481733

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 96ms
86ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-108534636-7&cid=130911004.1699196792&jid=1950909855&_u=aHDAAQABAAAAAG~&z=610481733

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 220 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 885f9854eb30002b0b52c95ab1f677df6c418626c06a1a1fbeae7fcda6e2a2ea

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 398 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4b3c5f98e0a1f3379b688114c27f93e30b0a9737f1ce8181225abc4729164c4b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 388 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bbf53a6877460a5ec96ea1888eedf06810fc58acdaafc1d5da4432b23c341cf9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 262 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 12164f3a0abfa257db5217b42c64b840a19393e13775c2f6ad19a7fa20c9c25e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 299 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7be01b58fbd8ff7e0e336e167cf227af64ea664c22090ef58d0df0c4deb406de

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

OPTIONS
H2 204 unruly_prebid
targeting.unrulymedia.com/ Frame 0
0 76ms
14ms Preflight
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 1728000
content-length: 0
content-type: text/plain charset=UTF-8
date: Sun, 05 Nov 2023 15:06:32 GMT

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 95ms
10ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 05 Nov 2023 15:06:32 GMT
server: ATS/9.1.10.90

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 95ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 05 Nov 2023 15:06:32 GMT
server: ATS/9.1.10.90

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 95ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 05 Nov 2023 15:06:32 GMT
server: ATS/9.1.10.90

OPTIONS
H2 200 bidRequest
c2shb.pubgw.yahoo.com/ Frame 0
0 94ms
11ms Preflight 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-openrtb-version
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Content-Type,X-Openrtb-Version
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 600
age: 0
content-length: 0
date: Sun, 05 Nov 2023 15:06:32 GMT
server: ATS/9.1.10.90

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
854 B 722ms
174ms XHR
application/json 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1699196792730&ver=2&hb=1&output=js&pub=536&zone=97854&url=https%253A%252F%252Fwww.fimela.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=2cb39941186143&auction=3eb3fef9-759c-41a4-974c-2478ca587032
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 05 Nov 2023 15:06:33 GMT
Last-Modified: Sun, 05 Nov 2023 15:06:33 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fimela.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
854 B 724ms
174ms XHR
application/json 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1699196792730&ver=2&hb=1&output=js&pub=536&zone=98050&url=https%253A%252F%252Fwww.fimela.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=3abb6a087a9753&auction=3eb3fef9-759c-41a4-974c-2478ca587032
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 05 Nov 2023 15:06:33 GMT
Last-Modified: Sun, 05 Nov 2023 15:06:33 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fimela.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

GET
H/1.1 200
OK / Show response
as.innity.com/synd/ 2 B
854 B 717ms
171ms XHR
application/json 47.254.199.63
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to

Full URL: https://as.innity.com/synd/?cb=1699196792730&ver=2&hb=1&output=js&pub=536&zone=98050&url=https%253A%252F%252Fwww.fimela.com%252F&width=300&height=250&vpw=1600&vph=1200&callback=json&callback_uid=43c549eb9b7348&auction=3eb3fef9-759c-41a4-974c-2478ca587032
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 47.254.199.63 Kuala Lumpur, Malaysia, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Sun, 05 Nov 2023 15:06:33 GMT
Last-Modified: Sun, 05 Nov 2023 15:06:33 GMT
Server: Apache
Access-Control-Max-Age: 86400
P3P: policyref=http://www.innity.com/p3p/p3p.xml,CP="CURa ADMa DEVa OUR BUS UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.fimela.com
Content-Type: application/json; charset=utf-8
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Access-Control-Allow-Credentials: true
Content-Length: 2
Expires: Sat, 03 Sep 1983 02:00:00 GMT

POST
H2 200 1501404 Show response
display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/ 64 KB
64 KB 630ms
402ms XHR
application/json 151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://display.bidder.taboola.com/OpenRTB/TaboolaHB/auction/1501404
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 1a552b4b3bd56b12e8724945ceb7b974fe51df9db5af30ea31feb9dbcb34be47

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

x-served-by: cache-fra-eddf8230027-FRA
date: Sun, 05 Nov 2023 15:06:33 GMT
via: 1.1 varnish
server: nginx
x-timer: S1699196793.962804,VS0,VE394
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fimela.com
x-envoy-upstream-service-time: 385
accept-ranges: bytes
content-length: 65641
x-cache-hits: 0

POST
H2 200 pbjs Show response
htlb.casalemedia.com/openrtb/ 36 B
543 B 56ms
30ms XHR
application/json 172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/openrtb/pbjs?s=802778
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b3971a51fa89d1dc29d08d452a3538dae6f0be5cf379b22436c0d8874052cf7a

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ipYypyMFqPVld6WAm4O5JMlRqkGAsDWX%2BSbvKr4uA4C06%2BqMKKLtiaKODjv5stv8XGhNIWieUXiGavfXXsnB9xucXly5POFJ7ABbNSl2VYOyhIejzUSfohgyGE0Ni1wibzCpgdbg"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 82160052ca723637-FRA
alt-svc: h3=":443"; ma=86400
content-length: 36
expires: 0

POST
H2 204 unruly_prebid Show response
targeting.unrulymedia.com/ 0
162 B 84ms
52ms XHR
text/plain 46.228.174.115
AMOBEE

General

Check archive.org

Show headers Download Go to

Full URL: https://targeting.unrulymedia.com/unruly_prebid
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://www.fimela.com
pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 338 B
735 B 76ms
28ms XHR
application/json 34.120.63.153
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUWX4UX4
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.63.153 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 153.63.120.34.bc.googleusercontent.com
Software: envoy /
Resource Hash: dec7b251628597283232dca601c700259bc9ad2a0695379620307c41b32b8835

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:31 GMT
via: 1.1 google
accept-ch: Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Model
server: envoy
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fimela.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 7
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 15:06:32 GMT

POST 285432
search.spotxchange.com/openrtb/2.3/dados/ 0
0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 334 B
677 B 136ms
76ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12534&site_id=377678&zone_id=2083798&size_id=15&alt_size_ids=13%2C14&rf=https%3A%2F%2Fwww.fimela.com%2F&kw=beritahariini%2Cberitaterkini%2Cberitaterbaru%2Ctipsfashion%2Ctipscantik%2Ctipsmakeup%2Cberitaselebriti%2Cgayaartis%2Ckesehatanwanita%2Czodiak&tg_i.page=https%3A%2F%2Fwww.fimela.com%2F&tg_i.domain=fimela.com&tg_i.pbadslot=div-gpt-ad-fimela-sc-1&tk_flint=pbjs_lite_v7.37.0&x_source.tid=30b78555-50bf-4d10-86df-c00121c09d05&l_pb_bid_id=30ca944171bc37b&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8883497924639934
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: fc3776b6ad18faf23a448137a6bd2b252949bb5676c79b5edc6e54f1994d31d3

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 334
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 362 B
703 B 119ms
59ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12534&site_id=377678&zone_id=2083798&size_id=15&alt_size_ids=9%2C10&rf=https%3A%2F%2Fwww.fimela.com%2F&kw=beritahariini%2Cberitaterkini%2Cberitaterbaru%2Ctipsfashion%2Ctipscantik%2Ctipsmakeup%2Cberitaselebriti%2Cgayaartis%2Ckesehatanwanita%2Czodiak&tg_i.page=https%3A%2F%2Fwww.fimela.com%2F&tg_i.domain=fimela.com&tg_i.pbadslot=div-gpt-ad-fimela-halfpage-1&tk_flint=pbjs_lite_v7.37.0&x_source.tid=a32e23ec-79d7-4998-9ff0-4de8004dfe85&l_pb_bid_id=3186a038105795&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9251760961726807
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: b7839c8ef5517dec7a32e51325eba93e631443603716bd1c9016af4c9f67a9f3

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 362
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 362 B
878 B 119ms
59ms XHR
application/json 2602:803:c003:200::41
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12534&site_id=377678&zone_id=2083798&size_id=15&alt_size_ids=9%2C10&rf=https%3A%2F%2Fwww.fimela.com%2F&kw=beritahariini%2Cberitaterkini%2Cberitaterbaru%2Ctipsfashion%2Ctipscantik%2Ctipsmakeup%2Cberitaselebriti%2Cgayaartis%2Ckesehatanwanita%2Czodiak&tg_i.page=https%3A%2F%2Fwww.fimela.com%2F&tg_i.domain=fimela.com&tg_i.pbadslot=div-gpt-ad-fimela-halfpage-2&tk_flint=pbjs_lite_v7.37.0&x_source.tid=e4cce6a8-6e17-4cbb-8425-85ca99df9920&l_pb_bid_id=3282d0df9dc9018&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1334681723243194
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 53df78a7f193aaafb236d48d684c5817861e6573f1416dfe6ec7a5d848d91e88

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 362
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
558 B 43ms
8ms XHR
application/json 52.29.129.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=7.37.0&referrer=https%3A%2F%2Fwww.fimela.com%2F&tmax=1000

Requested by

Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.29.129.24 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-29-129-24.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
accept-ch: sec-ch-rtt,sec-ch-ua-arch,sec-ch-ua-full-version,sec-ch-ua,sec-ch-ua-bitness,sec-ch-device-memory,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ect,sec-ch-save-data,sec-ch-viewport-height,sec-ch-width,user-agent,sec-ch-dpr,sec-ch-ua-platform,sec-ch-prefers-color-scheme,sec-ch-ua-full-version-list,sec-ch-downlink,sec-ch-viewport-width,sec-ch-ua-mobile
x-auction-status: 17, 17
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
336 B 133ms
24ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
336 B 129ms
21ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

POST
H/1.1 200
OK v1 Show response
prg-apac.smartadserver.com/prebid/ 0
336 B 128ms
21ms XHR
application/json 5.196.111.65
OVH

General

Check archive.org

Show headers Download Go to

Full URL: https://prg-apac.smartadserver.com/prebid/v1
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 5.196.111.65 Le Grau-du-Roi, France, ASN16276 (OVH, FR),
Reverse DNS: ip65.ip-5-196-111.eu
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
vary: Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-length: 0

GET
H2 200 arj Show response
emtek-d.openx.net/w/1.0/ 73 B
377 B 77ms
26ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://emtek-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.fimela.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-60&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=30b78555-50bf-4d10-86df-c00121c09d05%2Ca32e23ec-79d7-4998-9ff0-4de8004dfe85%2Ce4cce6a8-6e17-4cbb-8425-85ca99df9920&nocache=1699196792748&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&aus=300x250%2C250x250%2C200x200%7C300x250%2C300x600%2C160x600%7C300x250%2C300x600%2C160x600&divids=div-gpt-ad-fimela-sc-1%2Cdiv-gpt-ad-fimela-halfpage-1%2Cdiv-gpt-ad-fimela-halfpage-2&aucs=div-gpt-ad-fimela-sc-1%2Cdiv-gpt-ad-fimela-halfpage-1%2Cdiv-gpt-ad-fimela-halfpage-2&auid=556894074%2C556894069%2C556894069
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: c414d5c0dbb930bbacd45b6226f8527e2ae83f40470f68e56a709570d2a3d5fd

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: application/json
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.fimela.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
380 B 113ms
63ms XHR
application/json 2.19.245.101
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.245.101 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-19-245-101.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.fimela.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Sun, 05 Nov 2023 15:06:32 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 93ms
37ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.fimela.com
date: Sun, 05 Nov 2023 15:06:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 34ms
12ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 79c51343f938aa8c9ab2027f7059968a176959f67eb852a552aebf87c2cb2b25

Request headers

Referer: https://www.fimela.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fimela.com
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
116 B 33ms
12ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 508b452e1a35bd0f9033c20d4096803402acd0f2076548248b3e1cf308efba9b

Request headers

Referer: https://www.fimela.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fimela.com
access-control-allow-credentials: true
content-length: 84

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
339 B 32ms
11ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 2dd7ce6b2d8c19c5b956da401745a15ba8bd1b56539e23bddb0384ec84070529

Request headers

Referer: https://www.fimela.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fimela.com
access-control-allow-credentials: true
content-length: 82

POST
H2 200 bidRequest Show response
c2shb.pubgw.yahoo.com/ 66 B
119 B 33ms
11ms XHR
application/json 52.28.203.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c2shb.pubgw.yahoo.com/bidRequest
Requested by: Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software: ATS/9.1.10.90 /
Resource Hash: 7412fc663f81bc2509edb347341bc2ee6fdfe0b3d263c2be9c7c3958eaa47f77

Request headers

Referer: https://www.fimela.com/
x-openrtb-version: 2.5
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
server: ATS/9.1.10.90
age: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods: POST,GET,HEAD,OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.fimela.com
access-control-allow-credentials: true
content-length: 84

POST
H2 200 prebid Show response
ib.adnxs.com/ut/v3/ 21 B
584 B 57ms
15ms XHR
application/json 185.89.210.46
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: cdns.klimg.com
URL: https://cdns.klimg.com/d.kapanlaginetwork.com/banner/asset/prebid/loader.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.89.210.46 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.23.4 /

Resource Hash

aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
an-x-request-uuid: 5415e9dc-f2a7-4b5e-93a2-0dab212a7621
server: nginx/1.23.4
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fimela.com
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 178.162.209.139; 178.162.209.139; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 21
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 esp.js Show response
oa.openxcdn.net/ 24 KB
8 KB 77ms
15ms Script
application/javascript 34.102.146.192
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oa.openxcdn.net/esp.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 192.146.102.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 25 Oct 2023 05:15:26 GMT
content-encoding: gzip
age: 985866
x-guploader-uploadid: ADPycdvnsa5qbNLXsslls5qkTaqxJ4Nht9KMRHLRjRzbFD074JHCcvzk-Zeu2g0tC_p5iBT9lBlfO9eApuQ3noHIDW_v3EnPZijy
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7927
last-modified: Thu, 27 May 2021 18:30:51 GMT
server: UploadServer
etag: "df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation: 1622140251693895
x-goog-hash: crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type: application/javascript
cache-control: no-transform
x-goog-stored-content-length: 7927
accept-ranges: bytes
expires: Thu, 24 Oct 2024 05:15:26 GMT

GET
H2 200 publishertag.ids.js Show response
static.criteo.net/js/ld/ 42 KB
13 KB 58ms
26ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/publishertag.ids.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 27 Oct 2023 06:43:26 GMT
server: nginx
etag: W/"653b5c0e-a9a7"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 06 Nov 2023 15:06:32 GMT

GET
H2 200 esp.js Show response
cdn.id5-sync.com/api/1.0/ 143 KB
31 KB 50ms
19ms Script
text/javascript 2606:4700:10::ac43:266a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/esp.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-encoding: gzip
cf-cache-status: HIT
last-modified: Tue, 24 Oct 2023 08:11:43 GMT
server: cloudflare
x-amz-request-id: JWJDAN1XR6GATQDQ
age: 2698
etag: W/"8a9ad568d94062c0186983f6aac0be50"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
cache-control: public, max-age=3600
cf-ray: 821600536ebf199e-FRA
x-amz-id-2: Ef+zRSY5m1l5O/qNEP9qXrov5kpci+PWBE+duOZn8RfWRfK8fxpzs/23mChcD+sxFKSVyfSeJCnE1vDWU3gxhg==

GET
H/1.1 200
OK uid2SecureSignal.js Show response
cdn.prod.uidapi.com/ 3 KB
3 KB 54ms
11ms Script
text/javascript 2600:9000:243d:2c00:a:e047:753:a221
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:243d:2c00:a:e047:753:a221 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Date: Sun, 05 Nov 2023 05:14:56 GMT
Via: 1.1 7f4a5e86662d54d3fe35c4c143a928ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P4
Age: 35497
x-amz-server-side-encryption: AES256
X-Cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 2776
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
Server: AmazonS3
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
Content-Type: text/javascript
Accept-Ranges: bytes
X-Amz-Cf-Id: Oh5gCKxaQO-aVsiT1UI3R3JyhJ8bDdHLxsCGr3Ney8rfI42HuchNZw==

GET
H2 200 pubcid.min.js Show response
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 732 B
1 KB 58ms
36ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 32541
x-jsd-version: master
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230091-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3X8Rxwzi81wRq0TAVGmBLg11j38W4fIarHYvbZ9MAkZ9NN3vC8TKhlSn52dtVPIyp2TdcYcKUOJXLqCtvgTzee4C62APNRXWSkTQrE%2FS4exmnKZhaBoJOIjkwKd%2FGBqL583ioC%2FyWDnu2c4IxEw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 821600535b5d6951-FRA

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16589/ 39 KB
12 KB 55ms
11ms Script
text/javascript 18.66.248.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-77.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 03:18:20 GMT
content-encoding: gzip
via: 1.1 9135737f9852a1a33e45e8c90861e8be.cloudfront.net (CloudFront)
last-modified: Wed, 06 Sep 2023 15:56:57 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P1
age: 42616
x-amz-server-side-encryption: AES256
etag: W/"e073e71ed7a44e6f9cdd72904fda5940"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: public, max-age=86400
x-amz-cf-id: NDIxH4dNRlBT-65QHiqgf2MYkAWK-BDG4ZDbStHXEaKwlDpsNcwVLQ==

GET
H2 200 encrypted-tag-g.js Show response
invstatic101.creativecdn.com/encrypted-signals/ 1 KB
1 KB 83ms
32ms Script
text/javascript 34.96.70.87
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.70.87 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 87.70.96.34.bc.googleusercontent.com
Software: Google Frontend /
Resource Hash: b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
via: 1.1 google, 1.1 google
last-modified: Thu, 03 Aug 2023 03:28:51 GMT
server: Google Frontend
etag: fc4e6bfe266081c4873c6f08c8298e5c
content-type: text/javascript; charset=utf-8
x-cloud-trace-context: 13c6304ca8b6c73572414a88c772338b
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1207

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 199 KB
54 KB 831ms
830ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=280461385158023&correlator=728428300205251&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=36504930%2CKLY%2CDESKTOP%2CFIMELA.COM%2CINTERSTITIAL%2CIMMERSIVE%2CBALLOON%2CNEWS_TAG_1%2CNEWS_TAG_2%2CHEADLINE_CRM%2CORGANIC_FEED_CRM_1%2CORGANIC_FEED_CRM_2%2CORGANIC_FEED_CRM_3%2CADVERTORIAL_HEADLINE_1%2CADVERTORIAL_HEADLINE_2&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7%2C%2F0%2F1%2F2%2F3%2F8%2C%2F0%2F1%2F2%2F3%2F9%2C%2F0%2F1%2F2%2F3%2F10%2C%2F0%2F1%2F2%2F3%2F11%2C%2F0%2F1%2F2%2F3%2F12%2C%2F0%2F1%2F2%2F3%2F13%2C%2F0%2F1%2F2%2F3%2F14&prev_iu_szs=1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1%2C1x1&ifi=1&didk=4152867055~319523006~1607649583~2647321238~2647321225~1719555951~98982003~85211063~99785466~1340881305~1340881306&sfv=1-0-40&ists=2047&fas=8%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699196792817&lmt=1699196792&adxs=-9%2C288%2C0%2C288%2C288%2C288%2C288%2C288%2C288%2C288%2C288&adys=-9%2C15%2C5875%2C215%2C215%2C438%2C3095%2C3333%2C4891%2C215%2C215&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C0%7C0%7C0%7C2%7C3%7C4%7C0%7C0&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.fimela.com%2F&vis=1&psz=0x-1%7C1024x200%7C1600x0%7C1024x200%7C1024x200%7C1024x5095%7C1024x714%7C1024x714%7C1024x714%7C1024x0%7C1024x0&msz=0x-1%7C1024x0%7C1600x0%7C1024x0%7C1024x0%7C1024x0%7C1024x0%7C1024x0%7C1024x0%7C1024x0%7C1024x0&fws=2%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4%2C4&ohw=0%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600%2C1600&ga_vid=130911004.1699196792&ga_sid=1699196793&ga_hid=211535687&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7N-VgLoxSABSAghkEhkKCnB1YmNpZC5vcmcY7N-VgLoxSABSAghkEh0KDmVzcC5jcml0ZW8uY29tGOzflYC6MUgAUgIIZBIXCghydGJob3VzZRjs35WAujFIAFICCGQSGQoKdWlkYXBpLmNvbRjs35WAujFIAFICCGQSFAoFb3BlbngY69-VgLoxSABSAghkEhsKDGlkNS1zeW5jLmNvbRjs35WAujFIAFICCGQ.&dlt=1699196792089&idt=680&ppid=4cc9491390874593b23b3ab920160540kly&cust_params=bsKeyword%3Dadult%252Cepidemic_desease%252Cparenting%26isMatcont%3D0%26brandsafety%3D0%26tags%3D%26currentUrl%3Dhttps%253A%252F%252Fwww.fimela.com%252F%26platform%3DDesktop%26type%3D%26pageType%3DChannelPage%26channel%3Droot%26audience%3Dfalse%26isAdvertorial%3Dfalse%26isMultipage%3Dfalse%26articleId%3D%26pagingNum%3Dfalse%26site%3Dfimela%26age%3Dfalse%26gender%3Dfalse%26subcategory%3Droot&adks=2370954934%2C185125420%2C3527318850%2C4220516456%2C1296023359%2C2018957000%2C4066322918%2C1719242223%2C994294760%2C2459792234%2C2319081776&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7db5a6231969bd5dbb257749a4c42e66453a2074ee7f33aeaa18cf672319195a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 54985
x-xss-protection: 0
google-lineitem-id: -1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-2,-2,-2,-2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7A29 6 KB
3 KB 85ms
22ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 39 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl_page_level_ads.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 18:13:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 75184
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13740
x-xss-protection: 0
server: cafe
etag: 11733316767131186006
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Sun, 03 Nov 2024 18:13:28 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/ 399 KB
135 KB 120ms
92ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1089981280613575&plah=www.fimela.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1089981280613575

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b01fb21e8baf24fa65e7ec2a874e582f33937bd50ee7cac136d554e719069fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 138244
x-xss-protection: 0
server: cafe
etag: 6680762175804648694
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/ Frame 737D 10 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231101/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-1089981280613575

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 79414
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4502
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 04 Nov 2023 17:02:58 GMT
etag: 251720774729838433
expires: Sat, 18 Nov 2023 17:02:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ 60 B
334 B 116ms
35ms XHR
application/json 54.77.82.203
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.77.82.203 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-77-82-203.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 5e75d08122b436cdaec189538dfd2370254fc0579a8b560c797456432f586f31

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache
x-server: 10.45.15.31
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H2

200

esp Show response
oajs.openx.net/
Redirect Chain

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.fimela.com%2F&rid=esp
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.fimela.com%2F&rid=esp&cc=1

85 B
203 B

119ms
117ms

Fetch
application/json

34.120.107.143
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.fimela.com%2F&rid=esp&cc=1
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Server: 34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 143.107.120.34.bc.googleusercontent.com
Software: / Express
Resource Hash: 881afc427b7852257e16f5cc1eb62b00e9e0fe71a2ee310b61ab51ed5fd29ca4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
via: 1.1 google
x-powered-by: Express
etag: W/"55-ObtdJgbvwlfYFddn9arfodKSXxE"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fimela.com
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85

Redirect headers

date: Sun, 05 Nov 2023 15:06:33 GMT
via: 1.1 google
x-powered-by: Express
vary: Origin
access-control-allow-origin: https://www.fimela.com
location: /esp?url=https%3A%2F%2Fwww.fimela.com%2F&rid=esp&cc=1
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 41B2 15 KB
6 KB 44ms
15ms Document
text/html 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.fimela.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
server: Kestrel
server-processing-duration-in-ticks: 262644
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 204 increment Show response
id5-sync.com/api/esp/ 0
230 B 54ms
15ms XHR
text/plain 162.19.138.120
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/api/esp/increment?counter=no-config

Requested by

Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/esp.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.120 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31533571.ip-162-19-138.eu

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.fimela.com
date: Sun, 05 Nov 2023 15:06:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin

