www.diabolo-mox.de Open in urlscan Pro
62.113.195.133 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.diabolo-mox.de/index.php?id=70
Submission Tags: falconsandbox
Submission: On December 08 via api (December 8th 2023, 11:17:32 am UTC) from US — Scanned from DE

Summary HTTP 82 Redirects Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 9 domains to perform 82 HTTP transactions. The main IP is 62.113.195.133, located in Germany and belongs to TTM, DE. The main domain is www.diabolo-mox.de.
TLS certificate: Issued by Encryption Everywhere DV TLS CA - G1 on January 16th 2023. Valid for: a year.

This is the only time www.diabolo-mox.de was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	62.113.195.133 62.113.195.133	47447 (TTM) (TTM)
12	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
23	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3 4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3 5	104.18.36.155 104.18.36.155	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	185.89.211.12 185.89.211.12	29990 (ASN-APPNEX) (ASN-APPNEX)
2	142.250.185.70 142.250.185.70	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:80f::2004	15169 (GOOGLE) (GOOGLE)
82	13

26 62.113.195.133 (Germany)

ASN47447 (TTM, DE)
PTR: vs239.robhost.de

www.diabolo-mox.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.18.36.155 (None, ) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.12 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.70 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
26	diabolo-mox.de www.diabolo-mox.de	1 MB
23	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 300	271 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	288 KB
10	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 cm.g.doubleclick.net — Cisco Umbrella Rank: 219 ad.doubleclick.net — Cisco Umbrella Rank: 139	51 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 578	2 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	2 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	26 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
82	9

	Domain	Requested by
26	www.diabolo-mox.de	www.diabolo-mox.de
23	s0.2mdn.net	www.diabolo-mox.de s0.2mdn.net
12	pagead2.googlesyndication.com	www.diabolo-mox.de pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	www.diabolo-mox.de googleads.g.doubleclick.net tpc.googlesyndication.com pagead2.googlesyndication.com
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
2	cdnjs.cloudflare.com	s0.2mdn.net
2	ad.doubleclick.net	www.diabolo-mox.de
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
82	12

This site contains no links.

Subject Issuer	Validity	Valid
www.diabolo-mox.de Encryption Everywhere DV TLS CA - G1	`2023-01-16` - `2024-01-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-11-20` - `2024-02-12`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://www.diabolo-mox.de/index.php?id=70
Frame ID: 4DBCE69B873FCE169EE949292BF1D536
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html?hello=world
Frame ID: 8421BB3006A86E309BD919C64111FFBD
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675478121485590&output=html&h=600&slotname=9473320262&adk=3418064606&adf=447873241&pi=t.ma~as.9473320262&w=160&lmt=1702034248&format=160x600&url=https%3A%2F%2Fwww.diabolo-mox.de%2Findex.php%3Fid%3D70&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702034247792&bpp=3&bdt=858&idt=244&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&correlator=6747417089639&frm=20&pv=2&ga_vid=1378901598.1702034248&ga_sid=1702034248&ga_hid=1608770254&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079866%2C31079924%2C31079930%2C44798934%2C44809003%2C44807764%2C44808148%2C95320229&oid=2&pvsid=949612705586006&tmod=1600233396&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Frame ID: 3BEA2E7D3335DFA7A5C78062E9D30E4E
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675478121485590&output=html&adk=1812271804&adf=3025194257&lmt=1702034248&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.diabolo-mox.de%2Findex.php%3Fid%3D70&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702034247809&bpp=2&bdt=875&idt=236&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=6747417089639&frm=20&pv=1&ga_vid=1378901598.1702034248&ga_sid=1702034248&ga_hid=1608770254&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079866%2C31079924%2C31079930%2C44798934%2C44809003%2C44807764%2C44808148%2C95320229&oid=2&pvsid=949612705586006&tmod=1600233396&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=239
Frame ID: 190F07C322E6E368A36D826CF33F15A4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNUiAkWT0cBLZxYW6CI-Wmja4tpqGxzyYNhRGeSrHr3FJGnnViI8hpD1Qyf0GVEy2nSea_nXo6354KfqR1SJEa6BnsM7nNfA-rsduT_oysR9SrM1-yYVLzfWW8nUk1tLCBEW2e5DLcEpmG7DaTsXWuT49U63WYwJSZYOEmkKNTvriKVXT88
Frame ID: C446F916879E20FD2983B675085F069E
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/62bHydCX.html
Frame ID: B2539D259CA88D888A57CA317101281F
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
Frame ID: D2C0FCC13D38FC0D1D5886CC55579F0F
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 8AD858A800128C8463648B102182A887
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: CAA0B1A6689499A4063B33B472028139
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DIABOLO / Mox - Programm- und Stadtzeitung für Oldenburg

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Slimbox 2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

slimbox2\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

82
Requests

95 %
HTTPS

58 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

1919 kB
Transfer

2825 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 39

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&C=1

Request Chain 40

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXL7ScfEHW.Qmo.PJrETTQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&google_hm=2

Request Chain 41

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESELjvXgmscUjIFqIMGWg4otk&google_cver=1

Request Chain 42

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MTU2NjQ4MTA5NTM4NDEx

82 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request index.php Show response
www.diabolo-mox.de/ 30 KB
30 KB 2187ms
2052ms Document
text/html 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PHP/5.6.40 PleskLin
Resource Hash: eb439943aec54f7158ea77455300494c9e2f9e685dce4420df41d1d03dcfa03a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3600
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Dec 2023 11:17:26 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx
Transfer-Encoding: chunked
X-Powered-By: PHP/5.6.40 PleskLin

GET
H/1.1 200
OK jquery-ui.min.css
www.diabolo-mox.de/cpjs/js/ 31 KB
32 KB 162ms
126ms Stylesheet
text/css 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpjs/js/jquery-ui.min.css
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 27 Sep 2018 23:54:30 GMT
Server: nginx
ETag: "a58008-7d4c-576e30f4e5980"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 32076

GET
H/1.1 200
OK admin.css
www.diabolo-mox.de/cpcss/ 5 KB
5 KB 204ms
40ms Stylesheet
text/css 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpcss/admin.css
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 260b4517db598032c52a42229d4b19d51604acc6aaefd091430d6fe439da4528