GET
H2 200 jquery.min.js Show response
preview-kly.akamaized.net/assets/js/jquery/ Frame C0A5 95 KB
34 KB 94ms
30ms Script
text/javascript 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://preview-kly.akamaized.net/assets/js/jquery/jquery.min.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPpoU_WDgM-fM17B7K4uUCfX_n8XgKcurPOvRAHaCo7YZsT7e2I2z-qbTflp6RUJMw6pp1n97saNfg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 33793
last-modified: Wed, 16 Feb 2022 03:42:54 GMT
etag: "4f252523d4af0b478c810c2547a63e19"
vary: Accept-Encoding
x-goog-generation: 1644982974198841
content-type: text/javascript
access-control-max-age: 31536000
x-goog-hash: crc32c=nqFACQ==, md5=TyUlI9SvC0eMgQwlR6Y+GQ==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 97163
access-control-allow-origin: *
x-amz-checksum-crc32c: nqFACQ==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 slick.min.js Show response
preview-kly.akamaized.net/assets/js/slick/ Frame C0A5 43 KB
11 KB 96ms
32ms Script
text/javascript 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://preview-kly.akamaized.net/assets/js/slick/slick.min.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPqOFq5j7S6xcxXrCMAQBbXO8oYY0_DAYpWd30PbMHECwdIJasV2aNNC4A0-WEVpeQ99SqgT85Ytww
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 10745
last-modified: Wed, 16 Feb 2022 03:43:27 GMT
etag: "22f75416148991671e580d8f4d2a2387"
vary: Accept-Encoding
x-goog-generation: 1644983007210709
content-type: text/javascript
access-control-max-age: 31536000
x-goog-hash: crc32c=gcXHwQ==, md5=IvdUFhSJkWceWA2PTSojhw==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 43881
access-control-allow-origin: *
x-amz-checksum-crc32c: gcXHwQ==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 slick.min.css
preview-kly.akamaized.net/assets/css/slick/ Frame C0A5 1 KB
1 KB 87ms
23ms Stylesheet
text/css 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://preview-kly.akamaized.net/assets/css/slick/slick.min.css
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-guploader-uploadid: ADPycdvCrhyg6OO0oI_VGyw1KrnS7Y9r-GWRaua54xcqxoQ4S5ik8D5ZRl6C6NIL104dVlGe6FUkvUOy-ObSp0d4x4mA-AwFuXcA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 522
last-modified: Wed, 16 Feb 2022 03:43:59 GMT
etag: "6a62ad0f300504c583e7797c79c2d8ab"
vary: Accept-Encoding
x-goog-generation: 1644983039556080
content-type: text/css
access-control-max-age: 31536000
x-goog-hash: crc32c=hOks/A==, md5=amKtDzAFBMWD53l8ecLYqw==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 1369
access-control-allow-origin: *
x-amz-checksum-crc32c: hOks/A==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 slick-theme.min.css
preview-kly.akamaized.net/assets/css/slick/ Frame C0A5 2 KB
1 KB 83ms
20ms Stylesheet
text/css 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://preview-kly.akamaized.net/assets/css/slick/slick-theme.min.css
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-guploader-uploadid: ABPtcPrraFxHQwZu3B-0kwjxm7q0Ly1lfAs6u9kbdOqeAZbw0K4X27ZoMZvAimhNkdS0lDRE_pA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 793
last-modified: Wed, 16 Feb 2022 03:44:00 GMT
etag: "8a027447d99592734da0715287305e13"
vary: Accept-Encoding
x-goog-generation: 1644983040367114
content-type: text/css
access-control-max-age: 31536000
x-goog-hash: crc32c=2sz+mg==, md5=igJ0R9mVknNNoHFShzBeEw==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 2390
access-control-allow-origin: *
x-amz-checksum-crc32c: 2sz+mg==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

POST
H2 200 installations Show response
firebaseinstallations.googleapis.com/v1/projects/kly-all-vertical/ 629 B
690 B 282ms
280ms Fetch
application/json 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/kly-all-vertical/installations

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.10.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8c15cb18baacaff60263612dcbf00b3638873a5d7acd8a8f93ceb0e24e384466

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept: application/json
Referer: https://www.fimela.com/
x-goog-api-key: AIzaSyDGt_EBulRPrTRA5fyA8mTJy4oyu-bxXYE
accept-language: de-DE,de;q=0.9
x-firebase-client: eyJ2ZXJzaW9uIjoyLCJoZWFydGJlYXRzIjpbeyJhZ2VudCI6ImZpcmUtY29yZS8wLjcuMzMgZmlyZS1jb3JlLWVzbTIwMTcvMC43LjMzIGZpcmUtanMvIGZpcmUtanMtYWxsLWNkbi85LjEwLjAgZmlyZS1paWQvMC41LjEyIGZpcmUtaWlkLWVzbTIwMTcvMC41LjEyIGZpcmUtYW5hbHl0aWNzLzAuOC4wIGZpcmUtYW5hbHl0aWNzLWVzbTIwMTcvMC44LjAgZmlyZS1yYy8wLjMuMTEgZmlyZS1yYy1lc20yMDE3LzAuMy4xMSIsImRhdGVzIjpbIjIwMjMtMTEtMDUiXX1dfQ
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
content-type: application/json

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 499
x-xss-protection: 0

OPTIONS
H2 200 installations
firebaseinstallations.googleapis.com/v1/projects/kly-all-vertical/ Frame 0
0 107ms
36ms Preflight
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseinstallations.googleapis.com/v1/projects/kly-all-vertical/installations

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-firebase-client,x-goog-api-key
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: content-type,x-firebase-client,x-goog-api-key
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 05 Nov 2023 15:06:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
76 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-YV9LXF9F74

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.10.0/firebase-analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7cdd2952de17ddc8a6fe041d2b042e029b677c8a7b189df9d669e7debbd79c53

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77244
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
75 KB 32ms
32ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YV9LXF9F74&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDJLBKS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a8fb557d42b5bd035907c0e923a6d268799528d1441541e595ad14c6f088b4b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77183
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 15:06:32 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 41B2
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertagids&domain=fimela.com&sn=ChromeSyncframe&so=0&topUrl=www.fimela.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=yo13u3xDZDF6b0xhRG1QYVgwUmhoK1lBeTB6emFIcitORHpvcEh3cDJleGNacG1IR2ROdDRNUUEzMU1GMVV1dC9BUHlYTjR2c1BpaWpRMVZSVGQ4UStxZ1hrTkIzdjFPY1NUVkVNVGtWSHlGWlFkTUVNQWtMUytDWUQyU2...

436 B
664 B

21ms
18ms

Fetch
application/json

2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yo13u3xDZDF6b0xhRG1QYVgwUmhoK1lBeTB6emFIcitORHpvcEh3cDJleGNacG1IR2ROdDRNUUEzMU1GMVV1dC9BUHlYTjR2c1BpaWpRMVZSVGQ4UStxZ1hrTkIzdjFPY1NUVkVNVGtWSHlGWlFkTUVNQWtMUytDWUQyU2FkMEhlTmExS0NHd0dJTUFKdVJGR3laM2ViTGdBcXh3TFpPa3VIVlVZYndZZHNVOVpXb1BrVGdpU3JZdGRDbnZsMXlySEM5M1ZCRHIvREdQcXpCNWxJODMyYm1sYzVoVTA2R1VDRk55MjJkbEtpclJIMm93c29teldtRW5PcXRsRDFTTU9USHlyU2ZrZER2cmp6c0g4TEd4NjVBY3ArZz09fA&cppv=2

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fa63e9b54d994313ef09ac3f167f9159fe609682614280da094bf08e18bd036e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1264499
expires: 0

Redirect headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=yo13u3xDZDF6b0xhRG1QYVgwUmhoK1lBeTB6emFIcitORHpvcEh3cDJleGNacG1IR2ROdDRNUUEzMU1GMVV1dC9BUHlYTjR2c1BpaWpRMVZSVGQ4UStxZ1hrTkIzdjFPY1NUVkVNVGtWSHlGWlFkTUVNQWtMUytDWUQyU2FkMEhlTmExS0NHd0dJTUFKdVJGR3laM2ViTGdBcXh3TFpPa3VIVlVZYndZZHNVOVpXb1BrVGdpU3JZdGRDbnZsMXlySEM5M1ZCRHIvREdQcXpCNWxJODMyYm1sYzVoVTA2R1VDRk55MjJkbEtpclJIMm93c29teldtRW5PcXRsRDFTTU9USHlyU2ZrZER2cmp6c0g4TEd4NjVBY3ArZz09fA&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 289124
content-length: 0
expires: 0

POST
H2 204 collect
region1.analytics.google.com/g/ 0
254 B 55ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YV9LXF9F74&gtm=45je3b11v894616107&_p=1699196792210&_gaz=1&gcd=11l1l1l1l1&_fid=ckd2u57qsagSJchLn84L3H&cid=130911004.1699196792&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699196793&sct=1&seg=0&dl=https%3A%2F%2Fwww.fimela.com%2F&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&en=page_view&_fv=1&_ss=1&_ee=1&ep.origin=firebase&tfd=1702
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-YV9LXF9F74
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 19ms
19ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YV9LXF9F74&cid=130911004.1699196792&gtm=45je3b11v894616107&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-YV9LXF9F74
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
108 B 56ms
53ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YV9LXF9F74&cid=130911004.1699196792&gtm=45je3b11v894616107&aip=1&z=967336687

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 034928400_1698814730-Snapinsta.app_386327676_1022194502162662_363227591489228756_n_1080.jpg
cdn1-production-images-kly.akamaized.net/n9Dk6EeVYJc5XSUNU-uAjxteG1s=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4631387/original/ 8 KB
8 KB 77ms
31ms Image
image/webp 2.19.126.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1-production-images-kly.akamaized.net/n9Dk6EeVYJc5XSUNU-uAjxteG1s=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4631387/original/034928400_1698814730-Snapinsta.app_386327676_1022194502162662_363227591489228756_n_1080.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-96.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: b90071b2492ff51e8a0996763d2d6010f8f00a78f7ae094876bd792f8ca12ae7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "6ebb3ae25f1e766befecb07ff6d201fbbbb4c873"
x-varnish: 3342540
server-node: production-thumbor-web-ig-ns89
content-type: image/webp
cache-control: public, max-age=31534050
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 7868
expires: Mon, 04 Nov 2024 14:34:03 GMT

GET
H2 200 006693200_1698920706-Snapinsta.app_397034571_3247240715416039_7919347498736754742_n_1080.jpg
cdn0-production-images-kly.akamaized.net/bxyAfDt91lw8-5mOkx-sUQtBudg=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4633311/original/ 5 KB
6 KB 32ms
29ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/bxyAfDt91lw8-5mOkx-sUQtBudg=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4633311/original/006693200_1698920706-Snapinsta.app_397034571_3247240715416039_7919347498736754742_n_1080.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 70d3b32db5debb293e541783f2f9612cf78061ed174a60d8837e016bd744dcd9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "92fb50f170b5b2c11d1822cecc26a80b1b46d5ec"
x-varnish: 2326693
server-node: production-thumbor-web-ig-9sgm
content-type: image/webp
cache-control: public, max-age=31533747
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 5612
expires: Mon, 04 Nov 2024 14:29:00 GMT

GET
H2 200 036738400_1699149864-image_123650291_-_2023-11-05T085237.539.JPG
cdn0-production-images-kly.akamaized.net/ednIKefbRhEium8Bw8V9QLnJ0Vg=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4636004/original/ 13 KB
14 KB 19ms
15ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/ednIKefbRhEium8Bw8V9QLnJ0Vg=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4636004/original/036738400_1699149864-image_123650291_-_2023-11-05T085237.539.JPG
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a474e451f091d82915bb6fe83cd34aca2065baea6c9d3ab3d31205e5ba43f3b5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "008d2f1a5881eb3cbeb40acef5b804277f6d97f2"
x-varnish: 3768518
server-node: production-thumbor-web-ig-z601
content-type: image/webp
cache-control: public, max-age=31533809
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 13788
expires: Mon, 04 Nov 2024 14:30:02 GMT

GET
H2 200 045716600_1699076066-photo-grid__32_.jpeg
cdn1-production-images-kly.akamaized.net/ltTtAfGSTQUgbbfJpYqWTY_zRxE=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4635350/original/ 8 KB
8 KB 83ms
38ms Image
image/webp 2.19.126.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1-production-images-kly.akamaized.net/ltTtAfGSTQUgbbfJpYqWTY_zRxE=/238x238/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4635350/original/045716600_1699076066-photo-grid__32_.jpeg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-96.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f9a8655c43a2c260b365ce8313e873872c7bd10845257ab2b8c4ad78936f2eb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "bd639f09762e86ffb412eee3073eb91f1b79b9f8"
x-varnish: 2983788
server-node: production-thumbor-web-ig-9ck0
content-type: image/webp
cache-control: public, max-age=31498942
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 8232
expires: Mon, 04 Nov 2024 04:48:55 GMT

GET
H2 200 raleway-v12-latin-700.woff2
cdn1-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/ Frame C0A5 20 KB
21 KB 56ms
20ms Font
application/octet-stream 2.19.198.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/raleway-v12-latin-700.woff2
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-49.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 04e4826be27264de184e934234f9f5166f0cca0a8088424d2cff44e5ee37f591

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ADPycdvtv2OOCKAbj8opEQX8q1HJHv1ZoSYrmqweeL4eXWli9JaoHNraXdmucINR3n3pgLfU17ud4E3-1vpWryRSOf-NWPdQK3Fz
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 20612
last-modified: Thu, 31 Aug 2023 07:47:10 GMT
server: UploadServer
etag: "dcbe8703a0a177b692121274ade573cf"
access-control-max-age: 31536000
x-goog-generation: 1693468030409681
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=YrTMUA==, md5=3L6HA6Chd7aSEhJ0reVzzw==
cache-control: max-age=31536000
access-control-allow-methods: GET
x-goog-stored-content-length: 20612
x-amz-checksum-crc32c: YrTMUA==
accept-ranges: bytes
expires: Sun, 03 Nov 2024 16:25:58 GMT

GET
DATA 200
OK truncated
/ Frame C0A5 219 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba5fcde31bdb944630e5b3ae6a37c399d21f631a733a41a17debbc723465fc9f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ Frame C0A5 237 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52485030d1cf0ff1509dff7d7761baaa797ce22e061773d353f81a6065426ed8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 raleway-v12-latin-regular.woff2
cdn1-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/ Frame C0A5 20 KB
21 KB 40ms
15ms Font
application/octet-stream 2.19.198.49
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn1-production-assets-kly.akamaized.net/assets/fonts/fimela/Raleway/raleway-v12-latin-regular.woff2
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.198.49 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-198-49.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 3650de8bc2dd8352b01aa49e9f0ae225098e86a31da32b04d81abb76b598d0d6

Request headers

Referer: https://www.fimela.com/
Origin: https://www.fimela.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ADPycdsxj2paTY3NLxZoknl-B4YDIDFu2JNrm7pbDMp8_mmNrHsKSKfYzplfNX2ao8Mf3xr-9cwYUjIX2OJQShabqll46nYIjB1a
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 20444
last-modified: Thu, 19 Jan 2023 05:36:38 GMT
server: UploadServer
etag: "2075794c8e9e7e48e5fbf1b2313e7adf"
access-control-max-age: 31536000
x-goog-generation: 1674106598649191
content-type: application/octet-stream
access-control-allow-origin: *
x-goog-hash: crc32c=hyI2+Q==, md5=IHV5TI6efkjl+/GyMT563w==
cache-control: max-age=31536000
access-control-allow-methods: GET
x-goog-stored-content-length: 20444
accept-ranges: bytes
expires: Sun, 03 Nov 2024 17:53:41 GMT

GET
H2 200 ajax-loader.gif
preview-kly.akamaized.net/assets/css/slick/ Frame C0A5 4 KB
5 KB 33ms
33ms Image
image/gif 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/assets/css/slick/ajax-loader.gif
Requested by: Host: preview-kly.akamaized.net
URL: https://preview-kly.akamaized.net/assets/css/slick/slick-theme.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://preview-kly.akamaized.net/assets/css/slick/slick-theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPrSViSX5tzeJqjcschn1MKXSrb8DryuAj153u9vA4Ek9Pk3kgfluw4A9gpRieoJHOFmV5cKdORe0w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 4178
last-modified: Thu, 17 Feb 2022 01:37:04 GMT
etag: "c5cd7f5300576ab4c88202b42f6ded62"
access-control-max-age: 31536000
x-goog-generation: 1645061824283678
content-type: image/gif
access-control-allow-origin: *
x-goog-hash: crc32c=q8M5kA==, md5=xc1/UwBXarTIggK0L23tYg==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 4178
x-amz-checksum-crc32c: q8M5kA==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 widget-homepage-desktop-ff-2022-v2.jpg
preview-kly.akamaized.net/fimela/fimela-fest/ Frame C0A5 94 KB
94 KB 31ms
23ms Image
image/jpeg 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-fest/widget-homepage-desktop-ff-2022-v2.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 76885907d939ec9707af3ebf7b0c9905c913d987f6c39b3b9879f369e22e6789

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPpYbpOQVF2_n0ftwOWwAEH9vQzKSpDdu90PsbL2fZySkfHNd4WGPAe-glgYXACVgPf1cl8
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 95855
last-modified: Wed, 19 Oct 2022 03:54:03 GMT
etag: "fad76208445cc42100aaec7141cf97af"
access-control-max-age: 31536000
x-goog-generation: 1666151643202982
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=C4DAFw==, md5=+tdiCERcxCEAquxxQc+Xrw==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 95855
x-amz-checksum-crc32c: C4DAFw==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 087394600_1669268615-Thumbnail_Hightlight_FF_2022_day_2__LS___IG_FEED__prev.jpg
cdn1-production-images-kly.akamaized.net/Z8M71aEtvl_il1SeSng1Zooxnkg=/458x0:1538x1080/190x190/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4237889/original/ Frame C0A5 7 KB
7 KB 39ms
31ms Image
image/webp 2.19.126.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1-production-images-kly.akamaized.net/Z8M71aEtvl_il1SeSng1Zooxnkg=/458x0:1538x1080/190x190/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4237889/original/087394600_1669268615-Thumbnail_Hightlight_FF_2022_day_2__LS___IG_FEED__prev.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-96.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e4fa6a693e27633135deb441f23a8039987809a2ead7461fbe3a5bdcbfa6a99c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "ae8819229d0f45912e353eec6965b5a6ae00db69"
x-varnish: 4949984
server-node: production-thumbor-web-ig-hs8f
content-type: image/webp
cache-control: public, max-age=30613049
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6942
expires: Thu, 24 Oct 2024 22:44:02 GMT

GET
H2 200 widget_fimela_fashion_desktop.jpg
preview-kly.akamaized.net/fimela/fimela-widget-signature/ Frame C0A5 46 KB
47 KB 28ms
21ms Image
image/jpeg 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-widget-signature/widget_fimela_fashion_desktop.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: af1bf8c593497789ca35c649c1fca77b7fe1fca71e6b4ae14a8d1abe55d9b80b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPpHSnWOZ8nTyR1GyO1HSwx9CiUzoaL0t6Z19k-4wkgkIzCSTRV6l7pxUTMf3iT-kmAliZU
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 47602
last-modified: Mon, 28 Mar 2022 04:56:44 GMT
etag: "b1ed55fccab5653a82dda5a11902705c"
access-control-max-age: 31536000
x-goog-generation: 1648443404773497
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=Yw2ecQ==, md5=se1V/Mq1ZTqC3aWhGQJwXA==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 47602
x-amz-checksum-crc32c: Yw2ecQ==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 071759500_1697891927-SUKO1.jpg
cdn0-production-images-kly.akamaized.net/ozupPo3lRjD3BA27PdTOnYylQsk=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4619072/original/ Frame C0A5 8 KB
8 KB 29ms
22ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/ozupPo3lRjD3BA27PdTOnYylQsk=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4619072/original/071759500_1697891927-SUKO1.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 19313ccb5ae600f9bac5e4b2037e9bad69542ecb62f19f325bafc55c9413c88e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "b99b077b5b8a4f7d7cd779cc9c9fddce6b200e91"
x-varnish: 7274813
server-node: production-thumbor-web-ig-lc5f
content-type: image/webp
cache-control: public, max-age=31533738
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 7944
expires: Mon, 04 Nov 2024 14:28:51 GMT

GET
H2 200 fimelastro-desktop.jpg
preview-kly.akamaized.net/fimela/fimela-widget-signature/ Frame C0A5 54 KB
55 KB 21ms
14ms Image
image/jpeg 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-widget-signature/fimelastro-desktop.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b95c153dbc31df3f119358352745f2e1cab9d10a8ffaf3142febfd33ebec2bc1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPqmdEJOJ_jmWhyyx2grulKw5W_OYBZZG0wsrtwhA7ATAMk-0Y_39JaIEiX9x2gyPE6tvZEw0arGXQ
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 55545
last-modified: Fri, 25 Feb 2022 07:37:50 GMT
etag: "2fad1398a74c7cf641ae27b88346905f"
access-control-max-age: 31536000
x-goog-generation: 1645774670063087
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=MIQjxg==, md5=L60TmKdMfPZBrie4g0aQXw==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 55545
x-amz-checksum-crc32c: MIQjxg==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 045996600_1670992909-FIMELASTRO_-_Desember_2022__IG_Feed__prev.jpg
cdn0-production-images-kly.akamaized.net/8L21TdjZgCuN2pKNGYy1Cg7Bp-I=/408x0:1488x1080/190x190/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4260566/original/ Frame C0A5 7 KB
7 KB 26ms
19ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/8L21TdjZgCuN2pKNGYy1Cg7Bp-I=/408x0:1488x1080/190x190/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4260566/original/045996600_1670992909-FIMELASTRO_-_Desember_2022__IG_Feed__prev.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 63f146990e7fa707369327277fabab1fe8bc615e1cf38dffcfef2302caf6d501

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "8bfc368e645c6561efc3ff19ad2df0d221323fa5"
x-varnish: 2852043
server-node: production-thumbor-web-ig-wx0x
content-type: image/webp
cache-control: public, max-age=30383955
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 7204
expires: Tue, 22 Oct 2024 07:05:48 GMT

GET
H2 200 kaleidoskop-desktop.jpg
preview-kly.akamaized.net/fimela/fimela-widget-signature/ Frame C0A5 77 KB
78 KB 41ms
34ms Image
image/jpeg 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-widget-signature/kaleidoskop-desktop.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 525be0114ef2f2f64478640e2e15e48768e77724624c6f89336e4c4666b203a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPo5ktSFX1ioAZHKhg9c2JbFDuIxBugwhrvpTcN19c6qTTjzJKmQRCzQ5hbc4i90njSghFIsCeFu4w
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 78909
last-modified: Fri, 25 Feb 2022 07:37:53 GMT
etag: "26d4d3fc88ef7e9c1257b0e307b6fef3"
access-control-max-age: 31536000
x-goog-generation: 1645774673772912
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=/od8dw==, md5=JtTT/IjvfpwSV7DjB7b+8w==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 78909
x-amz-checksum-crc32c: /od8dw==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 064919700_1640940142-highlight-kaleidoskop-2021-final-8e5484.jpg
cdn0-production-images-kly.akamaized.net/ZIbeOR46mvWsvh-TwTSKPUSrILU=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/thumbnails/3882274/original/ Frame C0A5 7 KB
7 KB 27ms
21ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/ZIbeOR46mvWsvh-TwTSKPUSrILU=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/thumbnails/3882274/original/064919700_1640940142-highlight-kaleidoskop-2021-final-8e5484.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 459eca39210d91965d67de225388e365f348fa2067764230e68f74a9331710a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "0819136ae62d89a639cf04faaa44e01a50c0dd27"
x-varnish: 624082
server-node: production-thumbor-web-ig-2z86
content-type: image/webp
cache-control: public, max-age=31200614
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6886
expires: Thu, 31 Oct 2024 17:56:47 GMT

GET
H2 200 barry-desktop.png
preview-kly.akamaized.net/fimela/fimela-widget-signature/ Frame C0A5 27 KB
28 KB 34ms
29ms Image
image/png 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-widget-signature/barry-desktop.png
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 5cdfb3059e9acd98fc78cd46d16ee1b6f32e6f0cc5ead7962fd15c5394e79483

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPqE1dj6jBQR2DsghbXFobyVe9k8g8YRX_W0JVm5tFQsyfBIAXus9yUDsZH7BLMXJwpzRnk4bq_4Jg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 27854
last-modified: Fri, 25 Feb 2022 07:37:47 GMT
etag: "00420261e9e51edd473899a82b2a9ade"
access-control-max-age: 31536000
x-goog-generation: 1645774667429394
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=tIvSBQ==, md5=AEICYenlHt1HOJmoKyqa3g==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 27854
x-amz-checksum-crc32c: tIvSBQ==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 026166200_1637320822-WhatsApp_Image_2021-11-19_at_5.21.51_PM__1_.jpeg
cdn1-production-images-kly.akamaized.net/MfS_764_a1MzEMLsoHM-lsI94rA=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/3637964/original/ Frame C0A5 5 KB
5 KB 37ms
31ms Image
image/webp 2.19.126.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1-production-images-kly.akamaized.net/MfS_764_a1MzEMLsoHM-lsI94rA=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/3637964/original/026166200_1637320822-WhatsApp_Image_2021-11-19_at_5.21.51_PM__1_.jpeg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-96.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 548fd4a2c18debf63608e996ba7792ae0f68206e088d1b6de8295ca963c1c8f3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "0ecec708351f72f6df3f231704466ae6e6a3bb36"
x-varnish: 1673551
server-node: production-thumbor-web-ig-xghl
content-type: image/webp
cache-control: public, max-age=30349036
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 4978
expires: Mon, 21 Oct 2024 21:23:49 GMT

GET
H2 200 famestory-desktop.png
preview-kly.akamaized.net/fimela/fimela-widget-signature/ Frame C0A5 18 KB
19 KB 34ms
29ms Image
image/png 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-widget-signature/famestory-desktop.png
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0d765bd94fc78cce437f90c68f2243b9b88f20fdbcc343d8cb137fd4abc36a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPoegWIhyeTQhFYxW68O0R4_lWa1pMGmtTch3DEBSXwBlRYjPsu6IZdpHy6D51JtLsXQnHiKEBuTNg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 18581
last-modified: Fri, 25 Feb 2022 07:37:47 GMT
etag: "f995c4f5f7360202598d41c6f7d30cf7"
access-control-max-age: 31536000
x-goog-generation: 1645774667483452
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=v11C6w==, md5=+ZXE9fc2AgJZjUHG99MM9w==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 18581
x-amz-checksum-crc32c: v11C6w==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 007408000_1698124064-Fimela_Fame_Story_-_TINA_TOON_POLITIK_ITU_SERU___IG_Feed__prev.jpg
cdn1-production-images-kly.akamaized.net/u6yHnwSX75rYNr_3X1doijiWA0U=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4621773/original/ Frame C0A5 6 KB
7 KB 61ms
56ms Image
image/webp 2.19.126.96
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn1-production-images-kly.akamaized.net/u6yHnwSX75rYNr_3X1doijiWA0U=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4621773/original/007408000_1698124064-Fimela_Fame_Story_-_TINA_TOON_POLITIK_ITU_SERU___IG_Feed__prev.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.19.126.96 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-19-126-96.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 94ed7b3417c83cac8cb147dbf5098029179db30064a4f32801177d17c0d04f1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "0c582f371fade8be59bc918c066b54fd76fa1dfc"
x-varnish: 1966570
server-node: production-thumbor-web-ig-sl0r
content-type: image/webp
cache-control: public, max-age=30464781
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 6422
expires: Wed, 23 Oct 2024 05:32:54 GMT

GET
H2 200 ladyboss-desktop.png
preview-kly.akamaized.net/fimela/fimela-widget-signature/ Frame C0A5 9 KB
9 KB 34ms
30ms Image
image/png 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-widget-signature/ladyboss-desktop.png
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 52c1caf7c0c3ca3184fb02cc49bea7344f1884a2ac0a8e8aa67ca9a0d467f18c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPpuRLc8tIHA9j-Afudv9PcN1nnAHV-VArkh8PLbzFDTGGEa9SNFHizDy73WJyS5cTqwi7Zm4biOlg
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 8972
last-modified: Fri, 25 Feb 2022 07:37:55 GMT
etag: "115a7805581396de56a2b483453ef358"
access-control-max-age: 31536000
x-goog-generation: 1645774675490961
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=V0CG0Q==, md5=EVp4BVgTlt5WorSDRT7zWA==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 8972
x-amz-checksum-crc32c: V0CG0Q==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 037153500_1698716782-IMG_9795_wm.jpg
cdn0-production-images-kly.akamaized.net/ssKJqXkXoLhaEkjcxuDEoMaeIqw=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4629661/original/ Frame C0A5 4 KB
4 KB 22ms
18ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/ssKJqXkXoLhaEkjcxuDEoMaeIqw=/190x190/smart/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/4629661/original/037153500_1698716782-IMG_9795_wm.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: f955314889905c09a29581b7e3ce9c4fc64c5f1b1b59edddf99d8374b14d3278

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "9014759ec6771818a90a45f97a40c56c8d47e04a"
x-varnish: 1736718
server-node: production-thumbor-web-ig-qd01
content-type: image/webp
cache-control: public, max-age=31061659
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 4038
expires: Wed, 30 Oct 2024 03:20:52 GMT

GET
H2 200 magnificent-desktop.jpg
preview-kly.akamaized.net/fimela/fimela-widget-signature/ Frame C0A5 81 KB
82 KB 33ms
30ms Image
image/jpeg 23.32.238.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://preview-kly.akamaized.net/fimela/fimela-widget-signature/magnificent-desktop.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-154.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f367f7af4888a635a3a5f21af82adb9ec1d617ed076345bab838fa449c95b62f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
x-guploader-uploadid: ABPtcPr8vxWpWUoMY1rC_yej2A2cZDz9vjKXOYQC-VtYjaRX23FVNYQwYAAydbETVGGsPRRaPBao39MI6A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 83020
last-modified: Fri, 25 Feb 2022 07:37:57 GMT
etag: "0bcfc79715304712c23298801af4e901"
access-control-max-age: 31536000
x-goog-generation: 1645774677430655
content-type: image/jpeg
access-control-allow-origin: *
x-goog-hash: crc32c=hzSGHw==, md5=C8/HlxUwRxLCMpiAGvTpAQ==
cache-control: max-age=31536000
access-control-allow-methods: GET, HEAD
x-goog-stored-content-length: 83020
x-amz-checksum-crc32c: hzSGHw==
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 016631200_1627447202-shutterstock_1893751480.jpg
cdn0-production-images-kly.akamaized.net/WaOabXYmBrO5iFNQxvgEMTc7Pz0=/199x0:866x667/190x190/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/3523442/original/ Frame C0A5 2 KB
3 KB 21ms
18ms Image
image/webp 2.16.164.112
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn0-production-images-kly.akamaized.net/WaOabXYmBrO5iFNQxvgEMTc7Pz0=/199x0:866x667/190x190/filters:quality(75):strip_icc():format(webp)/kly-media-production/medias/3523442/original/016631200_1627447202-shutterstock_1893751480.jpg
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/pages/widget-signature
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.164.112 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-164-112.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 9afd735c94f765e5868a91c6db8630766e0d2b04b90533936860ce3282409627

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-varnish-cache: MISS
date: Sun, 05 Nov 2023 15:06:33 GMT
server: nginx
x-ttl: 300.000
etag: "2002a1e8dc5653f6a8cf401608f1779ab1de1b4d"
x-varnish: 3015094
server-node: production-thumbor-web-ig-20j6
content-type: image/webp
cache-control: public, max-age=31207445
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 2302
expires: Thu, 31 Oct 2024 19:50:38 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 387 B
418 B 99ms
25ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.fimela.com&callback=_gfp_s_&client=ca-pub-1089981280613575

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202310310101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-1089981280613575&plah=www.fimela.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6f65d27d3a33aaa34e69a4d428962c9ba5378432aaff786e90ab6aef7b200d04

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 250
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FDFB 0
20 B 219ms
218ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-1089981280613575&output=html&adk=1812271804&adf=3025194257&lmt=1699196793&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A192%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x1080_l%7C260x1080_r&format=0x0&url=https%3A%2F%2Fwww.fimela.com%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&dt=1699196792860&bpp=4&bdt=772&idt=307&shv=r20231101&mjsv=m202310310101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1613126716053&frm=20&pv=2&ga_vid=130911004.1699196792&ga_sid=1699196793&ga_hid=211535687&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C31079296%2C31079344%2C44807047%2C44807335%2C44807454%2C31078297%2C31079384%2C31079156&oid=2&pvsid=280461385158023&tmod=1272286115&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=12&uci=a!c&fsb=1&dtd=332

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:33 GMT
expires: Sun, 05 Nov 2023 15:06:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 pd Show response
google-bidout-d.openx.net/w/1.0/ Frame CAAF 0
92 B 47ms
20ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by: Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 20
content-type: text/html
date: Sun, 05 Nov 2023 15:06:33 GMT
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
via: 1.1 google

POST
H2 200 firebase:fetch Show response
firebaseremoteconfig.googleapis.com/v1/projects/kly-all-vertical/namespaces/ 116 KB
31 KB 217ms
216ms Fetch
application/json 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/kly-all-vertical/namespaces/firebase:fetch?key=AIzaSyDGt_EBulRPrTRA5fyA8mTJy4oyu-bxXYE

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/firebasejs/9.10.0/firebase-remote-config.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

72c07f03fccf6df24fd982f48bc9ff8beed6903098b5bdd6730726d0ffbd67c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Content-Encoding: gzip
Referer: https://www.fimela.com/
If-None-Match: *
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
etag: etag-kly-all-vertical-firebase-fetch--1713582472
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
access-control-expose-headers: etag,vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31583
x-xss-protection: 0

OPTIONS
H2 200 firebase:fetch
firebaseremoteconfig.googleapis.com/v1/projects/kly-all-vertical/namespaces/ Frame 0
0 119ms
24ms Preflight
text/html 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://firebaseremoteconfig.googleapis.com/v1/projects/kly-all-vertical/namespaces/firebase:fetch?key=AIzaSyDGt_EBulRPrTRA5fyA8mTJy4oyu-bxXYE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-encoding,content-type,if-none-match
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: content-encoding,content-type,if-none-match
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html
date: Sun, 05 Nov 2023 15:06:33 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 469ms
469ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=280461385158023&correlator=1813436928068434&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=36504930%2CKLY%2CDESKTOP%2CFIMELA.COM%2CSHOWCASE&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C250x250&ifi=13&didk=713553508&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1104e0ad8e1383b6-2254cb1c7be300fd%3AT%3D1699196793%3ART%3D1699196793%3AS%3DALNI_MZkOTurkXwA3pjlBCpmaA8ojkobiQ&gpic=UID%3D00000d9fb6ef654d%3AT%3D1699196793%3ART%3D1699196793%3AS%3DALNI_MbwEyFu-6sQuFkc1DitK8qrTavtow&abxe=1&dt=1699196793467&lmt=1699196793&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=c&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.fimela.com%2F&vis=1&psz=0x0&msz=0x0&fws=132&ohw=1600&ga_vid=130911004.1699196792&ga_sid=1699196793&ga_hid=211535687&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7N-VgLoxSABSAghkEhkKCnB1YmNpZC5vcmcY1-CVgLoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOzflYC6MUgAUgIIZBIXCghydGJob3VzZRiA4ZWAujFIAFICCGoSGQoKdWlkYXBpLmNvbRjs35WAujFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTlVaR2VTdFFjVVpTWms5MFZGbDJXVE0xTW1WTWR6MDlJbjA9GJbjlYC6MUgAEhsKDGlkNS1zeW5jLmNvbRiu4ZWAujFIAFICCGo.&dlt=1699196792089&idt=680&ppid=4cc9491390874593b23b3ab920160540kly&prev_scp=hb_format_taboola%3Dbanner%26hb_size_taboola%3D300x250%26hb_pb_taboola%3D0.06%26hb_adid_taboola%3D62dc4c5f2acd515%26hb_bidder_taboola%3Dtaboola%26hb_format%3Dbanner%26hb_size%3D300x250%26hb_pb%3D0.06%26hb_adid%3D62dc4c5f2acd515%26hb_bidder%3Dtaboola&cust_params=bsKeyword%3Dadult%252Cepidemic_desease%252Cparenting%26isMatcont%3D0%26brandsafety%3D0%26tags%3D%26currentUrl%3Dhttps%253A%252F%252Fwww.fimela.com%252F%26platform%3DDesktop%26type%3D%26pageType%3DChannelPage%26channel%3Droot%26audience%3Dfalse%26isAdvertorial%3Dfalse%26isMultipage%3Dfalse%26articleId%3D%26pagingNum%3Dfalse%26site%3Dfimela%26age%3Dfalse%26gender%3Dfalse%26subcategory%3Droot&adks=2479677002&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e58bc60141feb1ba3dbfc11feaa97abb37adfcf98f91ceec4441c547e0589f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14133
x-xss-protection: 0
google-lineitem-id: 6157672228
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138413238178
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 34 KB
14 KB 461ms
460ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=280461385158023&correlator=1537319354185309&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=36504930%2CKLY%2CDESKTOP%2CFIMELA.COM%2CHALFPAGE_1&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=300x250%7C300x600%7C160x600&ifi=14&didk=2906011294&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1104e0ad8e1383b6-2254cb1c7be300fd%3AT%3D1699196793%3ART%3D1699196793%3AS%3DALNI_MZkOTurkXwA3pjlBCpmaA8ojkobiQ&gpic=UID%3D00000d9fb6ef654d%3AT%3D1699196793%3ART%3D1699196793%3AS%3DALNI_MbwEyFu-6sQuFkc1DitK8qrTavtow&abxe=1&dt=1699196793471&lmt=1699196793&adxs=1012&adys=3167&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=d&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.fimela.com%2F&vis=1&psz=300x620&msz=300x0&fws=4&ohw=1600&ga_vid=130911004.1699196792&ga_sid=1699196793&ga_hid=211535687&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7N-VgLoxSABSAghkEhkKCnB1YmNpZC5vcmcY1-CVgLoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOzflYC6MUgAUgIIZBIXCghydGJob3VzZRiA4ZWAujFIAFICCGoSGQoKdWlkYXBpLmNvbRjs35WAujFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTlVaR2VTdFFjVVpTWms5MFZGbDJXVE0xTW1WTWR6MDlJbjA9GJbjlYC6MUgAEhsKDGlkNS1zeW5jLmNvbRiu4ZWAujFIAFICCGo.&dlt=1699196792089&idt=680&ppid=4cc9491390874593b23b3ab920160540kly&prev_scp=hb_format_taboola%3Dbanner%26hb_size_taboola%3D300x600%26hb_pb_taboola%3D0.19%26hb_adid_taboola%3D6395a3b25c6fb11%26hb_bidder_taboola%3Dtaboola%26hb_format%3Dbanner%26hb_size%3D300x600%26hb_pb%3D0.19%26hb_adid%3D6395a3b25c6fb11%26hb_bidder%3Dtaboola&cust_params=bsKeyword%3Dadult%252Cepidemic_desease%252Cparenting%26isMatcont%3D0%26brandsafety%3D0%26tags%3D%26currentUrl%3Dhttps%253A%252F%252Fwww.fimela.com%252F%26platform%3DDesktop%26type%3D%26pageType%3DChannelPage%26channel%3Droot%26audience%3Dfalse%26isAdvertorial%3Dfalse%26isMultipage%3Dfalse%26articleId%3D%26pagingNum%3Dfalse%26site%3Dfimela%26age%3Dfalse%26gender%3Dfalse%26subcategory%3Droot&adks=3354251340&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00b079c7ce7150ff773812cdc65f7dbe50375010031a9381187f5b8a7e9dd6e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14123
x-xss-protection: 0
google-lineitem-id: 6158289509
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138412753101
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 36 KB
14 KB 406ms
405ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=280461385158023&correlator=321978737585998&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=36504930%2CKLY%2CDESKTOP%2CFIMELA.COM%2CLEADERBOARD&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=15&didk=713041169&sfv=1-0-40&eri=1&sc=1&cookie=ID%3D1104e0ad8e1383b6-2254cb1c7be300fd%3AT%3D1699196793%3ART%3D1699196793%3AS%3DALNI_MZkOTurkXwA3pjlBCpmaA8ojkobiQ&gpic=UID%3D00000d9fb6ef654d%3AT%3D1699196793%3ART%3D1699196793%3AS%3DALNI_MbwEyFu-6sQuFkc1DitK8qrTavtow&abxe=1&dt=1699196793475&lmt=1699196793&adxs=436&adys=2628&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=e&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.fimela.com%2F&vis=1&psz=1024x250&msz=1024x250&fws=4&ohw=1600&ga_vid=130911004.1699196792&ga_sid=1699196793&ga_hid=211535687&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7N-VgLoxSABSAghkEhkKCnB1YmNpZC5vcmcY1-CVgLoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOzflYC6MUgAUgIIZBIXCghydGJob3VzZRiA4ZWAujFIAFICCGoSGQoKdWlkYXBpLmNvbRjs35WAujFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTlVaR2VTdFFjVVpTWms5MFZGbDJXVE0xTW1WTWR6MDlJbjA9GJbjlYC6MUgAEhsKDGlkNS1zeW5jLmNvbRiu4ZWAujFIAFICCGo.&dlt=1699196792089&idt=680&ppid=4cc9491390874593b23b3ab920160540kly&cust_params=bsKeyword%3Dadult%252Cepidemic_desease%252Cparenting%26isMatcont%3D0%26brandsafety%3D0%26tags%3D%26currentUrl%3Dhttps%253A%252F%252Fwww.fimela.com%252F%26platform%3DDesktop%26type%3D%26pageType%3DChannelPage%26channel%3Droot%26audience%3Dfalse%26isAdvertorial%3Dfalse%26isMultipage%3Dfalse%26articleId%3D%26pagingNum%3Dfalse%26site%3Dfimela%26age%3Dfalse%26gender%3Dfalse%26subcategory%3Droot&adks=3397297342&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

759980f0667a0ccc886f5276b7ff4273113ba01509c38de8e24708b99d4f8616

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14646
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4035 0
0 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 57 KB
19 KB 826ms
825ms Fetch
text/plain 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=280461385158023&correlator=4097244599990184&eid=676982961&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=36504930%2CKLY%2CDESKTOP%2CFIMELA.COM%2CMASTHEAD%2CTOP_FRAME%2CBOTTOM_FRAME%2CSKINAD&enc_prev_ius=%2F0%2F1%2F2%2F3%2F4%2C%2F0%2F1%2F2%2F3%2F5%2C%2F0%2F1%2F2%2F3%2F6%2C%2F0%2F1%2F2%2F3%2F7&prev_iu_szs=1x1%2C1x1%2C468x60%2C1x1&ifi=16&didk=4126510954~94873734~1061835538~283994446&sfv=1-0-40&ists=13&eri=1&sc=1&cookie=ID%3Ddc44e677e39b9d59%3AT%3D1699196792%3ART%3D1699196792%3AS%3DALNI_MZqku6Y1wPqfEf8F3diN_bKsYeHSA&gpic=UID%3D00000cc7d3489701%3AT%3D1699196792%3ART%3D1699196792%3AS%3DALNI_MYrXKToCXII6IrU5GQH1UJzlpUSbA&abxe=1&dt=1699196793725&lmt=1699196793&adxs=288%2C288%2C566%2C1337&adys=15%2C15%2C1140%2C80&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C0%7C0%7C0&ucis=f%7Cg%7Ch%7Ci&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.fimela.com%2F&vis=1&psz=1024x200%7C1024x200%7C1600x60%7C150x-1&msz=1024x200%7C1024x0%7C1600x60%7C150x-1&fws=4%2C4%2C516%2C516&ohw=1600%2C1600%2C1600%2C1600&psts=AOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a%2CAOrYGslXqzWxZnMwa10HhsoG5C0a&ga_vid=130911004.1699196792&ga_sid=1699196793&ga_hid=211535687&ga_fc=true&a3p=EhwKDWNyd2RjbnRybC5uZXQY7N-VgLoxSABSAghkEhkKCnB1YmNpZC5vcmcY1-CVgLoxSABSAghqEh0KDmVzcC5jcml0ZW8uY29tGOzflYC6MUgAUgIIZBIXCghydGJob3VzZRiA4ZWAujFIAFICCGoSGQoKdWlkYXBpLmNvbRjs35WAujFIAFICCGQSPgoFb3BlbngSLGV5SnBJam9pTlVaR2VTdFFjVVpTWms5MFZGbDJXVE0xTW1WTWR6MDlJbjA9GJbjlYC6MUgAEhsKDGlkNS1zeW5jLmNvbRiu4ZWAujFIAFICCGo.&dlt=1699196792089&idt=680&ppid=4cc9491390874593b23b3ab920160540kly&cust_params=bsKeyword%3Dadult%252Cepidemic_desease%252Cparenting%26isMatcont%3D0%26brandsafety%3D0%26tags%3D%26currentUrl%3Dhttps%253A%252F%252Fwww.fimela.com%252F%26platform%3DDesktop%26type%3D%26pageType%3DChannelPage%26channel%3Droot%26audience%3Dfalse%26isAdvertorial%3Dfalse%26isMultipage%3Dfalse%26articleId%3D%26pagingNum%3Dfalse%26site%3Dfimela%26age%3Dfalse%26gender%3Dfalse%26subcategory%3Droot&adks=2353494801%2C3909429986%2C3955450381%2C601844814&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e91fd654366b1adbc8b446eae2f36d8a5d2534ffb0371535d7dd4e7b4602cda5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
observe-browsing-topics: ?1
google-mediationgroup-id: -2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19653
x-xss-protection: 0
google-lineitem-id: 5670667384,-2,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138453445453,-2,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 container.html Show response
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 4035 6 KB
3 KB 16ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 4035 4 KB
1 KB 74ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 13:15:55 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CBE7 14 KB
1 KB 68ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 05 Nov 2023 13:09:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame CBE7 2 KB
879 B 30ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 798
x-xss-protection: 0
server: cafe
etag: 15713038447858168282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:21:46 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/ Frame CBE7 23 KB
9 KB 26ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/abg_lite_fy2021.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:21:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71087
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9345
x-xss-protection: 0
server: cafe
etag: 15168757854195530193
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:21:46 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43C3 143 B
166 B 26ms
23ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 14:10:03 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame CBE7 3 KB
1 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 13:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5799
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 13:29:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A65A 1 KB
643 B 24ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45866
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Mon, 06 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame CBE7 20 KB
9 KB 22ms
17ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame CBE7 0
0 24ms
21ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQKCZpR4_25zfAJPZsltk5xvYCEN4PwC5zLV_fVhxEFWl1vjj7zfheFcB1v7DJo3F_cFNoKKcAuWvYSt2L8i4oTvnkqbA
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CBE7 189 KB
60 KB 75ms
33ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:33 GMT

GET
H3 200 ac1dbca482530a26bafc7a8c1241173a.js Show response
www.gstatic.com/mysidia/ Frame CBE7 36 KB
15 KB 49ms
13ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/ac1dbca482530a26bafc7a8c1241173a.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 17:18:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15099
x-xss-protection: 0
last-modified: Wed, 01 Nov 2023 17:23:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 01 Feb 2024 17:18:51 GMT

GET
H2 200 interstitial_ad_frame_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/ Frame 4035 21 KB
9 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 20:49:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 65808
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8796
x-xss-protection: 0
server: cafe
etag: 1225823381704108053
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 20:49:45 GMT

GET
H3 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4035 205 B
229 B 55ms
23ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Thu, 02 Nov 2023 08:30:10 GMT
x-content-type-options: nosniff
age: 282983
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 01 Nov 2024 08:30:10 GMT

GET
H3 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 4035 604 B
628 B 49ms
17ms Image
image/png 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Fri, 03 Nov 2023 12:18:27 GMT
x-content-type-options: nosniff
age: 182886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 02 Nov 2024 12:18:27 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A65A
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEGq0-Z3y-q-6ihXHJ_EODNE&google_cver=1&google_push=AXcoOmST14cNWp8Dy1lT4Nuhuw6mFdlSF0A7nsHsYWPs7-GIc4ftt_EJ_KRfetRLIeed56FDtshH2ekyLxrwARzcHbpsupBONiJbkA
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmST14cNWp8Dy1lT4Nuhuw6mFdlSF0A7nsHsYWPs7-GIc4ftt_EJ_KRfetRLIeed56FDtshH2ekyLxrwARzcHbpsupBONiJbkA&google_hm=Q0FFU0VHcTAtWjN5LXE...

170 B
233 B

48ms
47ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmST14cNWp8Dy1lT4Nuhuw6mFdlSF0A7nsHsYWPs7-GIc4ftt_EJ_KRfetRLIeed56FDtshH2ekyLxrwARzcHbpsupBONiJbkA&google_hm=Q0FFU0VHcTAtWjN5LXEtNmloWEhKX0VPRE5F

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 05 Nov 2023 15:06:33 GMT
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AXcoOmST14cNWp8Dy1lT4Nuhuw6mFdlSF0A7nsHsYWPs7-GIc4ftt_EJ_KRfetRLIeed56FDtshH2ekyLxrwARzcHbpsupBONiJbkA&google_hm=Q0FFU0VHcTAtWjN5LXEtNmloWEhKX0VPRE5F
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 451 466606.gif
id.rlcdn.com/ Frame A65A 0
99 B 67ms
21ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmR8GQuonhusTBcGcSBEjy8yebrmjgDnjUedleOsbVAWQ4mguSU7DJbDsw17srxaaz0PxtOD00tfMpAtfqf84WnxrjDXxUNqrk0&google_gid=CAESENDFWj5C4zNCtCcsbb479dU&google_cver=1
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A65A
Redirect Chain

https://ads.travelaudience.com/google_pixel?google_gid=CAESEEarqgwLirt6HK0U7ncGxAw&google_cver=1&google_push=AXcoOmRVVm9uvePFw9xJOlw_rguDiP4uXwlMc266NiigriGGjf9iiC-VrPqES7WfyKMCWvBqXHip57VGESC5udHX...
https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ts3H7ZzSRfIsUILLoK6vSg&google_push=AXcoOmRVVm9uvePFw9xJOlw_rguDiP4uXwlMc266NiigriGGjf9iiC-VrPqES7WfyKMCWvBqXHip57VGESC5udHXxYT3iyoPAGvy0as

170 B
233 B

47ms
46ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ts3H7ZzSRfIsUILLoK6vSg&google_push=AXcoOmRVVm9uvePFw9xJOlw_rguDiP4uXwlMc266NiigriGGjf9iiC-VrPqES7WfyKMCWvBqXHip57VGESC5udHXxYT3iyoPAGvy0as

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sun, 05 Nov 2023 15:06:33 GMT
via: 1.1 google
x-engine-version: 0.0.0
server: nginx/1.21.6
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR LAW CUR DEV PSA PSD IVA OUR BUS UNI COM NAV INT CNT LOC"
location: https://cm.g.doubleclick.net/pixel?google_nid=ta&google_hm=Ts3H7ZzSRfIsUILLoK6vSg&google_push=AXcoOmRVVm9uvePFw9xJOlw_rguDiP4uXwlMc266NiigriGGjf9iiC-VrPqES7WfyKMCWvBqXHip57VGESC5udHXxYT3iyoPAGvy0as
x-host: tde-deliveryengine-production-bb588bf9-w4z7s
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A65A
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQJK5P5...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAXcoOmQJK5P5...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDUxNTA2MzQwMDAxMzkwNjEwNzI0NQ%3D%3D&google_push=AXcoOmQJK5P5Shb6z4Ycv1FY7hI4j0uwsXlIabx8IA2T8q4JZDJG1Ev6duTcCCfX6xhkYm...