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 27 Sep 2018 23:54:28 GMT
Server: nginx
ETag: "19a167-134f-576e30f2fd500"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4943

GET
H/1.1 200
OK style_n.css
www.diabolo-mox.de/cpcss/ 18 KB
18 KB 246ms
83ms Stylesheet
text/css 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpcss/style_n.css
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 3753e68a48a4e3d800f7c7355cc2199f5f758a74cfe9b5b84aa40da30efcf003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Mon, 03 Dec 2018 11:37:25 GMT
Server: nginx
ETag: "19a188-47d5-57c1c92a88740"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 18389

GET
H/1.1 200
OK jquery.min.js Show response
www.diabolo-mox.de/cpjs/js/ 85 KB
85 KB 243ms
80ms Script
text/javascript 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpjs/js/jquery.min.js
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 27 Sep 2018 23:54:32 GMT
Server: nginx
ETag: "a5800b-15283-576e30f6cde00"
X-Powered-By: PleskLin
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 86659

GET
H/1.1 200
OK jquery-ui.min.js Show response
www.diabolo-mox.de/cpjs/js/ 248 KB
248 KB 246ms
83ms Script
text/javascript 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpjs/js/jquery-ui.min.js
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 27 Sep 2018 23:54:31 GMT
Server: nginx
ETag: "a58009-3dee5-576e30f5d9bc0"
X-Powered-By: PleskLin
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 253669

GET
H/1.1 200
OK slimbox.css
www.diabolo-mox.de/cpjs/slimbox/ 2 KB
2 KB 206ms
43ms Stylesheet
text/css 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpjs/slimbox/slimbox.css
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 99a3f1312dea361df08f7597dbe7948e5dc731c8176307d11bc666bb96657135

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Wed, 26 Feb 2014 23:40:38 GMT
Server: nginx
ETag: "1ba020-765-4f357bb5d4980"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1893

GET
H/1.1 200
OK slimbox2.js Show response
www.diabolo-mox.de/cpjs/slimbox/ 9 KB
9 KB 240ms
40ms Script
text/javascript 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpjs/slimbox/slimbox2.js
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: ce826bbc33f6d044cb97dfb88a863b387950e456d76bce2356f8ee54687d515b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Tue, 01 Jul 2014 21:47:36 GMT
Server: nginx
ETag: "1ba021-22ce-4fd28b94a0e00"
X-Powered-By: PleskLin
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8910

GET
H/1.1 200
OK cp.js Show response
www.diabolo-mox.de/cpjs/ 7 KB
7 KB 244ms
40ms Script
text/javascript 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to

Full URL: https://www.diabolo-mox.de/cpjs/cp.js
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: d02cfe06270f473f578e5ebe6d78b5f0184496b294e1f17224c26f951b640d54

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 27 Sep 2018 23:54:32 GMT
Server: nginx
ETag: "19a11a-1a74-576e30f6cde00"
X-Powered-By: PleskLin
Content-Type: text/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6772

GET
H/1.1 200
OK 00000013408210944_w.gif
www.diabolo-mox.de/cpmedia/werbung/ 15 KB
16 KB 85ms
84ms Image
image/gif 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000013408210944_w.gif
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: b6b99c7cfae5ccf0a35450e89ff361d7a7a03401b76f54ac9964c4f2e3ca8c22

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Mon, 21 Aug 2023 07:44:40 GMT
Server: nginx
ETag: "14c8010-3d79-6036a0d034a00"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15737

GET
H/1.1 200
OK 00000013408210944_wkl.gif
www.diabolo-mox.de/cpmedia/werbung/ 25 KB
25 KB 40ms
40ms Image
image/gif 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000013408210944_wkl.gif
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: ef3cbe5d0192838107ea2d091f92f6efc55943d2b3287b9e8c97622238a1d644

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Mon, 21 Aug 2023 07:44:40 GMT
Server: nginx
ETag: "14c8011-62c9-6036a0d034a00"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25289

GET
H/1.1 200
OK logo.gif
www.diabolo-mox.de/images/ 3 KB
3 KB 41ms
41ms Image
image/gif 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/images/logo.gif
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 80a68ec3d5f7400b3d46e7fa8667780981c482304c1afadb95a765bd314b52bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Sat, 25 Jan 2014 15:49:37 GMT
Server: nginx
ETag: "19a13a-a72-4f0cd6bf4a640"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2674

GET
H/1.1 200
OK 00000114712051240_i.jpg
www.diabolo-mox.de/cpmedia/downloads/ 6 KB
7 KB 43ms
42ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/downloads/00000114712051240_i.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: fcfda3e674a619a8d4bd5c179ab2f32d2d117794960abf488ea5f0de1b17a668

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Tue, 05 Dec 2023 11:40:02 GMT
Server: nginx
ETag: "14a20f8-19a0-60bc1b1eda880"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6560

GET
H/1.1 200
OK 00000114612041716_i.jpg
www.diabolo-mox.de/cpmedia/downloads/ 12 KB
12 KB 40ms
40ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/downloads/00000114612041716_i.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 0956e35585c290779e901b3db95cb246b5d619e5cee64ac67507f162fd58d30a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Mon, 04 Dec 2023 16:16:22 GMT
Server: nginx
ETag: "14a20f6-2f4e-60bb170550180"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 12110

GET
H/1.1 200
OK 00000061812071413_w.jpg
www.diabolo-mox.de/cpmedia/werbung/ 16 KB
17 KB 40ms
40ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000061812071413_w.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 19a4ddfea982d7cc4486684e9c9bc17130299b395ff19d775e5567332c0077b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 07 Dec 2023 13:13:36 GMT
Server: nginx
ETag: "14c8015-417b-60beb3c3b4000"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16763

GET
H/1.1 200
OK 00000052212121521_w.jpg
www.diabolo-mox.de/cpmedia/werbung/ 31 KB
31 KB 42ms
42ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000052212121521_w.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 78e1524fae2574ced7d621aecab2549dd952ae868284e59bfab69d6b6565d196

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Mon, 12 Dec 2022 14:21:06 GMT
Server: nginx
ETag: "14c8019-7c57-5efa236c25880"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 31831

GET
H/1.1 200
OK 00000058408191413_w.gif
www.diabolo-mox.de/cpmedia/werbung/ 293 KB
293 KB 41ms
41ms Image
image/gif 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000058408191413_w.gif
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: ce68394c978c8c3a143407bd5f2aac41fb6bdfc088a3fa9cfe0d1b5acb0a56e1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Wed, 19 Aug 2020 12:13:47 GMT
Server: nginx
ETag: "19b1aa-49200-5ad39ef8894c0"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 299520

GET
H/1.1 200
OK 00000061912071433_w.jpg
www.diabolo-mox.de/cpmedia/werbung/ 25 KB
25 KB 48ms
41ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000061912071433_w.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 9c764c7af8ea40be58356e7df87b6122af162ee3b435826bb597a8a526fbfed8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 07 Dec 2023 13:33:25 GMT
Server: nginx
ETag: "19b588-6289-60beb8319f340"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 25225

GET
H/1.1 200
OK 00000023406301443.jpg
www.diabolo-mox.de/cpmedia/bilder/ 19 KB
19 KB 50ms
42ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/bilder/00000023406301443.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 6b270180d0e609b27ca23ae869cca885da070a7541efa124f1b03bdd008b2f66

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Fri, 30 Jun 2017 12:43:22 GMT
Server: nginx
ETag: "19a288-4c08-5532cc3312e80"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 19464

GET
H/1.1 200
OK 00000061605061542_w.jpg
www.diabolo-mox.de/cpmedia/werbung/ 16 KB
17 KB 49ms
41ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000061605061542_w.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 5a5bf70ae0965d134f8645e89bc257f12228cccd2bb26f556e645dca5859ac2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Fri, 06 May 2022 13:42:02 GMT
Server: nginx
ETag: "14c8018-4156-5de5805f53e80"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16726

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 234ms
131ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bd5d0baaf99608b7094e1f8ac7583c72734faea816bc09bbdbe9a43fa735afe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51940
x-xss-protection: 0
server: cafe
etag: 16066951633316311714
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 11:17:27 GMT

GET
H/1.1 200
OK 00000060002081840_w.jpg
www.diabolo-mox.de/cpmedia/werbung/ 14 KB
15 KB 88ms
80ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000060002081840_w.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: d55db532c8415080e8a52b0cbbab6992ec30b5dbfe51797d7c22ab3690c3b082

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Wed, 08 Feb 2023 17:40:31 GMT
Server: nginx
ETag: "19a5af-396e-5f433c2b981c0"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 14702

GET
H/1.1 200
OK 00000059806131831_w.gif
www.diabolo-mox.de/cpmedia/werbung/ 82 KB
82 KB 89ms
81ms Image
image/gif 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000059806131831_w.gif
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 33f9ac1cb36710f72dbcfcc9a543780bd80e96f5777a1e1d4c83bf61740bcc8a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Wed, 13 Jun 2018 16:31:41 GMT
Server: nginx
ETag: "19a3a6-146f1-56e88847dd540"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 83697

GET
H/1.1 200
OK 00000041106271549_w.gif
www.diabolo-mox.de/cpmedia/werbung/ 161 KB
162 KB 114ms
41ms Image
image/gif 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000041106271549_w.gif
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 18c6b8ea2d8f33bc19132541719dd24a23285c0c15563c75c493cd6653d45164

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 27 Jun 2019 13:49:56 GMT
Server: nginx
ETag: "14c800a-28582-58c4e6fe26900"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 165250

GET
H/1.1 200
OK 00000061411161507_w.jpg
www.diabolo-mox.de/cpmedia/werbung/ 14 KB
14 KB 79ms
43ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/werbung/00000061411161507_w.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 5a883634f3aab7175f746ea08b25de148643997eb34d26f467e700ae15bf571c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Thu, 16 Nov 2023 14:07:40 GMT
Server: nginx
ETag: "14c8017-3664-60a458aebe300"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 13924

GET
H/1.1 200
OK 000005515-gt.jpg
www.diabolo-mox.de/cpmedia/galerien/ 37 KB
37 KB 78ms
42ms Image
image/jpeg 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/cpmedia/galerien/000005515-gt.jpg
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 0d45ac500c9bcf7667fa7e120cbd8b21aa1048042ddfaf8e67df93eb1b431eb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/index.php?id=70
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Sat, 25 Jan 2014 22:36:20 GMT
Server: nginx
ETag: "19b439-9350-4f0d31a7ce100"
X-Powered-By: PleskLin
Content-Type: image/jpeg
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 37712

GET
H/1.1 200
OK datum.gif
www.diabolo-mox.de/images/ 7 KB
7 KB 78ms
43ms Image
image/gif 62.113.195.133
TTM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.diabolo-mox.de/images/datum.gif
Requested by: Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/cpcss/style_n.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 62.113.195.133 , Germany, ASN47447 (TTM, DE),
Reverse DNS: vs239.robhost.de
Software: nginx / PleskLin
Resource Hash: 5752172cb781735546f61b352f43e8270065e9ca28230f1a7b2a703a9ae9ce04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/cpcss/style_n.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Date: Fri, 08 Dec 2023 11:17:27 GMT
Last-Modified: Sat, 25 Jan 2014 15:49:37 GMT
Server: nginx
ETag: "19a131-1b65-4f0cd6bf4a640"
X-Powered-By: PleskLin
Content-Type: image/gif
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 7013

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/ 398 KB
135 KB 114ms
114ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6675478121485590&plah=www.diabolo-mox.de

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

56809350ae5f6d54be44275920d2939bd33d25a5af6d0ab390f9a5c8c98faac5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137733
x-xss-protection: 0
server: cafe
etag: 4017063180494201506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 08 Dec 2023 11:17:27 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/ Frame 8421 9 KB
4 KB 125ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231206/r20190131/zrt_lookup_fy2021.html?hello=world