170 B
188 B

25ms
25ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDUxNTA2MzQwMDAxMzkwNjEwNzI0NQ%3D%3D&google_push=AXcoOmQJK5P5Shb6z4Ycv1FY7hI4j0uwsXlIabx8IA2T8q4JZDJG1Ev6duTcCCfX6xhkYm8-5E0W1yaxd_M13mIvvdsG8VdL9eui1Dg

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMzExMDUxNTA2MzQwMDAxMzkwNjEwNzI0NQ%3D%3D&google_push=AXcoOmQJK5P5Shb6z4Ycv1FY7hI4j0uwsXlIabx8IA2T8q4JZDJG1Ev6duTcCCfX6xhkYm8-5E0W1yaxd_M13mIvvdsG8VdL9eui1Dg
pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sun, 05 Nov 2023 15:06:34 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame A65A
Redirect Chain

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ4u2...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0jO4K6HhcbTeC-Lj9w5q_98qb0VD3uqZ7CANpw&google_push=AXcoOmQ4u2679ol7KrVFPqNEQk0wEaXNLlq9oXGPmQRLGGpTNAZyrj_pwoRkhlviJbItBlKqk8QfNI0WVQbe...

170 B
330 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0jO4K6HhcbTeC-Lj9w5q_98qb0VD3uqZ7CANpw&google_push=AXcoOmQ4u2679ol7KrVFPqNEQk0wEaXNLlq9oXGPmQRLGGpTNAZyrj_pwoRkhlviJbItBlKqk8QfNI0WVQbe7pLO4VmqfXQIRqIVugQ

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-0jO4K6HhcbTeC-Lj9w5q_98qb0VD3uqZ7CANpw&google_push=AXcoOmQ4u2679ol7KrVFPqNEQk0wEaXNLlq9oXGPmQRLGGpTNAZyrj_pwoRkhlviJbItBlKqk8QfNI0WVQbe7pLO4VmqfXQIRqIVugQ
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1107066
content-length: 0
expires: Sun, 05 Nov 2023 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A65A
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEIt38uyUCP0P0gRo2bU1mbU&google_cver=1&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33bOZ1kA...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEIt38uyUCP0P0gRo2bU1mbU&google_cver=1&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33b...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE3NDQ4OTc5MDAyMzgxMzU2OA&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33bOZ1...

170 B
188 B

28ms
27ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE3NDQ4OTc5MDAyMzgxMzU2OA&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33bOZ1kAnhCxZ3YqUktzoh5GMiKmTIo

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=MzE3NDQ4OTc5MDAyMzgxMzU2OA&google_push=AXcoOmThj44vMybWxXUEpkcP-SCRUzmkEhnNThTT-UvN1T8_hu1ZZkwgkQmwuFuVX2E516Ii33bOZ1kAnhCxZ3YqUktzoh5GMiKmTIo
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 trk
ag.innovid.com/ Frame A65A 43 B
298 B 273ms
22ms Image
image/gif 2a05:d01c:1d8:8100:8fce:4ad0:61a1:a65c
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKeYjMsyIz1YyLWIuJvfvV4&google_cver=1&google_push=AXcoOmTQgCy2cwc0x1_Or_jbB7CyXBz1tRfUc6331zVEljtBfVGWrTve89xTBAKb6tT225Z2G4CShIoRJNtfsx6U3NS-vtpmYwqvcQ
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:8fce:4ad0:61a1:a65c London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
cache-control: no-cache
content-length: 43
request-time: 1
expires: -1

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame A65A 0
140 B 67ms
21ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KYO7I0q1K4vHqryMfomuY27xDl61UK_cu7jfISPVaKYLESbIKx9SYYHF7VIXN9GRpVW_b9

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 43C3
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

31ms
30ms

Document
text/html

2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:33 GMT
expires: Sun, 05 Nov 2023 15:06:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:33 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1606 6 KB
3 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 7E28 169 KB
53 KB 130ms
89ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUeveQAIY8oK7dVJAABSTHXIOBEpCzQIUOS4ig&u=%7CRr15wD2RH8bs8WWVZ4Y13IMZ5I7z0g7l9ujAwbPygC0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5PaJIo7hg_UG8XX80x7hSFPhP0RgGvdECQZf64IrwqD6ONyYivKGP6cWISNMV9T2jWd8HfTpJaEYAo0QrEwrEmFMkBwn4sv6TcDQyBuD0JCRKgRSBM82ti-Mp1o9PvI1_8o8Ar_dDT8ZX_DPPVKvasYGuYNYOh6lL78dY5Dyb0GfaZMQSLtZh82_AGTTWxBZ3NAwqNNJa-LPgBhp9pAjcrMaUC6Ej9kDs5Rqo-6jlg4U3lsrjYphQinlCrgEehPLSyLC1goDMnQjF2S-JA3GyfgIXGEjwqWUplV0SdriJVRYBnUvnE9qIxKEMzOXuXXNkcH3QvpJ5TeVF_stNvg-2EqOz8oMpyi86Lx7lYSP8xlIptAXRBp6Vatob59cpS5wAnF68bTuxHVFpuNTkdtcmjfOlGAvDwgZEBMjcypI7Ig7bNuEimM-ri_0FWQ2rZwSF-kksI29cs1QAkZkuXvAgSF8QX-ogRwByBsAhw8e6SxpV2xLwYH-qte0G3olTwt6fiGZJcnmG_uEyP-jvNDTsJkCfxHi8kKHfVub-FjMvBV_likTHfn5j-o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMfPeea9HZcrHIcmqtwfMpIGwCsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yODM4MzQ5NzMwOTY2NDM5yAEJqQIq3HRoEwGyPuACAKgDAcgDAqoErwJP0DWW82LKZbnt0kNVB0KhDkLcLtnzVlMfeWgjeFsU4v2HqlxJoAJ38wEIKk8u7J-ekLYTA1n-QbTMIf1iQna2BhJOFt6YjJ0XxXeitWM998bp6flBSEEhrhQMxZlIYGrTAfZntxBOQl5UNiltgU9xv_Xa-JCktHtvgmKvIlqRf3pp_Lc6OyiA9c6Qku1Xia5-QhltovL_kQXuYyiwNb5tF1yruB8h2YaX5sRPUMhzu8jzmGA3jVpyBnkEqIEwxDqthb2FNEFQGD0G73QlgN5h9MogwMP4t5p6tb31JbVhn5JwBq39Rng8ChWzPHdyqBNby4DbIEMz7OYwps_rQ40148UMfJ0I-lA-r6fgdprU1MCSkSQqrMoHuAPpO_5ejOr1hu6uYM0sb-zuhWw8W0bgBAGABsmzwMbp97XX3gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1TU21FeJZOsvDR3XjulXEGSknPPQ%26client%3Dca-pub-2838349730966439%26adurl%3D

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bccf04cba1d13039d555397fbae09bff9666ad27eb5531650e4908fe127436cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=NdAVExkxDU7RmqrnT6VreG9WE4EuVnIytmgdpw8rg6trHQoxPLi2-E-EZQCcNSFmrEwLPg24EJJIWF4p3dZQl0v-y4QJWRLBpGEX1FMKnBuu2TCS_Y3W_5sUw26IX75-1fpz7HtRjlTHmoQvRF_8j-5q29QYa7t84Tg7nBuaUB45-2K8hsSCe67CfJEiNn9E2rs0yDMOKRy7d5xhIm-nmlvkv3dY3PqvhX1dr5QQlGM7hj028gdNAy8oy1pQRIgzEqt_yA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 63009813
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1606 3 KB
1 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 13:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5799
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 13:29:54 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1606 20 KB
8 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71145
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 1606 0
0 30ms
29ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSmlqTnM3zJsT_eXdKtRt8roJ_ZbWLu9DqM8T-L5XGLWx7HtIxejiciaWgmxYRp_sCDjMpEHk3W1tWJkRn0_PjJhkNC2Q
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 1606 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 358431
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Oct 2024 11:32:42 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1606 189 KB
59 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:34 GMT

GET
H3 200 container.html
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5BC8 0
0 18ms
18ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET container.html
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A158 0
0

GET
H3 200 QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js Show response
pagead2.googlesyndication.com/bg/ Frame 3BC3 50 KB
19 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/QFuvQnGphQ6GO9QABj_Aqe7B_rJiyTlA9JcZ7sKm_jE.js

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 19:42:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 329072
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19777
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 31 Oct 2024 19:42:02 GMT

GET
H3 200 container.html Show response
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 5BC8 6 KB
3 KB 20ms
15ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A158 6 KB
3 KB 19ms
16ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 1606 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f7f6ab07ca31578f7ad6cbc164b7802a0b8fb1745ecc37630a20489c3d3b1802

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 5BC8 24 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 358432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Oct 2024 11:32:42 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame 5BC8 26 KB
9 KB 18ms
17ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26307
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=L44C6OFvo96s1V4bHyswb8bIblvJISthsj1n0PRdvfcu9%2Fp%2FDOZgQPQcv2jQops%2FheuxGfKHWl8qyIvaH6Pb6O73mfSeVvc5W77hzWWSWn3CuGCiTTvyT%2B%2FKSPVMKAnJn8rHaETg2dXZVak14zQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8216005b2b536951-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BC8 189 KB
59 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:34 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame A158 24 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 358432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Oct 2024 11:32:42 GMT

GET
H2 200 creative.js Show response
cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/ Frame A158 26 KB
9 KB 16ms
16ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/prebid-universal-creative@latest/dist/creative.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 26307
x-jsd-version: 1.16.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-jnb7024-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"6721-FSYTlyriJmmnEqYsq5KQLDRsrFg"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G4kn1rhGf26s1rmCPOk12AOTx4QgBsBhVq4JTxyHV7ElngfrB%2FNjWQ%2BPWQ5xUBClIy9E%2Fl43kSlZptzTIZGQ01yf%2BpAiPp3K3wdJxhamFZuGAIlDYIMmTmPqIjSEWXYnZvzY%2FFk93F1hsbkWlHo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 8216005b3b596951-FRA

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A158 189 KB
59 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:34 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 1606 0
0 59ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CcRkCea9HZcrHIcmqtwfMpIGwCsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yODM4MzQ5NzMwOTY2NDM5yAEJqQIq3HRoEwGyPuACAKgDAcgDAqoErAJP0DWW82LKZbnt0kNVB0KhDkLcLtnzVlMfeWgjeFsU4v2HqlxJoAJ38wEIKk8u7J-ekLYTA1n-QbTMIf1iQna2BhJOFt6YjJ0XxXeitWM998bp6flBSEEhrhQMxZlIYGrTAfZntxBOQl5UNiltgU9xv_Xa-JCktHtvgmKvIlqRf3pp_Lc6OyiA9c6Qku1Xia5-QhltovL_kQXuYyiwNb5tF1yruB8h2YaX5sRPUMhzu8jzmGA3jVpyBnkEqIEwxDqthb2FNEFQGD0G73QlgN5h9MogwMP4t5p6tb31JbVhn5JwBq39Rng8ChWzPHdyqBNby4DbIEMz7OYwps_rQ40148UMfJ0IuFIfPSdzpqdyBOdIHQTDCMQgsrXjFebcOCLIIBwRfuE09yZ6pYXgBAGABsmzwMbp97XX3gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItMjgzODM0OTczMDk2NjQzORjioB0&sigh=gWw5AEAG_ys&uach_m=[UACH]&cid=CAQSTQDICaaNsZ8sn_7KWzbP0zkawitvRFRre2NTVLn-xFwBUErXzfwrHQ4a3Sn265s3XuBKIWvKRisLj2f2XrmY1TfI8vMZrsOuW0CNujf8GAE&cbvp=2&vis=1
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 1606 0
126 B 51ms
16ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=ksHZGOv_CsoH-gGdg2ICAgAAABRDuG5vcHYtNr6OLBB5r0dlgBs8X-QpyKI0UAAAEgAACgpBUVVCRHdFQkR3&wp=ZUeveQAIY8oK7dVJAABSTHXIOBEpCzQIUOS4ig&cbvp=2

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 203612
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 7E28 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUeveQAIY8oK7dVJAABSTHXIOBEpCzQIUOS4ig&u=%7CRr15wD2RH8bs8WWVZ4Y13IMZ5I7z0g7l9ujAwbPygC0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhaVHQ6RkVc1uRRN7U2tIy92afbib4fbn5PaJIo7hg_UG8XX80x7hSFPhP0RgGvdECQZf64IrwqD6ONyYivKGP6cWISNMV9T2jWd8HfTpJaEYAo0QrEwrEmFMkBwn4sv6TcDQyBuD0JCRKgRSBM82ti-Mp1o9PvI1_8o8Ar_dDT8ZX_DPPVKvasYGuYNYOh6lL78dY5Dyb0GfaZMQSLtZh82_AGTTWxBZ3NAwqNNJa-LPgBhp9pAjcrMaUC6Ej9kDs5Rqo-6jlg4U3lsrjYphQinlCrgEehPLSyLC1goDMnQjF2S-JA3GyfgIXGEjwqWUplV0SdriJVRYBnUvnE9qIxKEMzOXuXXNkcH3QvpJ5TeVF_stNvg-2EqOz8oMpyi86Lx7lYSP8xlIptAXRBp6Vatob59cpS5wAnF68bTuxHVFpuNTkdtcmjfOlGAvDwgZEBMjcypI7Ig7bNuEimM-ri_0FWQ2rZwSF-kksI29cs1QAkZkuXvAgSF8QX-ogRwByBsAhw8e6SxpV2xLwYH-qte0G3olTwt6fiGZJcnmG_uEyP-jvNDTsJkCfxHi8kKHfVub-FjMvBV_likTHfn5j-o&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCMfPeea9HZcrHIcmqtwfMpIGwCsme0rFc1Z2R93DAjbcBEAEgAGCVAoIBF2NhLXB1Yi0yODM4MzQ5NzMwOTY2NDM5yAEJqQIq3HRoEwGyPuACAKgDAcgDAqoErwJP0DWW82LKZbnt0kNVB0KhDkLcLtnzVlMfeWgjeFsU4v2HqlxJoAJ38wEIKk8u7J-ekLYTA1n-QbTMIf1iQna2BhJOFt6YjJ0XxXeitWM998bp6flBSEEhrhQMxZlIYGrTAfZntxBOQl5UNiltgU9xv_Xa-JCktHtvgmKvIlqRf3pp_Lc6OyiA9c6Qku1Xia5-QhltovL_kQXuYyiwNb5tF1yruB8h2YaX5sRPUMhzu8jzmGA3jVpyBnkEqIEwxDqthb2FNEFQGD0G73QlgN5h9MogwMP4t5p6tb31JbVhn5JwBq39Rng8ChWzPHdyqBNby4DbIEMz7OYwps_rQ40148UMfJ0I-lA-r6fgdprU1MCSkSQqrMoHuAPpO_5ejOr1hu6uYM0sb-zuhWw8W0bgBAGABsmzwMbp97XX3gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1TU21FeJZOsvDR3XjulXEGSknPPQ%26client%3Dca-pub-2838349730966439%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 7E28 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 7E28 308 B
636 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 7E28 293 B
621 B 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 7E28 43 B
348 B 62ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=qx4Y8uI7S6qMdOBvnXonC7MjT2uCegHCTgnpfcSMSVVMxEIwBT4GpVD6SEk8OilIWz-6czj7fTYK81m84Akj-pOE4stVrXwzMWDFiEVbDYmA29gEtRytevEq7Wrwtmpkwmq1QFzj0H0VLI5VjX1jTaPLF7QW7j2Emc7cLlXbJBuuZi5n-ENG7McTtOcQRCZ2sO6doxtAIjEE5nBI2vFJr8ROuoVpgPc4JfOWFnIAB5xwA0ls6bdilAqWS2k6Xcy2OiPUmxr6OdCyUJ99ucxdW66NNciszJz14DT5FuisgAfaJgfSadlKkjylYGwMhZRimCATm2ZoCEXzJ4E9AezpzpJAsrc9QeW5PulQYjtq_Y6Hn2sX5QxsTh7p3_J58_eY9T298oKN5OnGOZFr_bYV5Li8l7U8jb0LdsWYbCrd98Og53Xb

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2181113
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 7E28 12 KB
6 KB 15ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 4 KB
4 KB 84ms
29ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=496&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048790%2F411021e816b7434f8f71ebb18eb8e2f3_kare-spassamwohnen-2020-clean-rgb.jpg&v=3&w=356&rid=4&s=19t5lsFnFfF5MKDT18n1bH8T

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3686
expires: Fri, 18 Oct 2024 12:23:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 31 KB
31 KB 101ms
46ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048790%2F921f53e9832f407baf37a7a7682e9e84_2023-09-native-ads-puppet-players-500x500px.jpg&v=3&w=1200&rid=4&s=MnpBGyFF2-6M9Rw4VbvvwJ63

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c883a4fb6fe3a0d9103a7e972061e32fb94f1f5eb192b19a77c59fa40f7cfae5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 31422
expires: Fri, 18 Oct 2024 12:23:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 15 KB
15 KB 83ms
28ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F71b65d730aaaf408e626e32814b3dc46abb45166.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=RV6rJVwSjli8sG0dOCRwrBNe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fe61e89759d850dfc59195612601e38453136a782807658d92c792fc01b4cb31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 15634
expires: Wed, 02 Oct 2024 09:46:06 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 11 KB
11 KB 71ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F15979a6a74dad10daa4aabc9b0a125ec26de8e14.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=tXuDTQBn_FPpaDAgv7cs16BC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b8634cd6b366fa1fdd033380185186ca4d0a32c81a7e4d2ca67e204123a6d631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11452
expires: Tue, 29 Oct 2024 15:16:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 28 KB
29 KB 89ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fa130c5d7fa8dffc72f7c6bbde2420064b2e3cac0.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=Rx3gGFxyPrRzCB8oXDvkFGdy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c121271299d3fcb7544cd07b6fdc800c434624558dade4763692ebdfa8957170

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 29038
expires: Wed, 02 Oct 2024 08:31:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 24 KB
24 KB 97ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F3b60ceefa7cf3e74772124babe9ea223d136b385.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=dlazATnU4oiPMkylvQPRxwMF&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ebfca63f7fdeedc7c8b301aeff863661051d15f543cd7f983697f37db1f610f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24498
expires: Fri, 04 Oct 2024 06:21:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 7 KB
8 KB 35ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F1609dadbdb6a6f44ddfaefcb5f880622ef4dbf68.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=EUZbUnmbjLQ4MDJSA6arLyud&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2dacdcd695c495a6f57f184553d3dead2a685f3f19844f10203f09555b2473ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 7490
expires: Sun, 13 Oct 2024 10:45:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 7E28 4 KB
5 KB 34ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F8ec11f9556ed6e08ee5c745460369d892a475951.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=400&rid=4&s=B2253gPXlC9KtiTgSvzmjTpN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

60f513c8a26ca60529ad50593c496420ee02bc16429e76e83b50c6b63c322b79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 4416
expires: Wed, 02 Oct 2024 15:58:41 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 7E28 0
128 B 46ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=NdAVExkxDU7RmqrnT6VreG9WE4EuVnIytmgdpw8rg6trHQoxPLi2-E-EZQCcNSFmrEwLPg24EJJIWF4p3dZQl0v-y4QJWRLBpGEX1FMKnBuu2TCS_Y3W_5sUw26IX75-1fpz7HtRjlTHmoQvRF_8j-5q29QYa7t84Tg7nBuaUB45-2K8hsSCe67CfJEiNn9E2rs0yDMOKRy7d5xhIm-nmlvkv3dY3PqvhX1dr5QQlGM7hj028gdNAy8oy1pQRIgzEqt_yA&sds=2&rev=89168&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 7E28 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 7E28 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BC8 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuyi8oGQsaNfVkFjajplIHt8u_Y4Lbx2h9yffqwXN9VUV6-lN9V07VwLB4S4Y74ojcay5OXE7UugscHK3S-XT_S3U8G51L5bnWgo9yuxD0udj5vLlU69zT15pc1T8ORwmK6-OU3uf2fNMw9F_qSbwMhp36gs1hq2p-aj7TvG59o4ZVaowLxDr9Trj1402PtNy7nF0WmwVvsOUj8iczAESpbbR3UWo08mcZ6YEn_ZhGTMmzFCwCv_w2JpuyP3PStLmygbqB4sm309fk4GPPmXXrmKlXLgtoKCzTZkVzUyUwp9vRkzv_nJkfcDF8te1-uM089gf4VN14vxOnsTjTEwyFvm1hU7bcoruK3iVtowRvAvVZiFlBT9E6pqTuP6D8ok9En_nnA&sai=AMfl-YTVUN_8Ln5JQdKLQFISyU_Lb3PGP2HL-DSe-k0wOvssRvulok1mC4ypVogbPKrZ6FXIquDjVawVcgiX4jsIfigu9axP42Zpbvkp__LDY_EuDBPS3RUXWz8ToJ4-Nm7RPIUmNdUhgmmU56MbKpmgfw&sig=Cg0ArKJSzETSSO5QDmULEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A158 0
0 52ms
51ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv91QoUAmLt3nr5IKPZKhy4qHsQdtHY5KbMgd2As_4vJGK-rDVeZQnIuLyxZ571uxDlN90SNApWBRo8JYciR--KnmAkeLcwBxWEN2KA0UOTmGnHc0a1MreibObYrWTwwit9Y_kXHopzrmQNmB9XMoqOZBq_sDcXOMgm9Mjv__cwsbZNz0bogBhW6-4RE6lFLAPsb18IIbEpz4LD4GAQxiVVjPTyXC7WHN9hj__WoLv-9ueXyBoKG21mxTqZlOuRISuwvtm8EF5h-wkbcQmTlaNtap6YK6Orbz57f4uaTqgbKmpwvo_mZah7b-cqUrLRvs2RU8BT8JBFMieu9sddIuVLwdgdKntzLO5JZhwYDhDk0dFLPinUh3F3HgJHbYmRm3u5&sai=AMfl-YShlAq0vU5Wq75XK02tYYQ_VhjnY6Z4eWUBthsKkV5LvUR63sMlL-bQWt-7RWy8D2dT2_r4zqX1qUN-PJqrzwPTxhE8YIW8sxATmJUEVxWhjK7uf1n5Bmx09B5FX2nk-CK6b3ZUHipHNN5k8uZZJw&sig=Cg0ArKJSzG97jx7cxvWUEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/ Frame 7692 209 KB
46 KB 520ms
488ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43b788d88d405a6bbd73f4a4a99457a69b693b61d8bed450972b97cd4436267e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: aGZ_7UpiuEW_SrSK6q4wVThxIOS16Au9
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:34 GMT
x-amz-request-id: DBQS5ZDYX3F9M8PJ
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS
x-amz-replication-status: FAILED
content-length: 46508
x-amz-id-2: 4I3JUKiGWeeQjPEYZc1kXBQZn/uG9fhCTXgmdZhk75oJDIVtBd+P5rGSN2M+PDxUjolihw0PC6Y=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 05 Nov 2023 13:09:16 GMT
server: AmazonS3
x-timer: S1699196794.275183,VS0,VE478
etag: "1ad00e61dabc96bb67dbbc086179f924"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 61
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 0

GET
H2 204 recommendations.notify-win-nurl
api.taboola.com/2.0/json/emtekdigital-fimelaheaderbidding/ Frame 7692 0
60 B 80ms
34ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.taboola.com/2.0/json/emtekdigital-fimelaheaderbidding/recommendations.notify-win-nurl?app.type=desktop&app.apikey=0208da576d71919bb5ac9ecf5d1b67100bb52c21&response.id=__a60959fb824a3c756aef33884ebdf617__9495e87c5159a6ef84f58c258ab9c836__%7E%7EV1%7E%7E-4631277739423383911%7E%7EfCoO9kEFA5DKwls_Qp_vLgt1AhGVHrHZkWCEelAkFNicFZrbxS52BHIS2Q_DtdNJfiinRbGkABMZ8kHYRtwWmXCb6N0_qAH7rawM3tOrevZF1uDCUl2erKuhM8RA00Sf9q-bRkVrcWFtqU39YG4GcVXWa0UaoFYNJtG_o_QDJitf_MyXKRqhpFzbMtkb8hBQJKisFduVRIvIQH0G0LC41un_6HIrnknPxWgc-E9tDLbsjinOWAnigjqmsFdxnYI8%2C%7E%7EV1%7E%7E-2288076820657284133%7E%7EeKyBqTKM03B7XKGYy3s1Ax3f0kfWTc8Itr5RAvF50UfBf8Pt1UBx4VlROLvnyUYh6gPyQZo5VSiJLE4S46dqmu47htvcERiHnGtIaxOC_tsGsrwVUuNx94HJs5NmayeJTZmfHmbmRr17o5Ad-JuTyHgP6lsqs6hEeir3Xq7WohDFpHGYomrp4SO35WsOi9AVJVm8LXb4F-6UmiVPbNrdDH6SC34R1D001Lv3OqAr_2KsLrsP7qaP7kHZjNZ_J7AwOSuvZaY_DH7VRxjRKQ7cHA%2C%7E%7EV1%7E%7E6634222124009226894%7E%7EAUOViKN0DTugqoS0FuuJZSAlJEmB6hISI8IFsoCGngYe79Ni-eBnd8iQ4KmvvX-QpJK0f5KLYv_f5iznea3x8QfWAoVg2tuuuPVhh0DI8-XT6kDH3i4NzYVlQphcOVApBP75MyjeDeWwXCTCN8Uu0aYR-n2fLPbjqJRNB_BHCeVbNX6kTNDFzkD4wgJBHCC7lR55_tneSRlpH4HH6re459vytb5EMhGDR0bUogr-sJC4Ahnlt_6tiUWOJPJtG4seVAibw_ucRjo-oHTq_sNNFoOBokW2r4zr3TGAnGrbkbw__text%2Cphoto%2Ctext&response.session=v2_3d65b0be708bf0c3a15965e28806f17f_39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8_1699196792_1699196792_CIi3jgYQ3NFbGI-P-OimwMKhDyABKAEwODib4wlAiIoQSKKz2QNQ____________AVgAYABojrjL2PDaz7tbcAA&view.external-id=3eb3fef9-759c-41a4-974c-2478ca587032&vpb=EgRTQ09EGIbLAyCMhQQqCVRhYm9vbGFIQjDv45WAujE6GWFtLnRhYm9vbGFzeW5kaWNhdGlvbi5jb21CBzE1MDE0MDRKIGVtdGVrZGlnaXRhbC1maW1lbGFoZWFkZXJiaWRkaW5nUgpmaW1lbGEuY29tYJ7VA2oJVGFib29sYUhCcgRob21leAGCAT5maW1lbGEuY29tX1AxNTAxNDA0X1MxNTAxNDA0X1RoYWxmcGFnZV9ob21lcGFnZV8xX1czMDBfSDYwMF9OM4oBAmFt&idf=false&wp=0.1924&obp=41f2e03c83ca801f&it=TaboolaHB&cu=USD&viperAppType=SCOD&route=AM%3AAM%3AV
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 05 Nov 2023 15:06:34 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220094-FRA
pragma: no-cache
server: nginx
x-timer: S1699196794.290883,VS0,VE9
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 loader.js Show response
cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/ Frame 097B 209 KB
46 KB 505ms
488ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 43b788d88d405a6bbd73f4a4a99457a69b693b61d8bed450972b97cd4436267e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: aGZ_7UpiuEW_SrSK6q4wVThxIOS16Au9
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:34 GMT
x-amz-request-id: DBQS5ZDYX3F9M8PJ
age: 0
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: FAILED
content-length: 46508
x-amz-id-2: 4I3JUKiGWeeQjPEYZc1kXBQZn/uG9fhCTXgmdZhk75oJDIVtBd+P5rGSN2M+PDxUjolihw0PC6Y=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 05 Nov 2023 13:09:16 GMT
server: AmazonS3
x-timer: S1699196794.275405,VS0,VE478
etag: "1ad00e61dabc96bb67dbbc086179f924"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 77
access-control-allow-origin: *
cache-control: private,max-age=14401
accept-ranges: bytes
x-cache-hits: 1