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.diabolo-mox.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 52936
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4130
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Dec 2023 20:35:11 GMT
etag: 5585625838579639069
expires: Thu, 21 Dec 2023 20:35:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3BEA 108 KB
45 KB 1234ms
1234ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675478121485590&output=html&h=600&slotname=9473320262&adk=3418064606&adf=447873241&pi=t.ma~as.9473320262&w=160&lmt=1702034248&format=160x600&url=https%3A%2F%2Fwww.diabolo-mox.de%2Findex.php%3Fid%3D70&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702034247792&bpp=3&bdt=858&idt=244&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&correlator=6747417089639&frm=20&pv=2&ga_vid=1378901598.1702034248&ga_sid=1702034248&ga_hid=1608770254&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079866%2C31079924%2C31079930%2C44798934%2C44809003%2C44807764%2C44808148%2C95320229&oid=2&pvsid=949612705586006&tmod=1600233396&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202312040101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-6675478121485590&plah=www.diabolo-mox.de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fda1da93674dd8d4b1dc19891757979b58c68a873dc41428d16e74aa9ec2787d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.diabolo-mox.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 45592
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 11:17:29 GMT
expires: Fri, 08 Dec 2023 11:17:29 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 190F 3 KB
823 B 274ms
274ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675478121485590&output=html&adk=1812271804&adf=3025194257&lmt=1702034248&plaf=1%3A2%2C2%3A2%2C7%3A2&plat=1%3A128%2C2%3A128%2C3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=260x945_l%7C260x945_r&format=0x0&url=https%3A%2F%2Fwww.diabolo-mox.de%2Findex.php%3Fid%3D70&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702034247809&bpp=2&bdt=875&idt=236&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&nras=1&correlator=6747417089639&frm=20&pv=1&ga_vid=1378901598.1702034248&ga_sid=1702034248&ga_hid=1608770254&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079866%2C31079924%2C31079930%2C44798934%2C44809003%2C44807764%2C44808148%2C95320229&oid=2&pvsid=949612705586006&tmod=1600233396&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=239

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e874e9cae9355a2e975d4ab946f59f86c38cf28afc31c66b6381036f7b99db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.diabolo-mox.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 623
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 11:17:28 GMT
expires: Fri, 08 Dec 2023 11:17:28 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3BEA 42 B
63 B 79ms
79ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-D4DzvqTEtQCeg2ITGSY39dIhJZQ52znBvj_S-_denj7WOgwktD8vJQy3UXxw4VCE1c0NIPGKRP0levujKCRbAUPlFi0NDk67YHajChVQJy3ZP5wnc

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675478121485590&output=html&h=600&slotname=9473320262&adk=3418064606&adf=447873241&pi=t.ma~as.9473320262&w=160&lmt=1702034248&format=160x600&url=https%3A%2F%2Fwww.diabolo-mox.de%2Findex.php%3Fid%3D70&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702034247792&bpp=3&bdt=858&idt=244&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&correlator=6747417089639&frm=20&pv=2&ga_vid=1378901598.1702034248&ga_sid=1702034248&ga_hid=1608770254&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079866%2C31079924%2C31079930%2C44798934%2C44809003%2C44807764%2C44808148%2C95320229&oid=2&pvsid=949612705586006&tmod=1600233396&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame C446 624 B
246 B 81ms
81ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNUiAkWT0cBLZxYW6CI-Wmja4tpqGxzyYNhRGeSrHr3FJGnnViI8hpD1Qyf0GVEy2nSea_nXo6354KfqR1SJEa6BnsM7nNfA-rsduT_oysR9SrM1-yYVLzfWW8nUk1tLCBEW2e5DLcEpmG7DaTsXWuT49U63WYwJSZYOEmkKNTvriKVXT88

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6675478121485590&output=html&h=600&slotname=9473320262&adk=3418064606&adf=447873241&pi=t.ma~as.9473320262&w=160&lmt=1702034248&format=160x600&url=https%3A%2F%2Fwww.diabolo-mox.de%2Findex.php%3Fid%3D70&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1702034247792&bpp=3&bdt=858&idt=244&shv=r20231206&mjsv=m202312040101&ptt=9&saldr=aa&abxe=1&correlator=6747417089639&frm=20&pv=2&ga_vid=1378901598.1702034248&ga_sid=1702034248&ga_hid=1608770254&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=305&ady=514&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079866%2C31079924%2C31079930%2C44798934%2C44809003%2C44807764%2C44808148%2C95320229&oid=2&pvsid=949612705586006&tmod=1600233396&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=251
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 222
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 11:17:29 GMT
expires: Fri, 08 Dec 2023 11:17:29 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_278.js Show response
s0.2mdn.net/879366/ Frame 3BEA 111 KB
39 KB 259ms
39ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Requested by

Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:51:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 55563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39806
x-xss-protection: 0
last-modified: Tue, 14 Mar 2023 18:44:05 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 08 Dec 2023 19:51:26 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/ Frame 3BEA 7 KB
3 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/elements/html/omrhp_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:08:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3071
x-xss-protection: 0
server: cafe
etag: 10674441169935035545
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:08:09 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/ Frame 3BEA 24 KB
9 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20231206/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:00:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 58649
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9318
x-xss-protection: 0
server: cafe
etag: 3562968281324141506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:00:00 GMT

GET
H2 200 Q12zgMmT.js Show response
tpc.googlesyndication.com/sodar/ Frame 3BEA 41 KB
14 KB 263ms
46ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Requested by

Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 143078
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13937
x-xss-protection: 0
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 05 Dec 2024 19:32:51 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3BEA 3 KB
1 KB 261ms
45ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4194
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Dec 2023 10:07:35 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/ Frame 3BEA 20 KB
9 KB 255ms
40ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231206/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Thu, 07 Dec 2023 19:33:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56659
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8581
x-xss-protection: 0
server: cafe
etag: 5638635208567908330
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Dec 2023 19:33:10 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3BEA 202 KB
64 KB 308ms
93ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65145
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701866768669483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Dec 2023 11:17:29 GMT

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C446
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&C=1

43 B
337 B

71ms
71ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNUiAkWT0cBLZxYW6CI-Wmja4tpqGxzyYNhRGeSrHr3FJGnnViI8hpD1Qyf0GVEy2nSea_nXo6354KfqR1SJEa6BnsM7nNfA-rsduT_oysR9SrM1-yYVLzfWW8nUk1tLCBEW2e5DLcEpmG7DaTsXWuT49U63WYwJSZYOEmkKNTvriKVXT88
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75JuncB6cEjZrZOwpg4QDSs8WyAhWOM6oydbWAh8cQlSjfBY3f1AMMX20%2Bhb29fZK%2BYin6EJoOTrcvYVD7geAaXfw3oLcmStM9AiwvCCpdhk1edlf4Nti%2BV4cLEUqUQLDQWw6N7%2BJrv52w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83249a2d1d2f451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x%2FQwRUsHQMaix3hHTzu6q%2BtIneC3WQV8m61kQyBBsukeUPPiUfpfO4F98f7ivZv4jDheC5Sf0hBABNmghMfrFalZKSXxXI3sHI2Z7%2BwKStyKY4a4akbvbD9qRs6JdlL%2FOuSJJEXu%2F3p9LA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: /rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&C=1
cache-control: no-cache
cf-ray: 83249a2c9c07451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 0
expires: 0

GET
H2

200

rum
dsum-sec.casalemedia.com/ Frame C446
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=ZXL7ScfEHW.Qmo.PJrETTQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&google_hm=2

43 B
330 B

82ms
82ms

Image
image/gif

104.18.36.155
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNUiAkWT0cBLZxYW6CI-Wmja4tpqGxzyYNhRGeSrHr3FJGnnViI8hpD1Qyf0GVEy2nSea_nXo6354KfqR1SJEa6BnsM7nNfA-rsduT_oysR9SrM1-yYVLzfWW8nUk1tLCBEW2e5DLcEpmG7DaTsXWuT49U63WYwJSZYOEmkKNTvriKVXT88
Protocol: H2
Server: 104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=75a9RnLBwJJQtmVzGRF7a0hiRkJjmlU2MZJyA6XhTRqJy1TjbZCAml0e4i%2F9%2BALCruatzukd%2FAVR6Fxvh9VvBELtpoMNNbuoOHL3dIVfgk%2FGCQh%2F4Mf5RPAdbQmebkDKJ7tlOJTAb%2BYwGw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 83249a2d7df8451c-TXL
alt-svc: h3=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEK11ATxWiS2k3SsRc0ihrfM&google_cver=1&google_hm=2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

setuid
ib.adnxs.com/ Frame C446
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESELjvXgmscUjIFqIMGWg4otk&google_cver=1

43 B
839 B

53ms
53ms

Image
image/gif

185.89.211.12
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESELjvXgmscUjIFqIMGWg4otk&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CO-p_psDEOa-zKMDGNnS2P8BMAE&v=APEucNUiAkWT0cBLZxYW6CI-Wmja4tpqGxzyYNhRGeSrHr3FJGnnViI8hpD1Qyf0GVEy2nSea_nXo6354KfqR1SJEa6BnsM7nNfA-rsduT_oysR9SrM1-yYVLzfWW8nUk1tLCBEW2e5DLcEpmG7DaTsXWuT49U63WYwJSZYOEmkKNTvriKVXT88

Protocol

Server

185.89.211.12 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
an-x-request-uuid: 6f78b103-8efb-4ef7-9828-8b8790e225da
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
cache-control: no-store, no-cache, private
x-proxy-origin: 80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESELjvXgmscUjIFqIMGWg4otk&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame C446
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MTU2NjQ4MTA5NTM4NDEx

170 B
243 B

50ms
50ms

Image
image/png

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MTU2NjQ4MTA5NTM4NDEx

Requested by

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:29 GMT
an-x-request-uuid: 3c876cb9-1ec8-4537-beb9-8205addd4e04
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjY3MTU2NjQ4MTA5NTM4NDEx
x-proxy-origin: 80.255.7.103; 80.255.7.103; 947.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3BEA 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e62a2701a28a5b79a5c3a158c144bced77e069797e96a5af2c3b3a1feb7e1142