GET
H2 204 recommendations.notify-win-nurl
api.taboola.com/2.0/json/emtekdigital-fimelaheaderbidding/ Frame 097B 0
351 B 64ms
33ms Image
image/gif 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://api.taboola.com/2.0/json/emtekdigital-fimelaheaderbidding/recommendations.notify-win-nurl?app.type=desktop&app.apikey=0208da576d71919bb5ac9ecf5d1b67100bb52c21&response.id=__a60959fb824a3c756aef33884ebdf617__2bb1f59ba33e1b7c29d59c5e1c855da6__%7E%7EV1%7E%7E1420867070603980800%7E%7E-kkx8hgg0oKZi5MKDGa20MW073IknmM0DLb9cqVeUph9_9IWyVTZYEw3zPc60dwzHu_TYvngZ3fIkOCpr71_kCf1P1jxHcE5td_gGW9B2uKY9ozIuzXWbcVkh1TIBq2-5vkW6cJHGLats0a0txgZI0nBggJ6t2ekgx4A0aVooQo8AcG1c6seag0AI_rH09A5gnNy2HJVOJL4gvIkRe7RvvKbbIX87EKTASQSrYTpLDDUZwXADswEBFolcD6QdqVTiYcVOQWIwQ17vxB0GLc9J_BHQuErHCl22tt4Xq_XVMz7eyuIXD71KvghsrgtDnog__photo&response.session=v2_3d65b0be708bf0c3a15965e28806f17f_39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8_1699196792_1699196792_CIi3jgYQ3NFbGI-P-OimwMKhDyABKAEwODib4wlAiIoQSKKz2QNQ____________AVgAYABojrjL2PDaz7tbcAA&view.external-id=3eb3fef9-759c-41a4-974c-2478ca587032&vpb=EgRTQ09EGIfLAyCOhQQqCVRhYm9vbGFIQjDu45WAujE6GWFtLnRhYm9vbGFzeW5kaWNhdGlvbi5jb21CBzE1MDE0MDRKIGVtdGVrZGlnaXRhbC1maW1lbGFoZWFkZXJiaWRkaW5nUgpmaW1lbGEuY29tYJ7VA2oJVGFib29sYUhCcgRob21leAGCAT5maW1lbGEuY29tX1AxNTAxNDA0X1MxNTAxNDA0X1RzaG93Y2FzZV9ob21lcGFnZV8xX1czMDBfSDI1MF9OMYoBAmFt&idf=false&wp=0.0692&obp=2246fcdb60542703&it=TaboolaHB&cu=USD&viperAppType=SCOD&route=AM%3AAM%3AV
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 10
date: Sun, 05 Nov 2023 15:06:34 GMT
via: 1.1 varnish
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-etou8220094-FRA
pragma: no-cache
server: nginx
x-timer: S1699196794.290833,VS0,VE10
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
DATA 200
OK truncated
/ Frame 5BC8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25263ac2de0bc79a33d9cb9a84f2eeae903fac04142fa292b65f731a912dc3a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 42FE 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eca995501da7b3c31f695c639801ae7a4b617be0312bc51eda497395cba6e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0751 0
0 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 9752050024755884832
tpc.googlesyndication.com/simgad/ Frame 42FE 50 KB
50 KB 15ms
15ms Image
image/jpeg 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9752050024755884832?

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c6d318106ebbd73bdd7635ed9d9612788b87cd473b2796b37df16596a05932

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:43:05 GMT
x-content-type-options: nosniff
age: 69809
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51141
x-xss-protection: 0
last-modified: Sat, 04 Nov 2023 04:26:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 03 Nov 2024 19:43:05 GMT

GET
H3

200

dot.gif
tpc.googlesyndication.com/pagead/imgad/ Frame 42FE
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstf9tkHJDjMrq6Sno4BAuHhWTuzTRa5-I6YMrdA7NdIUbKMjVRkNTyE6pa0cGTRr5OrtYSDNYDvesOJfj_Uwc5OcLuoXiBLfBcs5Puy0toGJF6GVf5UwT8lySfXa2lYJDyBNNccNkT1S...
https://tpc.googlesyndication.com/pagead/imgad/dot.gif

42 B
66 B

15ms
14ms

Image
image/gif

2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/imgad/dot.gif

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Tue, 31 Oct 2023 18:09:05 GMT
x-content-type-options: nosniff
age: 421049
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/gif
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 30 Oct 2024 18:09:05 GMT

Redirect headers

date: Sun, 05 Nov 2023 15:06:34 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://tpc.googlesyndication.com/pagead/imgad/dot.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 container.html Show response
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0751 6 KB
3 KB 15ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: www.fimela.com
URL: https://www.fimela.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:32 GMT
expires: Mon, 04 Nov 2024 15:06:32 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame A194 173 KB
56 KB 58ms
58ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUeveQAMqggK7ePBAAU0eLB4kDnKRBDTJXJTow&u=%7CRr15wD2RH8ZsJosYXl6IFV8PCGK4Syj6AGeTqsG5dDo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xZOo8mTeDbnt0r2yTMEpIfESH-9hkMGeEU5nicMYHz-moxIPjwg_L720TMr6cNjgm01Kt4THRNdsHoPXUbAi6rlpklF6TPLQA2btYZaqehdXdq6-qfDPhq5wPWCdU6c7YK094VOwqGs_T1sY5JMxSgBrtgrnYQ_fGgyGYqSP3__nNO56chNHdBadBitrRgY5mjhlC3wVN-VdNhz6T2WhG9cP91ArFwLLv1yRTjbpkeD5pjY9eJlrnBkUiX8dq4yenKgnl8KcmaYczXPASzKkARvHKYs0svLeHQLNwOb-bxOgl5WLly2UoNtbhb25O41ZCQZW6OMHa-lh3LzipTaCjvMOZZ59iNv22vgEt9_dg90ycxozglNLaPsuScNCigTVntmChWfZoefd5n6W3KhnP9WJeu84zscM3Y1UcWcA-sMir8JzEPa2f7R1xlcW6P2FvkWcoTreQPuQRIRG27hVWkjsCFJM-24C9vzmHGtAP-jXr-1gqX__KRp_8Bq6gPy-ZbEDK4qkThjgPxSplMFKeBNkd50kT9S3VBsknK89GID9w2RfnK0l-TX_O--rNe_GwQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2wckea9HZYjUMsHHtwf46JQoyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTI4MzgzNDk3MzA5NjY0MznIAQmpAircdGgTAbI-4AIAqAMByAMCqgSpAk_QYtnMdcjzSjMekF-d3ddnmeY4RQXss7lgfbVFUzS65hvZp9hizRI4bttLQrVEKadPjuqBWbScLJZxSvy-ytLX8tiWwfDHz5Tg7Lgfe5_GESfov8w45_-koSM506qfPedgJRCoL68fvV8-mlrWghNkLg8KIGto1-xITNv1e23iaV0GcNq-tAoN4YaAArKFSDTjV5ShvwEpbnSCoNk89pp-2FCvr2QjneHAWiuaSSi2dohAXC7205BjKUS3UYe32Y7hNlxWez9C5KhaMeQrjWN8FthRsYUq3h4qmoejfSI343976-5eZtJIOWeobpYDO1cfZJ0oGEdopzgo8DlYmgA_AbXlycD_rRmTNP_UUyPW-sbLmh9GASXks5QYMCl4H4wTWiFT4GEs3OAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Fxilc_WFP3kpy7Pdrigx0ifqibA%26client%3Dca-pub-2838349730966439%26adurl%3D

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bbce77366a053497fa21240bb3334ce290fda829c0987617b36442d5ec1651ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:34 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=SyaLfRkxDU7Rmqrn7oatNSF-6LLQqe69kPNf2I_aCrQapEpos18OtNPpBuT899aHfyWfrVhxUxfA5CbjXcr_qStPhUyG6F1Xz80NOXHUyoDkhrHl2AB5I8MRtyjWf0xYX5xFvKd8YNr6FyfpI5W4mInLbVj1txWDNbCDEdjCyfnnFs8kDQaVpqw_XNvTzsoW59fn688cMyRizpVhIXuqoCr_ZJB8oJXY2fK5QdckEWre92awx2-f_sxPGiiW_KgnJ7t-kQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 38456066
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0751 3 KB
1 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 13:29:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5800
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 13:29:54 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 2602 1 KB
643 B 14ms
13ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 45867
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 02:22:07 GMT
etag: 48472445140208031
expires: Mon, 06 Nov 2023 02:22:07 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 0751 20 KB
8 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sat, 04 Nov 2023 19:20:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71146
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8610
x-xss-protection: 0
server: cafe
etag: 7739385728678230190
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 18 Nov 2023 19:20:48 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 0751 0
0 21ms
21ms Image
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ_s15WuHVMC_qv8qTqOgizBGuLg1M5lmOo-uHde4Z0IcMXJAHtru9wmwD9eBXA0L_uEHQT5ZTzHjXxaaBufuWFmpQ3pw
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 0751 24 KB
6 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Wed, 01 Nov 2023 11:32:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 358432
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 31 Oct 2024 11:32:42 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0751 189 KB
59 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 60699
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1698838693892887"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 05 Nov 2023 15:06:34 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 2602 35 B
465 B 82ms
9ms Image
image/gif 2620:116:800d:21:93ca:31d8:d86e:38f6
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESELwi67HyS9R37HYRfsK3c4Q&google_cver=1&google_push=AXcoOmQq5e8vXk5kWSqozmN8-wJ2_ilOUVO9pDTyte3iBHmHCuxFas77OFpa59Jg_Y5cHvbo5UVsyyPRYzwf57CCM-B_2bxeKtdu

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:93ca:31d8:d86e:38f6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2602
Redirect Chain

https://gcm.ctnsnet.com/int/cm?exc=1&acc=crimtan&google_gid=CAESEJA53lDsVuIvTb8BUUkdslA&google_cver=1&google_push=AXcoOmRtSlTRrJL6prXaQ7BSL9DElCbQmXc2W9ykOoxa7Kjvist4x9d8b6QnLKdLuR1kP5hZWzVQXEcFY2H...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtSlTRrJL6prXaQ7BSL9DElCbQmXc2W9ykOoxa7Kjvist4x9d8b6QnLKdLuR1kP5hZWzVQXEcFY2HBX1f4uADA8cLNlY8&google_hm=zOV5gT8DSY2DWrzT15MVPos

170 B
188 B

30ms
29ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtSlTRrJL6prXaQ7BSL9DElCbQmXc2W9ykOoxa7Kjvist4x9d8b6QnLKdLuR1kP5hZWzVQXEcFY2HBX1f4uADA8cLNlY8&google_hm=zOV5gT8DSY2DWrzT15MVPos

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan&google_push=AXcoOmRtSlTRrJL6prXaQ7BSL9DElCbQmXc2W9ykOoxa7Kjvist4x9d8b6QnLKdLuR1kP5hZWzVQXEcFY2HBX1f4uADA8cLNlY8&google_hm=zOV5gT8DSY2DWrzT15MVPos
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 AdxPixel
tr.blismedia.com/v1/api/sync/ Frame 2602 0
174 B 71ms
19ms Image
text/plain 34.96.105.8
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEDedKc2qLJ6zDKpE2vucMZw&google_cver=1&google_push=AXcoOmRFMYSyPelBOEgEP1gsk7qthRUCsCai0MlLtYCc-_fqBFP0QUsP4VhOERZfq6FK1St-He6-7Ulkg8rgv7dAGRRCE9BXTas
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.96.105.8 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 8.105.96.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sync
x.bidswitch.net/ Frame 2602 43 B
147 B 58ms
8ms Image
image/gif 18.159.232.130
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEL9K3HuoOaWy-SvCoSzznr8&google_cver=1&google_push=AXcoOmSK0gaTt6iwnVgzpyaA8jdzaPTnC-GQpZXccTYcI28ugKC8EJG2zZgJxdgF1TyRyQ4n5c3TjJ61OUShCKwfvixiINb-7VSn
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.232.130 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-232-130.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2602
Redirect Chain

https://d5p.de17a.com/cookies/google?google_gid=CAESEDzJHkJxhjosV_650ZH8XD4&google_cver=1&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWetA...
https://d5p.de17a.com/cookies/google;c?google_gid=CAESEDzJHkJxhjosV_650ZH8XD4&google_cver=1&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWe...
https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWetARZFk

170 B
188 B

32ms
31ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWetARZFk

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=delta_projects_ab&google_ula=668382&google_push=AXcoOmQsAXSWq8xlhmyVZGDnehLh0K3FAiykvQTxb4NXWBbDvJJlKrJvsu2qmutn9JwvFNDxYhd-aC76LapPeaydQJPWetARZFk
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 ebda
match.360yield.com/match/ Frame 2602 43 B
200 B 129ms
33ms Image
image/gif 63.32.119.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.360yield.com/match/ebda?google_gid=CAESEIutcfQM-njSgKb2AM3hZ18&google_cver=1&google_push=AXcoOmRp6ZSlt2mFo-Ml88YWpbYGHvU-i5JIZ7UtDcTui6eM2o6QTkHG0rUF8M7NoXpVr_OziMqaDCG0WtZnZqXCOMVXWroJPgvJ
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 63.32.119.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-32-119-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 05 Nov 2023 15:06:34 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2602
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEGc4JnYH5vm_Zrvvo3zaav4&google_cver=1&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWEyA6YBXwCu7Jefk7AtfZ-6GibBaomJUHG18eDtajnjLUU
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&gdpr_consent=&us_privacy=&sync=1&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWEyA6YBXwCu7Jefk7AtfZ-6GibBaomJUHG18eDtajnjLU...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxODczMDIyODUyMzQ3NTYyMzc1Ng%3D%3D&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWE...

170 B
188 B

25ms
24ms

Image
image/png

142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxODczMDIyODUyMzQ3NTYyMzc1Ng%3D%3D&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWEyA6YBXwCu7Jefk7AtfZ-6GibBaomJUHG18eDtajnjLUU

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTAxODczMDIyODUyMzQ3NTYyMzc1Ng%3D%3D&google_push=AXcoOmRHMUSkWHTsVJCqPuovN2BQ8ftYVaRhIwlt5B4OWbcS59IF5UWEyA6YBXwCu7Jefk7AtfZ-6GibBaomJUHG18eDtajnjLUU
date: Sun, 05 Nov 2023 15:06:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 2602 0
12 B 22ms
22ms Image
text/html 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13J-YK5iNZvT1nzp2XZfVw9B5jVYUnkQE9rx7hFJ1AXol0wWhu6hz3WEvKjke7XuHftuYqP2

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 0751 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f62da4e6d15892dab32e9322372ad1b9220c83bddc43cc549b524a2adcacb7f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame A194 2 KB
1 KB 15ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZUeveQAMqggK7ePBAAU0eLB4kDnKRBDTJXJTow&u=%7CRr15wD2RH8ZsJosYXl6IFV8PCGK4Syj6AGeTqsG5dDo%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZWgJ4RDTbq-WYBETCqLzgI7qAwBaN6Gwh5zyJK9Upa8xZOo8mTeDbnt0r2yTMEpIfESH-9hkMGeEU5nicMYHz-moxIPjwg_L720TMr6cNjgm01Kt4THRNdsHoPXUbAi6rlpklF6TPLQA2btYZaqehdXdq6-qfDPhq5wPWCdU6c7YK094VOwqGs_T1sY5JMxSgBrtgrnYQ_fGgyGYqSP3__nNO56chNHdBadBitrRgY5mjhlC3wVN-VdNhz6T2WhG9cP91ArFwLLv1yRTjbpkeD5pjY9eJlrnBkUiX8dq4yenKgnl8KcmaYczXPASzKkARvHKYs0svLeHQLNwOb-bxOgl5WLly2UoNtbhb25O41ZCQZW6OMHa-lh3LzipTaCjvMOZZ59iNv22vgEt9_dg90ycxozglNLaPsuScNCigTVntmChWfZoefd5n6W3KhnP9WJeu84zscM3Y1UcWcA-sMir8JzEPa2f7R1xlcW6P2FvkWcoTreQPuQRIRG27hVWkjsCFJM-24C9vzmHGtAP-jXr-1gqX__KRp_8Bq6gPy-ZbEDK4qkThjgPxSplMFKeBNkd50kT9S3VBsknK89GID9w2RfnK0l-TX_O--rNe_GwQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC2wckea9HZYjUMsHHtwf46JQoyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTI4MzgzNDk3MzA5NjY0MznIAQmpAircdGgTAbI-4AIAqAMByAMCqgSpAk_QYtnMdcjzSjMekF-d3ddnmeY4RQXss7lgfbVFUzS65hvZp9hizRI4bttLQrVEKadPjuqBWbScLJZxSvy-ytLX8tiWwfDHz5Tg7Lgfe5_GESfov8w45_-koSM506qfPedgJRCoL68fvV8-mlrWghNkLg8KIGto1-xITNv1e23iaV0GcNq-tAoN4YaAArKFSDTjV5ShvwEpbnSCoNk89pp-2FCvr2QjneHAWiuaSSi2dohAXC7205BjKUS3UYe32Y7hNlxWez9C5KhaMeQrjWN8FthRsYUq3h4qmoejfSI343976-5eZtJIOWeobpYDO1cfZJ0oGEdopzgo8DlYmgA_AbXlycD_rRmTNP_UUyPW-sbLmh9GASXks5QYMCl4H4wTWiFT4GEs3OAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1Fxilc_WFP3kpy7Pdrigx0ifqibA%26client%3Dca-pub-2838349730966439%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame A194 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame A194 308 B
636 B 15ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame A194 293 B
621 B 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame A194 43 B
347 B 17ms
17ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=zvdpo8BbvSr4vayt3Ee_VVzorUDb--b9l3sDLLS-gIZf0wKpP5J5S4aY0yG4GNyZVHUDmhulw6oVEd-PSeFYWDlLwfceOA-NBSL7ueany06-2n0U9L6N7G1lYn_oJumAfxey8HUPXK2zrPJQCrTnkhypzVfnti8mIFDzr_w9t20ueL1PrxPaA__dGt3t9ABbB7t4AIkMQBV09DX6OJ5HyPnyIExzC3nEhMc3LRXBaPiMfMawiWhUBBWs4PjxH2wyvcjdzk_aaCMcIOcpmPSWP-GnGTkjPHhXTuNzZ5-tyFFbQN8MT4DLkpH0javE3s3YNTLjJLulwi_GOR4aTw4ddbv2pm8bfAotgCIACtC8DZk36KtSdWqCAhcW3PC5pJrsibyR0yl0rUeUrf9YYuhuCayhRfD-wPR72Yi8GNsWkR43TnpQP6lEdwDPj3uRUWPAPL5s4g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2453971
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame A194 12 KB
5 KB 36ms
14ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1716511
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wmLzvxywartHARDtprKYxBQAfwHkhIEjAPBmipf6Uuu%2Fl%2FCgl8%2BBh6D3dxaJRRH1Renr9iLklWFqtNQ2svIZ0j%2BK0slxRZz090XQDORG7J49VzIh9ZnLYrK5VOqe5ILDDm61qZ7c8aOaeAqYWkZmRmk1"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8216005f4e974d50-FRA
expires: Fri, 25 Oct 2024 15:06:34 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame A194 12 KB
6 KB 17ms
17ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame A194 38 KB
38 KB 82ms
54ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame A194 46 KB
46 KB 55ms
27ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 811d78f0330c4d6ba234a674a6545d2d_cpn_468x60_1.jpg
static.criteo.net/design/dt/3018/4784417/ Frame A194 9 KB
9 KB 19ms
16ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/4784417/811d78f0330c4d6ba234a674a6545d2d_cpn_468x60_1.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cb59d83d377288bed4eb2b448267c66f4c749b289261e3de3b7090734d3c97be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 12:30:42 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "653a5bf2-248a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9354
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 5 KB
5 KB 36ms
33ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=236&rid=4&s=9jhAugxtH6DpQWTZpqTdyWkO

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5a51967b56766b50cff426dde9d884e2cc82396d8542ed7f1687929a32133683

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5023
expires: Sun, 13 Oct 2024 03:35:25 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 48 KB
49 KB 17ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5026695%2Fda39fa951a3b472e81e4d9a7afddef5b_img_horizontal_3.jpg&v=3&w=1200&rid=4&s=IonQ0Rz4GxdUOn3snvG4mxnz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ad54e385f13d99fe91efd355a8f361d597708094574152daaec737852989aef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 49616
expires: Mon, 07 Oct 2024 08:40:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 11 KB
11 KB 17ms
14ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1668763329%2F22187488-usuWaMDK.jpg&v=3&w=400&rid=4&s=r3LWFcNFunxywSEQg7prWOpL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

25aee31d64662c806664162a986b9261cba609818c0d3954b5298e86a012372a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 11296
expires: Wed, 08 Nov 2023 21:20:59 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 19 KB
19 KB 22ms
20ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1689587144%2F23095949-Owv0Zgh2.jpg&v=3&w=400&rid=4&s=cgBsZDfDDCBp7nMa_6l1KOI0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8d1d0fc56ee38959ac759f860e116129d384d574db33a9c0b5d7961c45234a8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 19184
expires: Fri, 10 Nov 2023 13:12:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 38 KB
38 KB 23ms
20ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1657621342%2F22138046-f5OR5eS0.jpg&v=3&w=400&rid=4&s=UAHtCddIpEr1pGcyk7ENFyBm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ca241ab83e979506f525c16edd60aacabd315c5ae562174c8a06d9dd4c7971ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 38468
expires: Fri, 10 Nov 2023 19:35:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 16 KB
16 KB 22ms
20ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1666356629%2F22225993-6dpe7DyO.jpg&v=3&w=400&rid=4&s=ABfvee_vh5o3jZCcPR9h_Hep&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7e54d9b59ac004121d725a7dcc163f0c822be69cf98b34cc4500c4e96d393632

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 16644
expires: Mon, 06 Nov 2023 06:59:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 39 KB
39 KB 33ms
32ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1691676143%2F23142630-MZsXE9ID.jpg&v=3&w=400&rid=4&s=OKICdFrW6S3t7M3vtR3Q8S3M&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2d28750e0d7b32bf39baa2f5c69b3c26b547e24802407370a13c9c657d21f9bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 40114
expires: Fri, 10 Nov 2023 07:29:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame A194 19 KB
19 KB 35ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1512554171%2F17312573-DGuU4KUk.jpg&v=3&w=400&rid=4&s=1DVbpcwKIxJPDCL8HeVihdpQ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9d59193f983cef22739b510a95f91d98b5fa3c308de52d24eb0ff3f57418d63c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 19092
expires: Fri, 10 Nov 2023 13:08:02 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A194 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=SyaLfRkxDU7Rmqrn7oatNSF-6LLQqe69kPNf2I_aCrQapEpos18OtNPpBuT899aHfyWfrVhxUxfA5CbjXcr_qStPhUyG6F1Xz80NOXHUyoDkhrHl2AB5I8MRtyjWf0xYX5xFvKd8YNr6FyfpI5W4mInLbVj1txWDNbCDEdjCyfnnFs8kDQaVpqw_XNvTzsoW59fn688cMyRizpVhIXuqoCr_ZJB8oJXY2fK5QdckEWre92awx2-f_sxPGiiW_KgnJ7t-kQ&sds=2&rev=89168&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame A194 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame A194 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 30 Oct 2024 15:06:34 GMT