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 62bHydCX.html Show response
tpc.googlesyndication.com/sodar/ Frame B253 38 KB
13 KB 39ms
39ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/62bHydCX.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Q12zgMmT.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 342664
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 13045
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 12:06:25 GMT
expires: Tue, 03 Dec 2024 12:06:25 GMT
last-modified: Fri, 25 Aug 2023 23:48:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/8062992220002713600/ Frame D2C0 88 KB
18 KB 335ms
39ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_278.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86dd8903fc8e1ea80fe3023f3fc0d42c6e35b0f0df048c0ed24a499b453f708b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 331111
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 18663
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 15:18:58 GMT
expires: Tue, 03 Dec 2024 15:18:58 GMT
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 3BEA 0
0 384ms
86ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvhWSISn_xSh-sbU0F0W7S1o6QnLuuYRjbc5IQ0cp6X3nd4_jRlBQ2GHI5XhInMJaqS0VgVHw81v7QbfANs-hYD8pqGyFLXpkmD8eBKFskD1QqGQ9cJZSqrU5a383RmaVlMUrRYFpyPDmoa5ibhhf4SYQRPxMZSX3XcU1-mn-gEx0VCKPJBCASzyv_evNGKpSHNkb9UNY7QJ4ao8N5dmzTgE0spL7faevO9StgVMf4XXeXsdqG0uYnndZ0AmGCmYHesybR0FYs8irAUAHbq3TpeBdW5Ekib_HdWVLVcuOMPyyyx2u_MG9PWW5aW3Xq07QAfgvLdXrzdJ5KLpjr7oPajvaLCa1gMoyWMDEHTp_S58FgIKBIHEsAHuwAxiVu40OosVjrJeN_9GrHQ1o-fuXf_Y0tFR8rNT_67dmq8CLd_8ClkWpGuBSxoaXfpJWfsfETaHVU4mFv0xuSdG0TFDd_VHssBljYXfnfVYH0wsAXKpwn5Vm_MnDzJpGLbiNfBaCfEJdcpbs_XnvKFmrjPyqHqUp1TvJHSOXSW5U8hDg3-GPji9c8JZjb2tUO0Up3-YRTF7IvwcnqmmWqOx5ebJ_D0ah0KjIOJ_h3LnhggbbkGc8_A2WuqZHQ3e3l6pWnzJO2XyqigDChulyJpxV-BuJOYKxLQ3SFr0Zfhu6UR8rVXaxD1PpIEX0go0ZBwXlAbtk2uePQgmmlHmyPg02EtkylggbCL0tWOdA1D7XGOs7vvIIsYbVq0VsNUvEsV3iS528b97u_VT9ML7tLk01Imtx5ngAN4eG92_mkjLJIP4vz3y61SOj3YTg2zfF_D6iAaVlyNh1u-KW6eEhAOf4z2eOk8AqnKFeRaYRIrwc8marwo3rcA1eoF12CeKIIdaF73XeFXfTvgRrG6f37nVx_wvcny3DnxLpJGpFNoVTJw_QpxUjHyx0YtFxf2gAOl57QmgRErr7jc4KsjApv2oKqxthQ_ls799R4FRJQC46BdccVU_bB8KeGgZY5fsgBN3vN929ftq3ny3ncuNYKHqeoa-C07-KaVjdp5R6byBnIQEMFYYMywGyNwT9Elk8opKJ50wzazzvpPRNmkVZeZpPre7IF1Duho2mojIlSvgvnrsUXB7NPQcBGEAKa5azThdTB8AO5Uxmkh2QlWhCW-_Stj5yOh8kVvQXBgQ8kzFx2QPFCaJKMxIVbC47Ho2F5QJRUGg0REIm_SUPYD5z1nsC2S7JtSsUoyZ4CQ91NIeO3N-PVGiGJP8rAZhtVD_JF1-30HoExLI4Y1gVSGkmEi7ZxCyIp1ZbytS5aYxasEC6sDdJSv_qqc_yPwPcpQk1V_-hdd3z_pNo2u7D_O1S8vF92i6VL_URSGdF975ZvsejPMRJXpiwrZi_K5UG4JCuyzndHsXJ-eFccFZdkl8daSC8w71lQjF75Rr7eLHCt5W7r0A3RUUw-9JjegcQd17w&sai=AMfl-YTv0s-xECxm61Rp5elzRfTa0Jb_uIJv2hAfKO4GWgxrOQTlK8PkkXwBSN4GILsgFvnykaVeXYULsLaZBx7v7EnB60nxErmMn9Kpa_NMIwiUbGkNGL2_DHtR0B4V0KsVzZmDAIJXvEiWmXsi1VwILPGML8wdNwttiJ62D0kE46hIRyQJkEPqAVWMTJLp6IbgfT4t07satoSehy6_o9rbK4aQ1mdKNLAX8b-51Q4FOGyQSNe8aZ5uMmHDsv9IMQsYYPzOknsg38wxZFSLiu8kpEXTQUUcYs6JPCwmIvz0noRkwNAWr_ICJy1E6Gh7H-huRFWsPKgm2qVgfXLCvtgag2lCKYuKm6IRkVUpiSqf_vqZHhLF_UCBSeRBHXZEpfvERjEhUiQylsmxBbbkXR4b8ZUjQAHKQVRRjmJ_XlRHFG-FzOVr9DNEG41nNj1L3bV72J5-i41Depg0tNU15MqGINu6KngtQ5uc1RL5Xenv5FpejW_9y00je8vhjav7NEwNgaV1GwU&sig=Cg0ArKJSzA8It5GFAYakEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=318&cbvp=1&cstd=316&cisv=r20231206.96842&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 08 Dec 2023 11:17:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
content-type: image/gif
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame B253 39 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/62bHydCX.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4194
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 10:07:35 GMT

GET
H2 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame D2C0 70 KB
25 KB 134ms
53ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3142832
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 25280
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-62c0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bPbaOeDHNbYk4kmIK52miw2lSrpvjXLKFOirDcuDN0YcBKEgf9jCmazS8b1cSg8LJY0Q5PdOsGTuUUS0%2BkOiFot4%2FlIYQVHhhwZ2TJXEVnwISxDFGGZuukAAprm3mqa8I3QuLwPS6mngS0MsBgw9sjuz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83249a2f186265b3-FRA
expires: Wed, 27 Nov 2024 11:17:30 GMT

GET
H2 200 CSSRulePlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/ Frame D2C0 2 KB
1 KB 132ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.12.2/CSSRulePlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 812632
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 821
last-modified: Wed, 28 Jun 2023 20:03:01 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "649c91f5-335"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y2fNMr9HMwVkmBfrITgFQKDxEJUZqU2nY5%2Ff5vzuOwMQCVnt0%2FvPO7Rx1zHacSGh2c7fMbZKGBNOpHmiD7qsfQ18BvYmePRay8Idnp5%2FjEtv0SnlhJMgvP%2F9Bh6pU7ojYrqFr6yQIwXz%2BciFIN04rsEz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83249a2f186065b3-FRA
expires: Wed, 27 Nov 2024 11:17:30 GMT

GET
H3 200 f378cfc5.svg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 5 KB
2 KB 40ms
40ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/f378cfc5.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:44:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142370
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2433
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:44:40 GMT

GET
H3 200 13dc9848.svg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 669 B
429 B 46ms
43ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/13dc9848.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 142400
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 400
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:44:10 GMT

GET
H3 200 4332eb45.svg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 5 KB
2 KB 45ms
42ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/4332eb45.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2343
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:32:53 GMT

GET
H3 200 366b546d.jpg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 46 KB
46 KB 66ms
63ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/366b546d.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e58946d0427ca9aae457582fe5ce54873a9863ad073901c212d47076fc865f06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:00:19 GMT
x-content-type-options: nosniff
age: 278231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46764
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 06:00:19 GMT

GET
H3 200 332a3ba0.jpg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 42 KB
42 KB 49ms
47ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/332a3ba0.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e387d84e3f064558276a05c45526347f87d8d0afd5a6a3d32529f3e0a638549f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 19:50:53 GMT
x-content-type-options: nosniff
age: 228397
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43458
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 19:50:53 GMT

GET
H3 200 18a96f8f.jpeg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 60 KB
60 KB 83ms
80ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/18a96f8f.jpeg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ec0a7e5ead4e82767fbe36a9277d714c89731ea719b04976acfcedc192dc8e92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:43:31 GMT
x-content-type-options: nosniff
age: 304439
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61855
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:43:31 GMT

GET
H3 200 31152810.svg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 302 B
262 B 80ms
78ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/31152810.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:00:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 278231
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 233
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 06:00:19 GMT

GET
H3 200 ca3cf992.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 2 KB
3 KB 168ms
166ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/ca3cf992.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b8897aaf8bcb4fda8e1ab3c189b898b336db6648567a6e40788a36495aadcd6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 16:22:42 GMT
x-content-type-options: nosniff
age: 327288
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2548
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 16:22:42 GMT

GET
H3 200 6eb0cb99.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 4 KB
4 KB 98ms
96ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/6eb0cb99.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0a0eb1723fb6707e32a0f0bf794bebcaca9aa48b414a9569fc4fc097d0451c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:16:02 GMT
x-content-type-options: nosniff
age: 306088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4322
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:16:02 GMT

GET
H3 200 fa0d9c9d.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 2 KB
2 KB 64ms
62ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/fa0d9c9d.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ade01a74fd1cb8ef8f25b198381383d99653ae928159db62ee68c02e428bdf71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:51:29 GMT
x-content-type-options: nosniff
age: 311161
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2256
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 20:51:29 GMT

GET
H3 200 0d9d84b0.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 4 KB
4 KB 81ms
79ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/0d9d84b0.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a08282d04fb831a0c3f8537f20ffea297b60e06dd55a20ce3e7c59f629bf96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:08:02 GMT
x-content-type-options: nosniff
age: 568
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3901
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 07 Dec 2024 11:08:02 GMT

GET
H3 200 d530a180.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 1 KB
1 KB 101ms
99ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/d530a180.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

619ca2185e7a7aec6e245353e6e5ae2e50074701b3c99629dab44cc0328a9d26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:16:02 GMT
x-content-type-options: nosniff
age: 306088
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1153
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:16:02 GMT

GET
H3 200 87d0bcf6.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 2 KB
3 KB 105ms
104ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/87d0bcf6.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecc2767364a88d8a86871edf4cbd5c4ee4194d51dae8ea3191334129d61f5e0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:46:02 GMT
x-content-type-options: nosniff
age: 311488
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2555
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 20:46:02 GMT

GET
H3 200 d3ce6798.svg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 820 B
499 B 102ms
100ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/d3ce6798.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 143077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 470
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:32:53 GMT

GET
H3 200 1147abdf.svg
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 769 B
430 B 104ms
102ms Image
image/svg+xml 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/1147abdf.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:38:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 304744
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 401
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:38:26 GMT

GET
H3 200 b2de7813.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 2 KB
2 KB 103ms
101ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/b2de7813.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5ac955bc1d8a0670817d126c88c363eb36d847cfb25968fb1417d0687f5b416

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Tue, 05 Dec 2023 06:00:20 GMT
x-content-type-options: nosniff
age: 278230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1598
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 04 Dec 2024 06:00:20 GMT

GET
H3 200 34c934a7.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 3 KB
3 KB 106ms
105ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/34c934a7.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf79083eb3f8a28c6b6519705544bc6567294f276ebfe784c3f4839960d57036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:53 GMT
x-content-type-options: nosniff
age: 143077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2995
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:32:53 GMT

GET
H3 200 0f373144.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 1 KB
1 KB 121ms
120ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/0f373144.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 20:36:51 GMT
x-content-type-options: nosniff
age: 312039
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1308
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 20:36:51 GMT

GET
H3 200 c8840ccb.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 3 KB
3 KB 120ms
119ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/c8840ccb.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:53 GMT
x-content-type-options: nosniff
age: 143077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3020
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:32:53 GMT

GET
H3 200 e4c8127c.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 10 KB
10 KB 108ms
106ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/e4c8127c.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f0aacb9fc53be9453460eacb672c163d598e96eeab562723bba1105f42c2742

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:45:23 GMT
x-content-type-options: nosniff
age: 304327
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10011
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 03 Dec 2024 22:45:23 GMT

GET
H3 200 6bb9e46a.png
s0.2mdn.net/sadbundle/8062992220002713600/images/ Frame D2C0 24 KB
24 KB 114ms
112ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/8062992220002713600/images/6bb9e46a.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

041c6d21d9830d11d4312b6f6b50f2388c4d0758976d4fbce74ebef388184920

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/8062992220002713600/index.html?ev=01_250
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Wed, 06 Dec 2023 19:32:53 GMT
x-content-type-options: nosniff
age: 143077
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24274
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 12:59:12 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 05 Dec 2024 19:32:53 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B253 0
20 B 79ms
79ms Image
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=44&t=2&bgai=BZW6FSPtyZcbFCPOjv8IPjvOcmAUAAAAAOAHgBAI&bg=!MTKlMn3NAAY3kmNgF5I7ADQBe5WfOIHIvR-_UjVoXK1TaKGPDrL-EyeJOo6XthMUyMktPC5K4_n8p1T9jwxv9EqdtpovAgAAAEhSAAAAAWgBBwoAazewzSFkVkHO9XhrwoRBgNt1gFCTpKySYk94CEM5qHx2aezyNBUjyuxZn9weaz4-_RQbHi9WdcK8TQPsTF6WlLwFLOqDANKC1cH5OFFjzKW0Y-8IKFFWzVgwXSGpV6vHgDSDbO_-YeHtKp5BmQMXsGNtXHdn3ODRB3Ady3TNurJ_neXFvq0vTlIRh6sD25xFmJqKHyWUH8n3AlA4zQBtLyXqGQXOdyZcgJt8pcMt8_sgGggJ6WwQ-ghOydpt6q3Dunwxnt207yPEAVwiw3cCqVz-2tjpmGodTzb379HXdsNvN169Pv39ce-0QNLB6wxiNE0ycBnPh3MHdG5uaxt4Ut-2lvmioLeK-kCsSVYfIMhoNIu4GRJj9ldZC6r9TZ9uWXEaU4k_IFsu5UGKI8mCWq_k388CpZc-GOS9SeUXcgpqSbGNhy4v5K2_BUkxCFFPm5vvl6BffAtKGJcSzIwdns2eDO1Rgwnh9cPJiESwzrtcZaGEu9tUhsEPxVfltpakySi6g917wrGhx0xBGqrSHX04JlMsB13ceywkbTMeAFrPTneAAlGJuaJp5rqMMd9JK2gpz2G9NebHXSgMEghNcbS9_cx1Aeoy0mqcIK06K-toDMEoKjNoI-WPIcapMiXXssx30X7egfjHmp0VTMrE0Kbd7MPTEzqxEiepNefHy5scTyF0qBVqwkZ-HqipLsgLd2s2qjLr6om_z6AGburssaB3WHGq9lBJ_VKQ2lNZXaTAY2bS8TN6HFN7zByT_EJ8gQtwxUtIKCX6dNo9cXqPBI4xw6En3Go3WJPmvP1lbsZeZX9XaAIqeqrJ01SGOBciRxfj3twwKMVPXx4ihbiP0M-Jta9vBO0kdQEKjixdKURfRu0l6VikXcjygf_xmnEVD6pNbQmlK6xbDzsA_WobLevQeE4rLzQXt-yJCJeBl3RtAG-KvelUxa4HGSUHRweIoBYiBpggMflGeAJ59CGkPjWkm5yuoDAwWG-f7UBca8PCgLuGjvpIL5y1JNSBKsGl4PLq1IDgY8o7ZBFQVazf5bkcuQBALw4MFojC8e7gpJihKB1wBxq80YK7CCs5mYcRttQZciP6NL46uTnO7vgbpN477rn7NW_A3bNL2g2BHBMk2skBQEfu-kRkpezxI1cgdQFc8nokvGJO9HodNcBVtkKIcNew_Jhux8Y9nt72BnCa6lCPMg4