GET
H2 200 impl.20231104-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 7692 816 KB
169 KB 8ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1a13104b31dd0bb02d6033beecc192d5cd5516c401354189848944a281ceb9f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: LeXW8hJo35Q2Z1bfi3sGr8bIGxd6S06o
content-encoding: br
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:34 GMT
x-amz-request-id: JJ6Q4HP03GSTTNRP
age: 14554
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172844
x-amz-id-2: 06ecyvxa5chRASaAUsPnjN/zYvz6v9wj2vrrAailNBDcxpt8WV8Fu7M1/dA9YN9WwDc2LyJdP7I=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 05 Nov 2023 10:55:30 GMT
server: AmazonS3-br
x-timer: S1699196795.848965,VS0,VE0
etag: "9c7ac343c1d13ad6cd631851f2cb8150"
vary: Accept-Encoding
content-type: application/javascript
abp: 23
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 55464

GET
H2 200 impl.20231104-7-RELEASE.js Show response
cdn.taboola.com/libtrc/ Frame 097B 816 KB
169 KB 14ms
14ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3-br /
Resource Hash: 1a13104b31dd0bb02d6033beecc192d5cd5516c401354189848944a281ceb9f9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: LeXW8hJo35Q2Z1bfi3sGr8bIGxd6S06o
content-encoding: br
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:34 GMT
x-amz-request-id: JJ6Q4HP03GSTTNRP
age: 14554
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 172844
x-amz-id-2: 06ecyvxa5chRASaAUsPnjN/zYvz6v9wj2vrrAailNBDcxpt8WV8Fu7M1/dA9YN9WwDc2LyJdP7I=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 05 Nov 2023 10:55:30 GMT
server: AmazonS3-br
x-timer: S1699196795.852739,VS0,VE1
etag: "9c7ac343c1d13ad6cd631851f2cb8150"
vary: Accept-Encoding
content-type: application/javascript
abp: 55
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 55465

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0751 0
0 60ms
59ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CqIEjea9HZYjUMsHHtwf46JQoyZ7SsVzVnZH3cMCNtwEQASAAYJUCggEXY2EtcHViLTI4MzgzNDk3MzA5NjY0MznIAQmpAircdGgTAbI-4AIAqAMByAMCqgSmAk_QYtnMdcjzSjMekF-d3ddnmeY4RQXss7lgfbVFUzS65hvZp9hizRI4bttLQrVEKadPjuqBWbScLJZxSvy-ytLX8tiWwfDHz5Tg7Lgfe5_GESfov8w45_-koSM506qfPedgJRCoL68fvV8-mlrWghNkLg8KIGto1-xITNv1e23iaV0GcNq-tAoN4YaAArKFSDTjV5ShvwEpbnSCoNk89pp-2FCvr2QjneHAWiuaSSi2dohAXC7205BjKUS3UYe32Y7hNlxWez9C5KhaMeQrjWN8FthRsYUq3h4qmoejfSI343976-5eZtJIOWeobpYDO1cfZJ0oGEdopzgo8DlYmgB9A5R3SVMvkL9DEyVYc8py9OHBLBVoGadQe6m-wpZmM5SLkLVzCeAEAYAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi0yODM4MzQ5NzMwOTY2NDM5GOKgHQ&sigh=UfBbZb9uEC0&uach_m=[UACH]&cid=CAQSTgDICaaN3GHsnnw-UpOi1dzrTjCXfPw5MNqII1Iep-pOWx3bkszi9VmzgfjbtbbUIXNLgo6wOCCt_z2s_QcEdTDkVy9hG8SEs4IACwVUcxgB&cbvp=2&vis=1
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 0751 0
125 B 21ms
18ms Image
text/plain 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kqW_EOZZ1AM8nYNiAgIAAADRVRjMOa0iRyuHbIUQea9HZWa35MMiZJngwO0AABIAAAoKQVFVQkR3RUJEdw&wp=ZUeveQAMqggK7ePBAAU0eLB4kDnKRBDTJXJTow&cbvp=2

Requested by

Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 268671
server: Kestrel
content-length: 0

GET
H2 200 sync Show response
gum.criteo.com/ Frame 7692 73 B
313 B 15ms
15ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

38a64ab79a54e2862f213b2afd43703c40f1b198dcd5194ea974629cea0ceaad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 980854
expires: 60

GET
H2 200 userx.20231104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 7692 17 KB
6 KB 9ms
9ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30b5c6ea04b9280ccb8e70d394464892d5f8b0d15ca050eae006a532639775bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: u5tYYBoVJmB_E9wudmu7DTaX0i4x9EjM
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:34 GMT
x-amz-request-id: 35HTASNZQNX3SK6W
age: 14551
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5398
x-amz-id-2: k8Cw0eUlnPnTK81o2tY3QNtP+o6NsgGA8n2FVl9ObikJ71h86Rw1zjkRUZBhH7rKE2UKvRnO6xI=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 05 Nov 2023 10:55:23 GMT
server: AmazonS3
x-timer: S1699196795.929817,VS0,VE0
etag: "f8f3e0187c593f736a95dc20a0b21b9c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 2
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7989

GET
H2 204 abtests
am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/3/ Frame 7692 0
232 B 53ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/3/abtests?route=AM:AM:V&tvi48=10143&tvi50=13497&lti=deflated&ri=9495e87c5159a6ef84f58c258ab9c836&sd=v2_3d65b0be708bf0c3a15965e28806f17f_39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8_1699196792_1699196792_CIi3jgYQ3NFbGI-P-OimwMKhDyABKAEwODib4wlAiIoQSKKz2QNQ____________AVgAYABojrjL2PDaz7tbcAA&ui=39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8&pi=/safeframe/1-0-40/html/container.html&wi=118465052090928661&pt=home&vi=1699196794922&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1699196794921%7D&tim=16%3A06%3A34.922&id=5574&llvl=2&cv=20231104-7-RELEASE&
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 sync Show response
gum.criteo.com/ Frame 097B 73 B
313 B 16ms
16ms Script
text/javascript 2a02:2638:3::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS

Requested by

Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1c3d18efcc096d745195fa76dadf483c70195ff3a8f293babe0c85153e38aaa1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:34 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 974578
expires: 60

GET
H2 200 userx.20231104-7-RELEASE.es6.js Show response
cdn.taboola.com/libtrc/ Frame 097B 17 KB
5 KB 7ms
7ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/userx.20231104-7-RELEASE.es6.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/emtekdigital-fimelaheaderbidding/loader.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 30b5c6ea04b9280ccb8e70d394464892d5f8b0d15ca050eae006a532639775bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: u5tYYBoVJmB_E9wudmu7DTaX0i4x9EjM
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:34 GMT
x-amz-request-id: 35HTASNZQNX3SK6W
age: 14551
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 5398
x-amz-id-2: k8Cw0eUlnPnTK81o2tY3QNtP+o6NsgGA8n2FVl9ObikJ71h86Rw1zjkRUZBhH7rKE2UKvRnO6xI=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 05 Nov 2023 10:55:23 GMT
server: AmazonS3
x-timer: S1699196795.974023,VS0,VE0
etag: "f8f3e0187c593f736a95dc20a0b21b9c"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
abp: 60
access-control-allow-origin: *
cache-control: private,max-age=2629743
accept-ranges: bytes
x-cache-hits: 7990

GET
H2 204 abtests
am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/3/ Frame 097B 0
231 B 15ms
14ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/3/abtests?route=AM:AM:V&tvi48=10143&tvi50=13497&lti=deflated&ri=2bb1f59ba33e1b7c29d59c5e1c855da6&sd=v2_3d65b0be708bf0c3a15965e28806f17f_39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8_1699196792_1699196792_CIi3jgYQ3NFbGI-P-OimwMKhDyABKAEwODib4wlAiIoQSKKz2QNQ____________AVgAYABojrjL2PDaz7tbcAA&ui=39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8&pi=/safeframe/1-0-40/html/container.html&wi=118465052090928661&pt=home&vi=1699196794971&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1699196794970%7D&tim=16%3A06%3A34.971&id=5396&llvl=2&cv=20231104-7-RELEASE&
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Sun, 05 Nov 2023 15:06:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"

GET
H2 200 bb622a3a05ffdd662abe4330d712582c.jpg
images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1110%2Cx_0%2Cy_290/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7692 54 KB
55 KB 18ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1110%2Cx_0%2Cy_290/https%3A//cdn.taboola.com/libtrc/static/thumbnails/bb622a3a05ffdd662abe4330d712582c.jpg
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 649923bbbf618be50095bf36b767dc89029b49f8c992e16fc264203f8e894ccd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 05 Nov 2023 15:06:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/c_crop%2Cf_jpg%2Cq_auto%2Ce_sharpen%2Car_2%2Cw_1110%2Cx_0%2Cy_290/https%3A//cdn.taboola.com/libtrc/static/thumbnails/bb622a3a05ffdd662abe4330d712582c.jpg
age: 187349
edge-cache-tag: 424381995862135594000471372330309687459,355474082985199115587074344674736423369,29ecf9b93bbf306179626feeda1fab70
cache-tag: 424381995862135594000471372330309687459,355474082985199115587074344674736423369,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, MISS, MISS, MISS, HIT
x-envoy-upstream-service-time: 924
req-referer: https://dl.gmx.net/
content-length: 55272
x-request-id: 853f2d9ac4939e0be7a8a68ff257d589
x-backend-name: CH_nlb803
x-served-by: cache-iad-kcgs7200048-IAD, cache-iad-kiad7000023-IAD, cache-lga21955-LGA, cache-iad-kiad7000038-IAD, cache-fra-etou8220094-FRA
last-modified: Fri, 03 Nov 2023 10:35:38 GMT
server: nginx
surrogate-reporting: width=1110,height=555,bytes=88630,owidth=1110,oheight=1135,obytes=122333
x-timer: S1699196795.003207,VS0,VE1
etag: "f95502284269cfafc1fb62e87b07d5c4"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 0, 0, 1

GET
H2 200 4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_144%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/ Frame 7692 7 KB
8 KB 18ms
9ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_144%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 7628a1d2f9791d585461ffe9b850779e71c0481590165b6eb8c0f6eb2eb7963e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 1
date: Sun, 05 Nov 2023 15:06:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_144%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/STABLE_DIFFUSION/ESD/4b91b444-2376-45e5-978b-963ae7080532__jHs9YASX.jpg
age: 4633723
edge-cache-tag: 572334028336925349237733819278881307382,351676877164977321198951005839697528119,29ecf9b93bbf306179626feeda1fab70
cache-tag: 572334028336925349237733819278881307382,351676877164977321198951005839697528119,29ecf9b93bbf306179626feeda1fab70
x-cache: MISS, MISS, HIT, HIT, HIT
x-envoy-upstream-service-time: 22
expiration: expiry-date="Fri, 29 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://config.seedtag.com/
content-length: 6962
x-backend-name: LA_nlb204
x-served-by: cache-iad-kjyo7100036-IAD, cache-iad-kcgs7200083-IAD, cache-lax10641-LGB, cache-iad-kiad7000142-IAD, cache-fra-etou8220094-FRA
last-modified: Tue, 29 Aug 2023 05:02:27 GMT
server: nginx
surrogate-reporting: width=360,height=144,owidth=1536,oheight=1024,obytes=134205
x-timer: S1699196795.003002,VS0,VE1
etag: "233c99b64ecfff0346e555fae1b7b67a"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 0, 1, 39, 1

GET
H2 200 4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_144%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 7692 13 KB
14 KB 25ms
16ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_144%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: af671e6b49648fc9e64f4f677c5e8b75497a572ee0184e0f5e0670442291fac5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 7
date: Sun, 05 Nov 2023 15:06:35 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_144%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/4a3e074f7f879ff2c57035d9a5f5b14b.jpeg
age: 2265763
edge-cache-tag: 357448101114990970740830143965164562630,351676877164977321198951005839697528119,29ecf9b93bbf306179626feeda1fab70
cache-tag: 357448101114990970740830143965164562630,351676877164977321198951005839697528119,29ecf9b93bbf306179626feeda1fab70
x-cache: HIT, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time: 259
expiration: expiry-date="Sun, 10 Sep 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer: https://storage.googleapis.com/
content-length: 13642
x-backend-name: LA_nlb201
x-served-by: cache-iad-kcgs7200161-IAD, cache-iad-kjyo7100163-IAD, cache-sna10729-LGB, cache-iad-kcgs7200095-IAD, cache-fra-etou8220094-FRA
last-modified: Thu, 10 Aug 2023 10:10:45 GMT
server: nginx
x-timer: S1699196795.003015,VS0,VE7
etag: "4c14ba80714a3b341d9d5c2b18791b4b"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 1, 0, 0, 37, 1

GET
H2 204 debug
am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/2/ Frame 7692 0
90 B 14ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/2/debug?tim=16%3A06%3A35.000&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=8177&cv=20231104-7-RELEASE&lt=deflated&pct=1
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12889

GET
H2 204 debug
am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/2/ Frame 097B 0
90 B 13ms
13ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://am-trc-events.taboola.com/emtekdigital-fimelaheaderbidding/log/2/debug?tim=16%3A06%3A35.001&type=warn&msg=TRC.TranslationsManager%20-%20missing%20feature%20in%20translationMap%3A%20userx.&llvl=2&id=6956&cv=20231104-7-RELEASE&lt=deflated&pct=1
Requested by: Host: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12889

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame A158 0
0 88ms
56ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst4HjK-bnkXtfoad5JP6xHXB2fRXX1Zn1oenoe-7LcSALQRGpgHDMBVT_sZczZ--ML8q7gYAHpEPi2xTSBADqsn2ReVq30K5aD4RN2IcrR3CL6tvgCYWTVer2F5V0IeHVQCw6ri-hD7pbFi2wWVl9JdvrBtSxgq4CyLx3RgFPhjlianZvQc5FuxznAPl_ImxSLPTqJL8ZSPkTzS00emGcx52Jp4ozRX2DPeJG46jwlx2kPFsplDxRA6xiQ3T8t-AQgbUfmjyOwtfFhLXwZ26GLTXyJMZrREwJh3ypryVf8xGW2nW-vifTZtrt_ppRmfYXwisQyGTHefltq0CtENRll7ezocPoY0Z9z4GhCDP8CSNhdp_x8hECvQuXsihP1w0JVs6zo&sai=AMfl-YQLyf05AkFmMjYTUeKK9e-9P3KekU3oJ48Pkp8DrDGHbKzGZP6yt-abh_WBwRNsQwOOS4Pdp6r1CDKxNpNEQLCLXndA2JAKcHYX65F7V_exWaWpuG2PKWp0S1saJrzwXqUl6hD2B0HJrokTSekaSg&sig=Cg0ArKJSzNfjFijPKkzcEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Nov 2023 15:06:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5BC8 0
0 78ms
53ms Fetch
image/gif 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpg8XjC_3RDAXKZnXX0HwhBFmyypSnCEzV7QM8qOdfDtqNiY2Bfzoe2hISswwSUPrA1wCTJo4WtrIKQHyoNMC8zqElXe-MfuNB2g81ZCmHZUct_ZP6KDFsgkPzOL-Gvg-EzJSUMGXnQFCvjZVeiSXjuFEzug_eoHK7gMb16nwPyfNalkAl3_hkJ6OpJKsR2-9jpnMSGu01fxbu9RN6ZT3vL4m11fe2lBSC71HF3bwecuWA-HdVdg5RXO0Xir1UbdPZMIwZmtv0djMb5bGkOvCdLLeTuQvYPrJ8kftD9Lkaph7qVWNPIe-10Luu_tsAlvd96EQGPdAMxKCy__L2Km28vLItQLDupwGbON54Lp-P_7LpDicatFO6NJQ-VdX8CXCg_C2txWQ&sai=AMfl-YTMpyCnzTRqg7kUa_VIRMibyhbZComTDLujawDWSOlVFrFkPCYv9-YJ2reOXwHs6NiLIy9_iQnAkKoir6-AbvK4pbMqdU_DZnrsedw9BwlPU6wHyebL2JLUsBBXhNI6fRiVHn0FtasWAdzvVzNIvg&sig=Cg0ArKJSzBNsuYJETe9uEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 05 Nov 2023 15:06:35 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ 70 B
150 B 119ms
35ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=7zx04jb&ttd_puid=www.fimela.com;4cc94913-9087-4593-b23b-3ab920160540&ttd_tpi=1&gdpr=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2 200 client Show response
accounts.google.com/gsi/ 199 KB
79 KB 142ms
63ms Script
application/javascript 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: cdn-production-assets-kly.akamaized.net
URL: https://cdn-production-assets-kly.akamaized.net/custom_scripts/20231018074008.desktop.fimela.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f11d0190d676c1a0772b71b30549e6b2566646cd65dd572f43a9cccb90f99a4c

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rJaYOYbSplPUU7RjxEddyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-rJaYOYbSplPUU7RjxEddyA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=1800
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 05 Nov 2023 15:06:35 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
65ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0412372692883fca0ea7444053c7b71297d77d06adde3a4865ddc287cf376e56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12124
x-xss-protection: 0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 291 KB
98 KB 29ms
29ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-C4WGB6F2KB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDJLBKS

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2795a62c509b59cdda15c8966771a675b28811636a3105068398e68323358ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 100371
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sun, 05 Nov 2023 15:06:35 GMT

GET
H2

200

cs.js Show response
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain

https://sb.scorecardresearch.com/c2/12418281/cs.js
https://sb.scorecardresearch.com/internal-c2/default/cs.js

0
384 B

12ms
11ms

Script
application/javascript

108.157.4.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol: H2
Server: 108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-121.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 04:24:13 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
last-modified: Mon, 03 Jul 2023 14:48:48 GMT
server: AmazonS3
x-amz-cf-pop: DUS51-P2
age: 38627
x-amz-server-side-encryption: AES256
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
accept-ranges: bytes
content-length: 0
x-amz-cf-id: o9ND8gI4nQDDp9F_qxdVnKzWFQQPsr1gnHhK_BoU6EDQTEvZVNrMRA==

Redirect headers

date: Sun, 05 Nov 2023 15:06:35 GMT
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
accept-ch: UA, Platform, Arch, Model, Mobile
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
location: /internal-c2/default/cs.js
content-length: 0
x-amz-cf-id: Kealp7FbhsIrFd9yyPFgdJBQz-NB0Plwu4hsq7ltGwDptHZIdwclFQ==

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=211535687&t=timing&_s=2&dl=https%3A%2F%2Fwww.fimela.com%2F&dp=%2F&dh=www.fimela.com&ul=en-us&de=UTF-8&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3674&pdt=467&dns=0&rrt=376&srt=325&tcp=28&dit=1242&clt=1253&_gst=1018&_gbt=1112&_u=aHDAgQABAAAAAG~&jid=&gjid=&cid=130911004.1699196792&tid=UA-108534636-7&_gid=674876548.1699196792&gtm=GTM-PDJLBKS&cg1=ChannelPage&cg2=&cg5=ChannelPage&cd4=0&cd7=&cd17=ChannelPage&cd18=root&cd19=&cd20=false&cd21=1699196792371.yosozjm&cd22=2023-11-05T16%3A06%3A32.371%2B01%3A00&cd25=Desktop&cd26=&cd37=&cd41=0&cd44=0&cd45=&cd46=&cd47=&gcd=11l1l1l1l1&z=2010393144

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 04 Nov 2023 17:45:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 76871
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 05 Nov 2023 15:06:35 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10939207544/ 3 KB
1 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10939207544/?random=1699196795137&cv=11&fst=1699196795137&bg=ffffff&guid=ON&async=1&gtm=45je3b11v893656019z877758889&gcd=11l1l1l1l1&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&hn=www.googleadservices.com&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&auid=1812385534.1699196792&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4WGB6F2KB&l=dataLayer&cx=c

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

215186ef4611d9bf40c8d36b41687c3c8399714ee998cadf215e042c5babbf01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1330
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
55 B 21ms
19ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C4WGB6F2KB&gtm=45je3b11v893656019z877758889&_p=1699196792210&_gaz=1&gcd=11l1l1l1l1&cid=130911004.1699196792&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699196795&sct=1&seg=0&dl=https%3A%2F%2Fwww.fimela.com%2F&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&en=page_view&_fv=1&_ss=1&tfd=3801
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4WGB6F2KB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 204 collect
stats.g.doubleclick.net/g/ 0
17 B 18ms
18ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-C4WGB6F2KB&cid=130911004.1699196792&gtm=45je3b11v893656019z877758889&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4WGB6F2KB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 55ms
55ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-C4WGB6F2KB&cid=130911004.1699196792&gtm=45je3b11v893656019z877758889&aip=1&z=1964717051

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 08D8 13 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5800
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 13:29:55 GMT
expires: Mon, 04 Nov 2024 13:29:55 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5326 829 B
561 B 25ms
25ms Document
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ee4660de487d2bfe33bfb1420af711debc54cd07052af1d5fb9ead84680b13b9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-WRYOxRZlqY2DNx0gsG-F7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-WRYOxRZlqY2DNx0gsG-F7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 05 Nov 2023 15:06:35 GMT
expires: Sun, 05 Nov 2023 15:06:35 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 /
www.google.com/pagead/1p-user-list/10939207544/ 42 B
64 B 28ms
26ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10939207544/?random=1699196795137&cv=11&fst=1699196400000&bg=ffffff&guid=ON&async=1&gtm=45je3b11v893656019z877758889&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNIGMotB1z199gSR7sbWdRRlVHFR-z--HXhg9DELbdcQeQo-19&random=3616251846&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/10939207544/ 42 B
64 B 29ms
28ms Image
image/gif 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10939207544/?random=1699196795137&cv=11&fst=1699196400000&bg=ffffff&guid=ON&async=1&gtm=45je3b11v893656019z877758889&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.fimela.com%2F&frm=0&tiba=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&data=event%3Dgtag.config&fmt=3&is_vtc=1&cid=CAQSKQDICaaNIGMotB1z199gSR7sbWdRRlVHFR-z--HXhg9DELbdcQeQo-19&random=3616251846&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js Show response
pagead2.googlesyndication.com/bg/ Frame 08D8 38 KB
15 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 13:29:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5854
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15096
x-xss-protection: 0
last-modified: Tue, 31 Oct 2023 13:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 04 Nov 2024 13:29:01 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5326 0
0 124ms
124ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=280461385158023&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 08D8 0
10 B 14ms
14ms Image
text/plain 2a00:1450:4001:830::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?cqtGTw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 style
accounts.google.com/gsi/ 533 B
586 B 89ms
88ms Stylesheet
text/css 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/style

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--s-fNMR4wFmay66nG-2vgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
content-security-policy: script-src 'report-sample' 'nonce--s-fNMR4wFmay66nG-2vgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
x-frame-options: SAMEORIGIN
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type: text/css; charset=utf-8
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Sun, 05 Nov 2023 15:06:35 GMT

GET
H2 403 status Show response
accounts.google.com/gsi/ 37 B
527 B 71ms
71ms XHR
application/json 2a00:1450:4001:831::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/status?client_id=414618812007-4es080tfh5tdolngppqg7vemsv50b947.apps.googleusercontent.com&as=mU%2BCtxH%2Fwus5fImNYQ0UnQ

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/gsi/client

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

2cc0224a3b5f914882edd16c6702de5b752cdac78223338e830cd8c0d58e7f5b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vglDh6A9iOK4IpUbZgDBbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
content-security-policy: script-src 'report-sample' 'nonce-vglDh6A9iOK4IpUbZgDBbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
x-content-type-options: nosniff
content-encoding: gzip
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
pragma: no-cache
server: ESF
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.fimela.com
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 crossmatch-cookies-frame.html Show response
www.youniverse.id/html/ Frame AEC1 5 KB
2 KB 405ms
311ms Document
text/html 34.102.185.47
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.youniverse.id/html/crossmatch-cookies-frame.html?senderCookies=4cc94913-9087-4593-b23b-3ab920160540&senderGAID=GA1.1.130911004.1699196792&senderHost=www.fimela.com&reqCallback=true
Requested by: Host: www.fimela.com
URL: https://www.fimela.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.185.47 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 47.185.102.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 2f03980b59f54e946839bd654cea5f6680dea3eda57b2880624c68f22bdbab98

Request headers

Referer: https://www.fimela.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 70
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: gzip
content-length: 1641
content-type: text/html
date: Sun, 05 Nov 2023 15:05:24 GMT
last-modified: Fri, 03 Nov 2023 08:53:13 GMT
server: nginx
server-node: prod-liputan6id-web-ig-d4gk
vary: Accept-Encoding
via: 1.1 varnish (Varnish/6.0), 1.1 google
x-cache: HIT
x-cache-hits: 1209
x-geek: KLY-Engineer
x-ttl: 300.000

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YV9LXF9F74&gtm=45je3b11v894616107&_p=1699196792210&gcd=11l1l1l1l1&_fid=ckd2u57qsagSJchLn84L3H&cid=130911004.1699196792&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1699196793&sct=1&seg=0&dl=https%3A%2F%2Fwww.fimela.com%2F&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&_s=2&tfd=4182
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?l=dataLayer&id=G-YV9LXF9F74
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H3 200 events
cdp.vidio.com/ Frame 0
0 336ms
336ms Preflight
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.fimela.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://www.fimela.com
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 05 Nov 2023 15:06:35 GMT
via: 1.1 google
x-envoy-upstream-service-time: 16

POST
H3 200 events Show response
cdp.vidio.com/ 0
11 B 363ms
362ms XHR
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/events
Requested by: Host: static-web.prod.vidiocdn.com
URL: https://static-web.prod.vidiocdn.com/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.fimela.com
date: Sun, 05 Nov 2023 15:06:35 GMT
via: 1.1 google
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0751 42 B
64 B 131ms
130ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu0GXbPRZmcIb_vYYJ2bTKsXu61wEpaoHnc4u2X_SxkpN8yJduj3FJ5V346e1ussUAWfJSqE8yl2B2kTWbounBlBIy3wozO9VdERWbnSsYMhuakAxq7&sig=Cg0ArKJSzDTHbDUk1gUOEAE&id=lidar2&mcvt=1000&p=1140,566,1200,1034&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20231101&bin=7&avms=nio&bs=0,0&mc=0.99&if=1&vu=1&app=0&itpl=20&adk=3955450381&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1699196794590&rpt=140&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:35 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame A194 0
127 B 15ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 05 Nov 2023 15:06:35 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 129ms
129ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=280461385158023&bg=!o6CloO_NAAb4oU7C2KE7ADQBe5WfOLceewmN8VqXpmb2AvI3Qo1B_VpsrnF1KjsGV86i5nJ5fG_H3XJ6fE4ssO16dVl2AgAAAGxSAAAACmgBBwoAajbBpBbH-OxO6IsilNHKHjc6yZc7Sh56rHT7ABVDNizl9mb0ySjXKfwFCL-Wf55RUvE5Kw51hpG7CAajng5HwkmysTn03uGl8WxXh9loZJ9Kc8hD3ybTP2KAALD5ZIk_NFOBoV2xZhCTlpyZAvwx5W50KHlZZHvo_QDQCbpZ2bLwg_QSlj-doPzTAcv0Pv-6c1r8Cs4JvAkkVPaJnZvqw8N1LADTubVhFZ9WK1Qc1ZH1eKWNUyrA2uDOfCM3nKtirtm4oh6cafqh5YIs3-mLJCCqUShk7LEOPiTGaRfPnRKLegpzV7kDe-_63BioMZXsuwNyRFjLN3YoFNUgGNw7lJDn0FjXLMz7js79w8qIQoBwhP-Ka7Y-QxueJUuxV_KCdlhHEMGHD6tcbYBURL5gq4ktNJz6qsNAYMObkRhwM_2FmPiigxh1mZAdGImERzFR0AcjDm5K4NtmpRS2IMkx5fdCcR3t4-XJA8RRqmPSXZbCZlX2i-YLiQTo4BwTzKyvd6UWxy-4CzUFOizwabuDboXD8Y5Wt_9v_tJO2QU8bIaLmdv44U8PzRAS3PrDPK5SmZRPP-glQBObdBIsU7oTzNhoDyGGTd3nhkPnBLsleVNSfv5mZJlc3iivlqgGrmFKRaT5Rc2eDsBfXwwM9kk6GrXIM9a-6TpeCm-SPbyNVhxersW0RGIgN-RwpIE7sXcU1RSkV-OKf7DRtEgzC0lr3b7BJsFosEujfLBJxHnaHrBJbls0DhqVdgHCK8WZ8oQlu087WTOXxTnWiRPytCSoDsthFlp18n20NOIOeaQaiSWvniHYugaiB_p44hhD4EtPgM3Q76OW8QsrVtaSwdtu8t50Voe2qKpfoJo0IAPHTF0tSlNsDeaEGmxXKyAF8377vtQmZXwj6x2HY3Ukj5ulgfwqE9awr8DSAj43Pcp4mx9mrJnuQVAtpkM_75Dk9GDx0HhzHNhkcxUZdqco1GpH27PZsT3ztHkApOfUJ250wxQae39Bn3CP3aiIP2hh8lmfvnyQVbMKrAqWMiH7jpQ50o65-UxVxJB9Kx7JtThmKc7G0lBGuvJJDCDKs1-xoRG1SmUJQQgmHHWPvaC_Yw5HhSXi-HLwDH3FIPUxl-18yu71XCkrfSK6wDUoXU6uArZHXT1HOzFGyk7OFw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

POST
H2 204 bulk Show response
trc.taboola.com/emtekdigital-fimelaheaderbidding/log/3/ Frame 7692 0
364 B 21ms
20ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/emtekdigital-fimelaheaderbidding/log/3/bulk?tvi48=10143&tvi50=13497&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 10
date: Sun, 05 Nov 2023 15:06:35 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7459
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230111-FRA
pragma: no-cache
server: nginx
x-timer: S1699196796.959446,VS0,VE10
content-type: image/gif
access-control-allow-origin: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

POST
H2 204 bulk Show response
trc.taboola.com/emtekdigital-fimelaheaderbidding/log/3/ Frame 097B 0
339 B 16ms
16ms XHR
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://trc.taboola.com/emtekdigital-fimelaheaderbidding/log/3/bulk?tvi48=10143&tvi50=13497&route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

x-vcl-time-ms: 9
date: Sun, 05 Nov 2023 15:06:36 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7983
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230111-FRA
pragma: no-cache
server: nginx
x-timer: S1699196796.998569,VS0,VE9
content-type: image/gif
access-control-allow-origin: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
cache-control: no-cache
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 7692 254 B
778 B 9ms
9ms Image
image/png 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date: Sun, 05 Nov 2023 15:06:36 GMT
via: 1.1 varnish
x-amz-request-id: 1V3H9VCVPBG1B2M0
age: 17940
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 254
x-amz-id-2: ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Wed, 24 Jun 2015 07:14:11 GMT
server: AmazonS3
x-amz-meta-s3cmd-attrs: uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer: S1699196796.001880,VS0,VE0
etag: "dfa7b52c86e56bd67fa4002f6ed19854"
content-type: image/png
abp: 6
access-control-allow-origin: *
cache-control: private,max-age=31536000
accept-ranges: bytes
x-cache-hits: 9083

GET
H2 200 ahoy-falcon-2022-01-13-02-35-43.js Show response
static-web.prod.vidiocdn.com/ahoy/ Frame AEC1 15 KB
5 KB 10ms
9ms Script
application/javascript 2.16.202.115
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://static-web.prod.vidiocdn.com/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Requested by: Host: www.youniverse.id
URL: https://www.youniverse.id/html/crossmatch-cookies-frame.html?senderCookies=4cc94913-9087-4593-b23b-3ab920160540&senderGAID=GA1.1.130911004.1699196792&senderHost=www.fimela.com&reqCallback=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.16.202.115 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-202-115.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 57a070b33299c9f4fb90f8ec33ad7bc757bcd4523d2fc9438d54031992d21a32

Request headers

Referer: https://www.youniverse.id/
Origin: https://www.youniverse.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:36 GMT
content-encoding: gzip
last-modified: Thu, 13 Jan 2022 08:20:30 GMT
server: UploadServer
etag: "c805d2d1d4987fcfda26b9bfd5956759"
vary: Accept-Encoding, Accept-Encoding, Origin
x-guploader-uploadid: ADPycdtoUT9VBZgUvV54L4uFXJMo-SWVBf1qECDt0ud9k_ftJGHPRxh-iy6ef7TLkjMYPCfaK9AS4uMx8HB7PKH0hR3FgQ
x-goog-hash: crc32c=q/fApw==, md5=yAXS0dSYf8/aJrm/1ZVnWQ==
content-type: application/javascript
access-control-allow-origin: https://www.youniverse.id
cache-control: no-transform, max-age=31453341
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 4447

GET
H2 200 embed-internal.8324be04cc0adb1be9165f1847ed900281851c7a.js Show response
personalization.vidio.com/ Frame AEC1 18 KB
7 KB 10ms
10ms Script
application/javascript 23.32.238.131
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://personalization.vidio.com/embed-internal.8324be04cc0adb1be9165f1847ed900281851c7a.js?enable_ptid=false
Requested by: Host: www.youniverse.id
URL: https://www.youniverse.id/html/crossmatch-cookies-frame.html?senderCookies=4cc94913-9087-4593-b23b-3ab920160540&senderGAID=GA1.1.130911004.1699196792&senderHost=www.fimela.com&reqCallback=true
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.32.238.131 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-32-238-131.deploy.static.akamaitechnologies.com
Software: UploadServer /
Resource Hash: 80f0ca9c170debfbc6d04f92a1c62b0ddab77287947094956313cce1c41d9f69

Request headers

Referer: https://www.youniverse.id/
Origin: https://www.youniverse.id
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:36 GMT
content-encoding: gzip
last-modified: Thu, 31 Mar 2022 05:04:57 GMT
server: UploadServer
etag: "e6e84f9b8501ca62996cc680fb173510"
vary: Accept-Encoding
x-guploader-uploadid: ADPycdupdlHE_aZKKRbuYQV6d4qAbCjXjwn7FrPd3U-muLGfrvrvn1KLdK-DJUIFJekCdulCVCTGk-FQJBboIvoD2GW7eEccHf3E
x-goog-hash: crc32c=s6OG1g==, md5=5uhPm4UBymKZbMaA+xc1EA==
content-type: application/javascript
access-control-allow-methods: GET,POST
cache-control: public, max-age=3600
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3-Q050=":443"; ma=93600,quic=":443"; ma=93600; v="46,43"
content-length: 7113

OPTIONS
H3 200 visits
cdp.vidio.com/ahoy/ Frame 0
0 463ms
462ms Preflight
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/ahoy/visits
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.youniverse.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://www.youniverse.id
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 05 Nov 2023 15:06:36 GMT
via: 1.1 google
x-envoy-upstream-service-time: 1

POST
H3 200 visits Show response
cdp.vidio.com/ahoy/ Frame AEC1 0
11 B 327ms
327ms XHR
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/ahoy/visits
Requested by: Host: static-web.prod.vidiocdn.com
URL: https://static-web.prod.vidiocdn.com/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youniverse.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.youniverse.id
date: Sun, 05 Nov 2023 15:06:36 GMT
via: 1.1 google
x-envoy-upstream-service-time: 2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 sync
eb2.3lift.com/ 37 B
140 B 11ms
10ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/sync?px=1&src=prebid&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:36 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H/1.1 200
OK cksync.php
cs.media.net/ 52 B
418 B 76ms
22ms Image
image/gif 2.18.160.23
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync.php?cs=8
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.160.23 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-160-23.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 05 Nov 2023 15:06:36 GMT
Server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 52
x-mnet-hl2: E
Expires: Sun, 05 Nov 2023 15:06:36 GMT

GET
H2

200

crum
dsum-sec.casalemedia.com/
Redirect Chain

https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=802778&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=
https://dsum.casalemedia.com/pbusermatch?origin=prebid&site_id=802778&p=1&i=0&gdpr=0&gdpr_consent=&us_privacy=&C=1
https://p.rfihub.com/cm?in=1&pub=2079&gdpr=0
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210827949852790

43 B
340 B

38ms
21ms

Image
image/gif

172.64.151.101
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210827949852790
Protocol: H2
Server: 172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:36 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2F%2BkBReQkGbnU9%2FIlc9dwrKSzjEYtgyLJn%2FbKdEJ6aQp09FzyQsZ9gts3RkbCsFtaqmBFwNTllZj4EpHHCoVJRSiY3m6DFU5Q8RNNY41%2F6FdLerr5b0IGZyAwcQnw9bKMij8rWOMKJ8o3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 8216006b1e993637-FRA
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

Location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5141210827949852790
Date: Sun, 05 Nov 2023 15:06:36 GMT
Server: Jetty(9.4.51.v20230217)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 pd
u.openx.net/w/1.0/ 43 B
132 B 43ms
37ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://u.openx.net/w/1.0/pd
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:36 GMT
content-encoding: gzip
via: 1.1 google
server: OXGW/0.0.0
vary: Accept, Accept-Encoding
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cm
trc.taboola.com/sg/prebidJS/1/ 43 B
120 B 17ms
16ms Image
image/gif 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/prebidJS/1/cm
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 9
date: Sun, 05 Nov 2023 15:06:36 GMT
via: 1.1 varnish
x-fastly-to-nlb-rtt: 7861
x-cache: MISS
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version: v1
x-served-by: cache-fra-eddf8230111-FRA
pragma: no-cache
server: nginx
x-timer: S1699196796.465179,VS0,VE9
access-control-allow-origin: *
cache-control: no-cache, no-store
access-control-allow-credentials: true
accept-ranges: bytes
x-cache-hits: 0

GET
H2 200 ImgSync
image8.pubmatic.com/AdServer/ 0
43 B 92ms
20ms Image
text/plain 185.64.190.79
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image8.pubmatic.com/AdServer/ImgSync?p=156536
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.79 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.fimela.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:35 GMT
content-length: 0

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 7692 3 KB
2 KB 15ms
15ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:36 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 996
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1699196797.919272,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 86
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 7671

GET
H2 200 / Show response
pips.taboola.com/ Frame 7692 64 B
280 B 26ms
7ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 6bc9933cf1275da02fd11435520dee63def1c7e8f1c2be9f1e53d2a6e42279fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230087-FRA
date: Sun, 05 Nov 2023 15:06:36 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame 7692 0
83 B 551ms
88ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8&uad=0ecdd1c67e2f0f4c370f118e55269664f8221cd4107973408c9c691594218fd3&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 05 Nov 2023 15:06:37 GMT
cache-control: no-store
server: nginx

GET
H2 200 cds-pips.js Show response
cdn.taboola.com/scripts/ Frame 097B 3 KB
1 KB 8ms
8ms Script
application/javascript 151.101.193.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/scripts/cds-pips.js
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20231104-7-RELEASE.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id: uLMchp7BESXZGZqPSJ8.FcfKBYdWFxIf
content-encoding: gzip
via: 1.1 varnish
date: Sun, 05 Nov 2023 15:06:36 GMT
x-amz-request-id: 9T8G4R1J257WC6ZV
age: 996
x-amz-server-side-encryption: AES256
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 1347
x-amz-id-2: EtXJZix6twxSRBOalXcDTYlF3ZXZJ0GOcu33LsL8+Qu9Bt435W8ywVX2VgQgr71/qWQ468QSryk=
x-served-by: cache-fra-eddf8230111-FRA
last-modified: Sun, 29 Oct 2023 14:06:32 GMT
server: AmazonS3
x-timer: S1699196797.968903,VS0,VE0
etag: "c52aa1ea682aef8ad5ebf7aff9662e35"
vary: Accept-Encoding
content-type: application/javascript
abp: 70
access-control-allow-origin: *
cache-control: private, max-age=3600
accept-ranges: bytes
x-cache-hits: 7672

GET
H2 200 / Show response
pips.taboola.com/ Frame 097B 64 B
99 B 8ms
7ms XHR
text/plain 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://pips.taboola.com/
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: 6bc9933cf1275da02fd11435520dee63def1c7e8f1c2be9f1e53d2a6e42279fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-served-by: cache-fra-eddf8230087-FRA
date: Sun, 05 Nov 2023 15:06:36 GMT
via: 1.1 varnish
server: Varnish
access-control-allow-methods: GET
x-cache: HIT
access-control-allow-origin: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
cache-control: no-store
accept-ranges: bytes
content-length: 64
retry-after: 0
x-cache-hits: 0

GET
H2 204 / Show response
cds.taboola.com/ Frame 097B 0
83 B 263ms
87ms XHR
text/plain 141.226.224.32
TABOOLA-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.taboola.com/?uid=39a9bf2a-c27b-4f72-b4d0-c6a8bc641226-tuctc4134f8&uad=0ecdd1c67e2f0f4c370f118e55269664f8221cd4107973408c9c691594218fd3&mbl=ZmFsc2U=
Requested by: Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sun, 05 Nov 2023 15:06:37 GMT
cache-control: no-store
server: nginx

GET
H2 200 811d78f0330c4d6ba234a674a6545d2d_cpn_468x60_1.jpg
static.criteo.net/design/dt/3018/4784417/ Frame A194 9 KB
9 KB 15ms
15ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/3018/4784417/811d78f0330c4d6ba234a674a6545d2d_cpn_468x60_1.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

cb59d83d377288bed4eb2b448267c66f4c749b289261e3de3b7090734d3c97be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date: Sun, 05 Nov 2023 15:06:37 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 26 Oct 2023 12:30:42 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "653a5bf2-248a"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 9354
expires: Wed, 30 Oct 2024 15:06:37 GMT

POST
H3 200 events Show response
cdp.vidio.com/ Frame AEC1 0
11 B 320ms
320ms XHR
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/events
Requested by: Host: static-web.prod.vidiocdn.com
URL: https://static-web.prod.vidiocdn.com/ahoy/ahoy-falcon-2022-01-13-02-35-43.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.youniverse.id/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

access-control-allow-origin: https://www.youniverse.id
date: Sun, 05 Nov 2023 15:06:39 GMT
via: 1.1 google
x-envoy-upstream-service-time: 3
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

OPTIONS
H3 200 events
cdp.vidio.com/ Frame 0
0 316ms
316ms Preflight
text/plain 34.149.107.84
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://cdp.vidio.com/events
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.149.107.84 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 84.107.149.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.youniverse.id
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers: Accept, Content-Type, X-Requested-With
access-control-allow-methods: POST
access-control-allow-origin: https://www.youniverse.id
access-control-max-age: 1728000
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sun, 05 Nov 2023 15:06:38 GMT
via: 1.1 google
x-envoy-upstream-service-time: 2

GET
H2 200 72b4885f70b55eff9e0ea334d56db5a6.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 097B 47 KB
47 KB 11ms
10ms Image
image/webp 151.101.1.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.1.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 9ea7eac29a4d600509d6ddf8833e891257bbec889d4eea386a59642e6f2a474d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-vcl-time-ms: 2
date: Sun, 05 Nov 2023 15:06:40 GMT
via: 1.1 varnish, 1.1 varnish
x-debug: /taboola/image/fetch/f_jpg%2Cq_auto%2Ch_667%2Cw_1200%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//cdn.taboola.com/libtrc/static/thumbnails/72b4885f70b55eff9e0ea334d56db5a6.png
age: 964810
edge-cache-tag: 300008752972032478722209158539650481975,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
cache-tag: 300008752972032478722209158539650481975,542123104031085224879637386283300440882,29ecf9b93bbf306179626feeda1fab70
status: 200 OK
x-cache: Miss from cloudfront, MISS, HIT, HIT, MISS, HIT
x-envoy-upstream-service-time: 390
req-referer: https://www.t-online.de/
content-length: 47762
x-request-id: e724275b9f80444cfd4c748a059f29ca
x-backend-name: LA_nlb202
x-served-by: cache-iad-kjyo7100077-IAD, cache-iad-kjyo7100077-IAD, cache-lax-kwhp1940079-LAX, cache-iad-kcgs7200042-IAD, cache-fra-etou8220094-FRA
last-modified: Wed, 25 Oct 2023 07:28:05 GMT
server: nginx
surrogate-reporting: width=715,height=397,bytes=34288,owidth=715,oheight=504,obytes=489555
x-timer: S1699196800.091507,VS0,VE2
etag: "1fdebd550ec6c3b9359e80c87f0d78de"
x-ratelimit-remaining: 100
vary: ImageFormat
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-ratelimit-reset: 1
x-ratelimit-limit: 101
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: X-Requested-With
x-cache-hits: 0, 3, 1, 0, 1

POST
H3 204 collect
region1.analytics.google.com/g/ 0
17 B 17ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-C4WGB6F2KB&gtm=45je3b11v893656019&_p=1699196792210&gcd=11l1l1l1l1&cid=130911004.1699196792&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1699196795&sct=1&seg=0&dl=https%3A%2F%2Fwww.fimela.com%2F&dt=Berita%20Lifestyle%2C%20Selebriti%2C%20Tips%20Cantik%20%26%20Fashion%20Terbaru%20%7C%20Fimela.com&_s=2&tfd=8806
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-C4WGB6F2KB&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.fimela.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sun, 05 Nov 2023 15:06:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.fimela.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/openrtb/2.3/dados/285432?src_sys=prebid

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/openrtb/2.3/dados/285432?src_sys=prebid

Domain: search.spotxchange.com
URL: https://search.spotxchange.com/openrtb/2.3/dados/285432?src_sys=prebid

Domain: 0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Verdicts & Comments Add Verdict or Comment

304 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

55 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.onesignal.com/	1970-01-20 15:59:58	Name: __cf_bm Value: S_FZ81aClMLsrGQ6HimfprHaIQxW58BcdN9kExzrp6s-1699196792-0-Ac2awE0cMeVK4QWCkAkOdVGjCyQhh7NADibgWlTTSIplChUsFdrsLnQb2rkY5EjpVtjggdRoQTYGE1WyboPoFxc=
.fimela.com/	1970-01-20 18:09:32	Name: _gcl_au Value: 1.1.1812385534.1699196792
.fimela.com/	1970-01-20 16:01:23	Name: _gid Value: GA1.2.674876548.1699196792
.fimela.com/	1970-01-20 15:59:56	Name: _dc_gtm_UA-108534636-7 Value: 1
.fimela.com/	1970-01-20 15:59:56	Name: _gat_UA-108534636-7 Value: 1
.fimela.com/	1970-01-21 01:35:56	Name: ahoy_visitor Value: 4cc94913-9087-4593-b23b-3ab920160540
.fimela.com/	1970-01-20 15:59:58	Name: ahoy_visit Value: a1663479-89f1-48fd-92c5-3b6ba50633d7
www.fimela.com/	1969-12-31 23:59:59	Name: js_enabled Value: true
.rubiconproject.com/	1970-01-21 00:45:32	Name: khaos Value: LOLLWCFF-12-5MEG
.rubiconproject.com/	1970-01-21 00:45:32	Name: audit Value: 1\|SDziDG3X/EgSVAAU2Jmiei+IXqvPVzt4X6LBWwGzep07cZe5xyGZWa+M32tQcGRFNdPfb/gzwCa1EZDq2xA7yCYbB5SW5XQ37W8VR6EfjcUijy0RC4Zd8Ri5j99IjSR+
.fimela.com/	1970-01-20 15:59:56	Name: lotame_domain_check Value: fimela.com
.criteo.com/	1970-01-21 01:21:32	Name: uid Value: 917114e4-b003-4e7d-b655-47ce21b5f87b
.fimela.com/	1970-01-21 01:35:56	Name: _ga Value: GA1.1.130911004.1699196792
.fimela.com/	1970-01-21 01:21:32	Name: cto_bundle Value: rdbWmF9XWFNGOGhKRHpEMXJ3dTl1Z0w4cno5RDh4R3VjU0IwTUNvNnROaHhNJTJCNnZzZ0lLOVolMkZYeVVuTUtLT1AwMzY3Rm5IRVJrWmw4eXpVQXh0VDQlMkZhZkdWRGdGMHNYVWhiazlqJTJGbE1jbWdYNEZVV0tKVCUyRmFRa090RzMyQmxpc2pzZm1wQlRjeWlIOFhRSyUyQkxhT1VmJTJGeHg4ZyUzRCUzRA
.openx.net/	1970-01-21 00:45:32	Name: i Value: e45172f8-fa85-45f3-ad4d-8bd8df9d9e2f\|1699196793
.innity.com/	1970-01-20 16:01:23	Name: iGEO Value: DE%7E
.innity.com/	1970-01-21 01:35:56	Name: iUUID Value: 59cb7eb6b0aac1c0eae2660d02624655
.doubleclick.net/	1970-01-21 01:21:32	Name: IDE Value: AHWqTUldDstwyweM1EG6-qh2dKzqeiIYZDLapAcyiGKIhQQFPEH0JVbusvppRhTk7ZM
.fimela.com/	1970-01-21 01:21:32	Name: __gads Value: ID=dc44e677e39b9d59:T=1699196792:RT=1699196792:S=ALNI_MZqku6Y1wPqfEf8F3diN_bKsYeHSA
.fimela.com/	1970-01-21 01:21:32	Name: __gpi Value: UID=00000cc7d3489701:T=1699196792:RT=1699196792:S=ALNI_MYrXKToCXII6IrU5GQH1UJzlpUSbA
.agkn.com/	1970-01-21 00:45:32	Name: ab Value: 0001%3AZjayvNEtZKJ5wVizQBuoSKVxUpzFfonI
.agkn.com/	1970-01-21 00:45:32	Name: u Value: C\|0CEAs2mv5LNpr-QAAAAAAAQ13AQCAAQpAAAAAAA
.travelaudience.com/	1970-01-21 01:30:11	Name: _tracker Value: %7B%22UUID%22%3A%224ECDC7ED-9CD2-45F2-2C50-82CBA0AEAF4A%22%7D
.doubleclick.net/	1970-01-20 16:00:00	Name: DSID Value: NO_DATA
.adform.net/	1970-01-20 16:43:08	Name: C Value: 1
.adform.net/	1970-01-20 17:26:20	Name: uid Value: 3174489790023813568
.e.dlx.addthis.com/	1970-01-21 01:30:11	Name: na_tc Value: Y
.innovid.com/	1970-01-20 18:09:32	Name: uuid Value: 5f7c356e-8565-416f-a216-5943ba50ba36-20231105 10:06:34
.addthis.com/	1970-01-21 01:30:11	Name: na_id Value: 2023110515063400013906107245
.addthis.com/	1970-01-21 01:30:11	Name: na_tc Value: Y
.addthis.com/	1970-01-21 01:30:11	Name: uid Value: 6547af7a7d6bd3fb
.addthis.com/	1970-01-21 01:30:11	Name: ouid Value: 6547af7a000102fefe487b0e64e7568ef9ace7cff2563d0a694f
.dlx.addthis.com/	1970-01-20 16:43:08	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 16:43:08	Name: na_sr Value: 20231105
.dlx.addthis.com/	1970-01-20 15:59:56	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 16:43:08	Name: na_sc_e Value: 0
.3lift.com/	1970-01-20 18:09:32	Name: tluid Value: 1018730228523475623756
.ctnsnet.com/	1970-01-21 00:45:32	Name: cid_cce579813f03498d835abcd3d793153e Value: 1
.ctnsnet.com/	1970-01-21 00:45:32	Name: gid_CAESEJA53lDsVuIvTb8BUUkdslA Value: 1
.blismedia.com/	1970-01-21 00:45:36	Name: b Value: 6547AF7AB056A15DE96D3761BLIS
.quantserve.com/	1970-01-20 18:09:32	Name: d Value: EB8BCQGtKoEA
.quantserve.com/	1970-01-21 01:30:11	Name: mc Value: 6547af7a-b1dfc-1fd27-377b9
.de17a.com/	1970-01-21 00:38:20	Name: guid Value: 1.3614957331595472228
.fimela.com/	1970-01-21 01:35:56	Name: _ga_C4WGB6F2KB Value: GS1.1.1699196795.1.0.1699196795.60.0.0
.www.fimela.com/	1970-01-20 16:00:25	Name: google_tap_signin_dialog_today Value: 1
.fimela.com/	1970-01-21 01:35:56	Name: _ga_YV9LXF9F74 Value: GS1.1.1699196793.1.0.1699196795.58.0.0
.youniverse.id/	1970-01-21 01:35:56	Name: ahoy_visitor Value: 4bae41a9-3fee-4450-a9f4-d6e90727fee7
.youniverse.id/	1970-01-20 15:59:58	Name: ahoy_visit Value: b157bfd5-ef0f-45fc-8aca-1467b4def154
.casalemedia.com/	1970-01-21 00:45:32	Name: CMID Value: ZUevfL4we5bMgPibT3McZQAA
.casalemedia.com/	1970-01-20 18:09:32	Name: CMPS Value: 2218
.casalemedia.com/	1970-01-20 18:09:32	Name: CMPRO Value: 2218
www.fimela.com/	1970-01-21 00:45:32	Name: youniverse_id Value: 4bae41a9-3fee-4450-a9f4-d6e90727fee7
.rfihub.com/	1970-01-21 01:21:32	Name: rud Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrc0sbQwBVIGQnyGuvlFOZ7BFv5uKY5BrgDhl8whJQAAAA
.rfihub.com/	1970-01-21 01:21:32	Name: eud Value: H4sIAAAAAAAA__vFyGtoZmlpaGlmbmlmZmwAAIz1iYkQAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAA_-MSNjU0MTQyNLAwMrc0sbQwBVIGQnyGuvlFOZ7BFv5uKY5BrgDhl8whJQAAAA

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://cdn-production-assets-kly.akamaized.net/custom_scripts/20231018074008.desktop.fimela.js(Line 786) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://search.spotxchange.com/openrtb/2.3/dados/285432?src_sys=prebid Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://search.spotxchange.com/openrtb/2.3/dados/285432?src_sys=prebid Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://search.spotxchange.com/openrtb/2.3/dados/285432?src_sys=prebid Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://id.rlcdn.com/466606.gif?cparams=google_push%3DAXcoOmR8GQuonhusTBcGcSBEjy8yebrmjgDnjUedleOsbVAWQ4mguSU7DJbDsw17srxaaz0PxtOD00tfMpAtfqf84WnxrjDXxUNqrk0&google_gid=CAESENDFWj5C4zNCtCcsbb479dU&google_cver=1 Message: Failed to load resource: the server responded with a status of 451 ()
other	warning	URL: https://0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html(Line 15) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://accounts.google.com/gsi/status?client_id=414618812007-4es080tfh5tdolngppqg7vemsv50b947.apps.googleusercontent.com&as=mU%2BCtxH%2Fwus5fImNYQ0UnQ Message: Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
a.teads.tv
accounts.google.com
ads.eu.criteo.com
ads.travelaudience.com
adserver.kl-youniverse.com
ag.innovid.com
ajax.googleapis.com
am-trc-events.taboola.com
api.taboola.com
as.innity.com
bcp.crwdcntrl.net
c1.adform.net
c2shb.pubgw.yahoo.com
cat.nl3.eu.criteo.com
cdn-production-assets-kly.akamaized.net
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.onesignal.com
cdn.prod.uidapi.com
cdn.taboola.com
cdn0-production-images-kly.akamaized.net
cdn1-production-assets-kly.akamaized.net
cdn1-production-images-kly.akamaized.net
cdnjs.cloudflare.com
cdns.klimg.com
cdp.vidio.com
cds.taboola.com
cm.g.doubleclick.net
cms.quantserve.com
cs.media.net
csm.eu.criteo.net
d.agkn.com
d5p.de17a.com
dis.criteo.com
display.bidder.taboola.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.dlx.addthis.com
eb2.3lift.com
emtek-d.openx.net
event.fimela.com
fastlane.rubiconproject.com
firebase.googleapis.com
firebaseinstallations.googleapis.com
firebaseremoteconfig.googleapis.com
fonts.googleapis.com
gcm.ctnsnet.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image8.pubmatic.com
imageproxy.eu.criteo.net
images.taboola.com
invstatic101.creativecdn.com
match.360yield.com
match.adsrvr.org
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
p.rfihub.com
pagead2.googlesyndication.com
partner.googleadservices.com
personalization.vidio.com
pips.taboola.com
prebid.media.net
preview-kly.akamaized.net
prg-apac.smartadserver.com
region1.analytics.google.com
rtb.fr3.eu.criteo.com
rtbcdn.andbeyond.media
sb.scorecardresearch.com
search.spotxchange.com
securepubads.g.doubleclick.net
static-web.prod.vidiocdn.com
static.criteo.net
stats.g.doubleclick.net
tags.crwdcntrl.net
targeting.unrulymedia.com
tlx.3lift.com
tpc.googlesyndication.com
tr.blismedia.com
trc.taboola.com
u.openx.net
unpkg.com
www.fimela.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.youniverse.id
x.bidswitch.net
0eb968d5b345746fdd609a27e2e38e90.safeframe.googlesyndication.com
search.spotxchange.com
108.157.4.121
13.248.245.213
141.226.224.32
141.226.228.48
142.250.181.226
142.250.185.130
151.101.1.44
151.101.131.52
151.101.193.44
151.101.65.44
162.19.138.120
172.64.151.101
178.250.1.6
178.250.1.9
18.159.232.130
18.66.248.77
185.64.189.112
185.64.190.79
185.89.210.46
193.0.160.130
2.16.164.112
2.16.202.115
2.18.160.23
2.19.126.87
2.19.126.96
2.19.198.49
2.19.245.101
2001:4860:4802:34::36
213.155.156.166
23.32.238.131
23.32.238.153
23.32.238.154
2600:9000:243d:2c00:a:e047:753:a221
2602:803:c003:200::41
2606:4700:10::ac43:266a
2606:4700::6810:5814
2606:4700::6810:7baf
2606:4700::6811:190e
2606:4700::6812:d63b
2620:116:800d:21:93ca:31d8:d86e:38f6
2a00:1450:4001:806::2002
2a00:1450:4001:808::2003
2a00:1450:4001:808::200a
2a00:1450:4001:808::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:813::2002
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2001
2a00:1450:4001:830::200a
2a00:1450:4001:831::200d
2a00:1450:400c:c06::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::c
2a02:2638:d::c
2a04:4e42:400::300
2a05:d01c:1d8:8100:8fce:4ad0:61a1:a65c
3.120.100.40
34.102.146.192
34.102.185.47
34.120.107.143
34.120.63.153
34.128.127.30
34.149.107.84
34.87.106.44
34.96.105.8
34.96.70.87
35.186.193.173
35.190.0.66
35.190.21.225
35.244.159.8
35.244.174.68
35.71.131.137
37.157.4.28
46.228.174.115
47.254.199.63
5.196.111.65
52.28.203.152
52.29.129.24
54.77.82.203
63.32.119.33
95.101.200.166
00b079c7ce7150ff773812cdc65f7dbe50375010031a9381187f5b8a7e9dd6e5
0412372692883fca0ea7444053c7b71297d77d06adde3a4865ddc287cf376e56
04e4826be27264de184e934234f9f5166f0cca0a8088424d2cff44e5ee37f591
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0674c10755fa38a071c19729971be7aadf20e71905f28bf17c7c1d013538b3c8
08106c7bf341e3850ac42fe1844e6a66013f726e6927a91c2b965a6861c97121
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d765bd94fc78cce437f90c68f2243b9b88f20fdbcc343d8cb137fd4abc36a74
0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94
0fab57543f51269755c854c09e1a361e6a3c04ae97b28b483ae00f13de630e9d
11435640d1ed2fa5f24ccd7f074b66c4d191a97a2931e793be6799d2b6a5e459
12164f3a0abfa257db5217b42c64b840a19393e13775c2f6ad19a7fa20c9c25e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19313ccb5ae600f9bac5e4b2037e9bad69542ecb62f19f325bafc55c9413c88e
1a13104b31dd0bb02d6033beecc192d5cd5516c401354189848944a281ceb9f9
1a552b4b3bd56b12e8724945ceb7b974fe51df9db5af30ea31feb9dbcb34be47
1b01fb21e8baf24fa65e7ec2a874e582f33937bd50ee7cac136d554e719069fb
1c3d18efcc096d745195fa76dadf483c70195ff3a8f293babe0c85153e38aaa1
1c4e7e389d73c6acf7f19cc812514e71230740791fde8a018c1d7edccf1590ae
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
215186ef4611d9bf40c8d36b41687c3c8399714ee998cadf215e042c5babbf01
22f39a41a30342a5c51d150be48c4726245655a560d154af893337d1ae953f62
25263ac2de0bc79a33d9cb9a84f2eeae903fac04142fa292b65f731a912dc3a7
25aee31d64662c806664162a986b9261cba609818c0d3954b5298e86a012372a
2795a62c509b59cdda15c8966771a675b28811636a3105068398e68323358ea3
2cc0224a3b5f914882edd16c6702de5b752cdac78223338e830cd8c0d58e7f5b
2d0922bd18f06df3c7413fcd6a3f1c5ec9545b4b07b131e362f30df7275fc058
2d28750e0d7b32bf39baa2f5c69b3c26b547e24802407370a13c9c657d21f9bb
2dacdcd695c495a6f57f184553d3dead2a685f3f19844f10203f09555b2473ae
2dd7ce6b2d8c19c5b956da401745a15ba8bd1b56539e23bddb0384ec84070529
2f03980b59f54e946839bd654cea5f6680dea3eda57b2880624c68f22bdbab98
30b5c6ea04b9280ccb8e70d394464892d5f8b0d15ca050eae006a532639775bc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33858706321f5ad6609abde33b626180ef17a8fc3f67e94a1cd329b67f81f174
357452f2a55c999ddd3afdcbce2c339d41cf7a01613d9d45ff88a753bb82f21d
363412612cec1a8a31c031a4a0304514b35bf95fec74c6678078664e8248d370
36345ad9a9a08df5091f2e9eaa7f6c8753f95f7304fc56587fc40ac91475e774
3650de8bc2dd8352b01aa49e9f0ae225098e86a31da32b04d81abb76b598d0d6
36fec2dd200001a2276aa93f7e5d08bd51c8eb245aaee0c69fddb2ec0530ad45
38a64ab79a54e2862f213b2afd43703c40f1b198dcd5194ea974629cea0ceaad
3b9e09d815ca4ad1b4ff31aeb3750af2c67207cbc3eb78403bbd4de6787712aa
3d690cf3b06f092db10d31d2dc09829309bb7377128f15e62181356619dd2e82
3e58bc60141feb1ba3dbfc11feaa97abb37adfcf98f91ceec4441c547e0589f5
3e80cc2748c6fad5c6e2e8c0e2376230e48b9eda7aa46b2a345ad44e5275a5f4
405baf4271a9850e863bd400063fc0a9eec1feb262c93940f49719eec2a6fe31
41c5e1ac20da55215bca6c2c6a5dc97874dd4f09e475e43e5e4e40f526e1d18e
425197a561a2dc98259d7e284f708115b672f426a8adc0955f6f42fbaa61d7ae
43b788d88d405a6bbd73f4a4a99457a69b693b61d8bed450972b97cd4436267e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
459eca39210d91965d67de225388e365f348fa2067764230e68f74a9331710a9
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4b3c5f98e0a1f3379b688114c27f93e30b0a9737f1ce8181225abc4729164c4b
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
508b452e1a35bd0f9033c20d4096803402acd0f2076548248b3e1cf308efba9b
50ad448a8a5720bf8a5617db15af31ae60163de06331576f60c6244c012ffc72
52485030d1cf0ff1509dff7d7761baaa797ce22e061773d353f81a6065426ed8
525be0114ef2f2f64478640e2e15e48768e77724624c6f89336e4c4666b203a0
52c1caf7c0c3ca3184fb02cc49bea7344f1884a2ac0a8e8aa67ca9a0d467f18c
53df78a7f193aaafb236d48d684c5817861e6573f1416dfe6ec7a5d848d91e88
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
548fd4a2c18debf63608e996ba7792ae0f68206e088d1b6de8295ca963c1c8f3
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56a3fd7b037a9573a6e37e885735694e4da54d5865ff33080c4f64b04815740d
57a070b33299c9f4fb90f8ec33ad7bc757bcd4523d2fc9438d54031992d21a32
5a51967b56766b50cff426dde9d884e2cc82396d8542ed7f1687929a32133683
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5cdfb3059e9acd98fc78cd46d16ee1b6f32e6f0cc5ead7962fd15c5394e79483
5e75d08122b436cdaec189538dfd2370254fc0579a8b560c797456432f586f31
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f579e1dadd53e0e79defb2030e2f53f760c3d787bc6e60107e436e0df563703
5f62da4e6d15892dab32e9322372ad1b9220c83bddc43cc549b524a2adcacb7f
60f513c8a26ca60529ad50593c496420ee02bc16429e76e83b50c6b63c322b79
6184b63c2030de47e35cb01a465f57080c76089826f8563ed60ba7f0fd27a3b4
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6221253ad9714c013d8ad0fe4630839bac19c58e88ea423d4cf2a1b9e0f79aac
626c65063bcb00fcc4574cffc418820fc209794a0519ec1e65931896c79a6ee1
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
63f146990e7fa707369327277fabab1fe8bc615e1cf38dffcfef2302caf6d501
649923bbbf618be50095bf36b767dc89029b49f8c992e16fc264203f8e894ccd
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
66c697e3fafc2745e1fccc5b1b11a4e65354cd0ab70439a0c5caf8224b83224a
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6bc9933cf1275da02fd11435520dee63def1c7e8f1c2be9f1e53d2a6e42279fc
6f65d27d3a33aaa34e69a4d428962c9ba5378432aaff786e90ab6aef7b200d04
70d3b32db5debb293e541783f2f9612cf78061ed174a60d8837e016bd744dcd9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72c07f03fccf6df24fd982f48bc9ff8beed6903098b5bdd6730726d0ffbd67c3
72e960baa80ec819264a604f2f8a8e5c21f81b785ebc17595211ad170d8b1bdc
7412fc663f81bc2509edb347341bc2ee6fdfe0b3d263c2be9c7c3958eaa47f77
759980f0667a0ccc886f5276b7ff4273113ba01509c38de8e24708b99d4f8616
7628a1d2f9791d585461ffe9b850779e71c0481590165b6eb8c0f6eb2eb7963e
76885907d939ec9707af3ebf7b0c9905c913d987f6c39b3b9879f369e22e6789
79c51343f938aa8c9ab2027f7059968a176959f67eb852a552aebf87c2cb2b25
7be01b58fbd8ff7e0e336e167cf227af64ea664c22090ef58d0df0c4deb406de
7cdd2952de17ddc8a6fe041d2b042e029b677c8a7b189df9d669e7debbd79c53
7db5a6231969bd5dbb257749a4c42e66453a2074ee7f33aeaa18cf672319195a
7e54d9b59ac004121d725a7dcc163f0c822be69cf98b34cc4500c4e96d393632
7f85637bbf5c0ee6a01fa5afb711af0e3d873ab20f0cbeaeb9105998530822c0
80f0ca9c170debfbc6d04f92a1c62b0ddab77287947094956313cce1c41d9f69
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83fba3f3b124378c4c5f0f40cd084d01c5dd1541db5748dbdc4d02a521154773
84206d625d0624dd1c5243698b6176a45bd5046a1b6336209bd2d8b824f2a472
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
881afc427b7852257e16f5cc1eb62b00e9e0fe71a2ee310b61ab51ed5fd29ca4
885f9854eb30002b0b52c95ab1f677df6c418626c06a1a1fbeae7fcda6e2a2ea
8c15cb18baacaff60263612dcbf00b3638873a5d7acd8a8f93ceb0e24e384466
8c4a73a728698256a3c265eaf2745df68c8f4404df61e18e2a19eb6c4afa912a
8d1d0fc56ee38959ac759f860e116129d384d574db33a9c0b5d7961c45234a8a
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94ed7b3417c83cac8cb147dbf5098029179db30064a4f32801177d17c0d04f1d
961f547cdb29f79eed49fddf9c4867b1f8589facfe487d6055c512950db7a914
97a6c6a88dabfb26c2387ffd82de82fc9d7bcf4242c6be4a5d26918838fef0ce
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9afd735c94f765e5868a91c6db8630766e0d2b04b90533936860ce3282409627
9d59193f983cef22739b510a95f91d98b5fa3c308de52d24eb0ff3f57418d63c
9ea7eac29a4d600509d6ddf8833e891257bbec889d4eea386a59642e6f2a474d
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1a256244f073b9ed474c52d16f8b7d0ed5d92ca4129042d6ee150817671bcd9
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a474e451f091d82915bb6fe83cd34aca2065baea6c9d3ab3d31205e5ba43f3b5
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a5cd26add278438eb7d5a02693d139ae589d34b97e46574fc3d5346fdd2ace85
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a7cca5b5e3b1fa2aa1bfe2f971f304c352507d7d6f029f49f38d458b4ac92741
a84e8beb198a7dda034dba1662c2eba295af1f2963ef9c49214ee8517c58a651
a8fb557d42b5bd035907c0e923a6d268799528d1441541e595ad14c6f088b4b7
a9d5966000be058d1871c0592a4a4f6872dc7d8e049f99c5cce2b3a9f04bfbf6
aaaabde3f68c325033b37bb3ebff887e3b589b7137e717e96648a52221881429
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
ad54e385f13d99fe91efd355a8f361d597708094574152daaec737852989aef8
af1bf8c593497789ca35c649c1fca77b7fe1fca71e6b4ae14a8d1abe55d9b80b
af671e6b49648fc9e64f4f677c5e8b75497a572ee0184e0f5e0670442291fac5
b04a268fbd6ac543dcd653b1c529871767a5b78cb2a2f40e54bcb0bfe2daa154
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3971a51fa89d1dc29d08d452a3538dae6f0be5cf379b22436c0d8874052cf7a
b558429e85c7f891955b4af827fe7311159447084984a4251575a995726b19c9
b7839c8ef5517dec7a32e51325eba93e631443603716bd1c9016af4c9f67a9f3
b8634cd6b366fa1fdd033380185186ca4d0a32c81a7e4d2ca67e204123a6d631
b90071b2492ff51e8a0996763d2d6010f8f00a78f7ae094876bd792f8ca12ae7
b95c153dbc31df3f119358352745f2e1cab9d10a8ffaf3142febfd33ebec2bc1
ba5fcde31bdb944630e5b3ae6a37c399d21f631a733a41a17debbc723465fc9f
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbce77366a053497fa21240bb3334ce290fda829c0987617b36442d5ec1651ff
bbf53a6877460a5ec96ea1888eedf06810fc58acdaafc1d5da4432b23c341cf9
bccf04cba1d13039d555397fbae09bff9666ad27eb5531650e4908fe127436cc
bce4b47b8fc12de49fac0a00e9039e38aa568aba0ee9154b93d20465f0289cfa
c0d7eace6de7a123701ad163455f50ea9f6f51c5985a49f4d1f6e797009fbdb1
c121271299d3fcb7544cd07b6fdc800c434624558dade4763692ebdfa8957170
c414d5c0dbb930bbacd45b6226f8527e2ae83f40470f68e56a709570d2a3d5fd
c74f4140e27ccfd8133c4317f8e0f8454b4d1141fc1aed44b4beae0fd0c2645a
c7edf8a1c7a2289d0aee27be5c9dfd82ab1ae0417d10d7ce9fbaf221e58d1dbe
c883a4fb6fe3a0d9103a7e972061e32fb94f1f5eb192b19a77c59fa40f7cfae5
ca241ab83e979506f525c16edd60aacabd315c5ae562174c8a06d9dd4c7971ac
ca242940728052d8ed3ec52be790164043f9e58aefe045b5d5443fa5c2b075fe
cb59d83d377288bed4eb2b448267c66f4c749b289261e3de3b7090734d3c97be
cddb42bd69440699ae8fe758dac4d5f52911fa67b2a7a637d5d1bcfa2d88b0d3
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cfaf1d79e848a7de982c0c2aaa7f14b179336d26785085ff84e0af54b6104a59
d3b7a3dda1b71a43233db018edcaa51ccc9342ab0f449e0d73cd4dd3b8fa16d6
d3de9e47adb1a7aba5926a13700cfdd735c72be45509d98cb626cfb070232c61
d6665412627ab58e882c11fa48134dbcd49cc4b406bed9df44b70225ffbb1749
d66ca23a7be1d8803307f937a250d0f90959f1289862b8e870d6795000f2b731
d8559b978abb26ebc3324fe598aa7e9a665ef434fb29edc8c31fc1150b19abf7
d8ed02b0cec8379cca3e4f290fe963604de8902dd64c9208eb1612d70491283b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
dec7b251628597283232dca601c700259bc9ad2a0695379620307c41b32b8835
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e21aa5b0d3fd28cebed9e03c5544f4924e11b0c453792ed018720cf8c679b0b6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4fa6a693e27633135deb441f23a8039987809a2ead7461fbe3a5bdcbfa6a99c
e5c6d318106ebbd73bdd7635ed9d9612788b87cd473b2796b37df16596a05932
e67417b0b06b8190bcbc2063e7e5b70febd93586e820049fd4eda8e491fd9ec7
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e885badff253144e188588b5657e13cfa1135d4cd682053c9cca02b83baf1ef2
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
e91fd654366b1adbc8b446eae2f36d8a5d2534ffb0371535d7dd4e7b4602cda5
ebfca63f7fdeedc7c8b301aeff863661051d15f543cd7f983697f37db1f610f6
eca995501da7b3c31f695c639801ae7a4b617be0312bc51eda497395cba6e8c5
ee4660de487d2bfe33bfb1420af711debc54cd07052af1d5fb9ead84680b13b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f11d0190d676c1a0772b71b30549e6b2566646cd65dd572f43a9cccb90f99a4c
f27654c4163fb3c1d254ad97604592a5942bc7773925dd68046ff732befde135
f284353a7cc4d97f6fe20a5155131bd43587a0f1c98a56eeaf52cff72910f47d
f367f7af4888a635a3a5f21af82adb9ec1d617ed076345bab838fa449c95b62f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f7b8af9b735073ec39e38018ae49ba7396286cd7e2cb2c4d457885ff41ad755f
f7f6ab07ca31578f7ad6cbc164b7802a0b8fb1745ecc37630a20489c3d3b1802
f955314889905c09a29581b7e3ce9c4fc64c5f1b1b59edddf99d8374b14d3278
f9a1bcefcfdbd195287b5d4c564d275fc2bbc1d6d439708892bb1a1c9c59f826
f9a8655c43a2c260b365ce8313e873872c7bd10845257ab2b8c4ad78936f2eb3
fa63e9b54d994313ef09ac3f167f9159fe609682614280da094bf08e18bd036e
fbc37753c881d843ab6d7655dcf38274783a2268e6199ea0232cba1cac25f80e
fc3776b6ad18faf23a448137a6bd2b252949bb5676c79b5edc6e54f1994d31d3
fe61e89759d850dfc59195612601e38453136a782807658d92c792fc01b4cb31

www.fimela.com Open in urlscan Pro 35.190.21.225 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

320 Requests

94 %HTTPS

37 %IPv6

58 Domains

100 Subdomains

82 IPs

12 Countries

4576 kBTransfer

11644 kBSize

55 Cookies

16 Outgoing links

Page URL History

Redirected requests

320 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 17 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.fimela.com Open in urlscan Pro
35.190.21.225 Public Scan

Screenshot
Live screenshot

Full Image

320
Requests

94 %
HTTPS

37 %
IPv6

58
Domains

100
Subdomains

82
IPs

12
Countries

4576 kB
Transfer

11644 kB
Size

55
Cookies

320 HTTP transactions
17 data transactions