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 view
ad.doubleclick.net/pcs/ Frame 3BEA 0
0 76ms
76ms Fetch
image/gif 142.250.185.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/pcs/view?xai=AKAOjsvhWSISn_xSh-sbU0F0W7S1o6QnLuuYRjbc5IQ0cp6X3nd4_jRlBQ2GHI5XhInMJaqS0VgVHw81v7QbfANs-hYD8pqGyFLXpkmD8eBKFskD1QqGQ9cJZSqrU5a383RmaVlMUrRYFpyPDmoa5ibhhf4SYQRPxMZSX3XcU1-mn-gEx0VCKPJBCASzyv_evNGKpSHNkb9UNY7QJ4ao8N5dmzTgE0spL7faevO9StgVMf4XXeXsdqG0uYnndZ0AmGCmYHesybR0FYs8irAUAHbq3TpeBdW5Ekib_HdWVLVcuOMPyyyx2u_MG9PWW5aW3Xq07QAfgvLdXrzdJ5KLpjr7oPajvaLCa1gMoyWMDEHTp_S58FgIKBIHEsAHuwAxiVu40OosVjrJeN_9GrHQ1o-fuXf_Y0tFR8rNT_67dmq8CLd_8ClkWpGuBSxoaXfpJWfsfETaHVU4mFv0xuSdG0TFDd_VHssBljYXfnfVYH0wsAXKpwn5Vm_MnDzJpGLbiNfBaCfEJdcpbs_XnvKFmrjPyqHqUp1TvJHSOXSW5U8hDg3-GPji9c8JZjb2tUO0Up3-YRTF7IvwcnqmmWqOx5ebJ_D0ah0KjIOJ_h3LnhggbbkGc8_A2WuqZHQ3e3l6pWnzJO2XyqigDChulyJpxV-BuJOYKxLQ3SFr0Zfhu6UR8rVXaxD1PpIEX0go0ZBwXlAbtk2uePQgmmlHmyPg02EtkylggbCL0tWOdA1D7XGOs7vvIIsYbVq0VsNUvEsV3iS528b97u_VT9ML7tLk01Imtx5ngAN4eG92_mkjLJIP4vz3y61SOj3YTg2zfF_D6iAaVlyNh1u-KW6eEhAOf4z2eOk8AqnKFeRaYRIrwc8marwo3rcA1eoF12CeKIIdaF73XeFXfTvgRrG6f37nVx_wvcny3DnxLpJGpFNoVTJw_QpxUjHyx0YtFxf2gAOl57QmgRErr7jc4KsjApv2oKqxthQ_ls799R4FRJQC46BdccVU_bB8KeGgZY5fsgBN3vN929ftq3ny3ncuNYKHqeoa-C07-KaVjdp5R6byBnIQEMFYYMywGyNwT9Elk8opKJ50wzazzvpPRNmkVZeZpPre7IF1Duho2mojIlSvgvnrsUXB7NPQcBGEAKa5azThdTB8AO5Uxmkh2QlWhCW-_Stj5yOh8kVvQXBgQ8kzFx2QPFCaJKMxIVbC47Ho2F5QJRUGg0REIm_SUPYD5z1nsC2S7JtSsUoyZ4CQ91NIeO3N-PVGiGJP8rAZhtVD_JF1-30HoExLI4Y1gVSGkmEi7ZxCyIp1ZbytS5aYxasEC6sDdJSv_qqc_yPwPcpQk1V_-hdd3z_pNo2u7D_O1S8vF92i6VL_URSGdF975ZvsejPMRJXpiwrZi_K5UG4JCuyzndHsXJ-eFccFZdkl8daSC8w71lQjF75Rr7eLHCt5W7r0A3RUUw-9JjegcQd17w&sai=AMfl-YTv0s-xECxm61Rp5elzRfTa0Jb_uIJv2hAfKO4GWgxrOQTlK8PkkXwBSN4GILsgFvnykaVeXYULsLaZBx7v7EnB60nxErmMn9Kpa_NMIwiUbGkNGL2_DHtR0B4V0KsVzZmDAIJXvEiWmXsi1VwILPGML8wdNwttiJ62D0kE46hIRyQJkEPqAVWMTJLp6IbgfT4t07satoSehy6_o9rbK4aQ1mdKNLAX8b-51Q4FOGyQSNe8aZ5uMmHDsv9IMQsYYPzOknsg38wxZFSLiu8kpEXTQUUcYs6JPCwmIvz0noRkwNAWr_ICJy1E6Gh7H-huRFWsPKgm2qVgfXLCvtgag2lCKYuKm6IRkVUpiSqf_vqZHhLF_UCBSeRBHXZEpfvERjEhUiQylsmxBbbkXR4b8ZUjQAHKQVRRjmJ_XlRHFG-FzOVr9DNEG41nNj1L3bV72J5-i41Depg0tNU15MqGINu6KngtQ5uc1RL5Xenv5FpejW_9y00je8vhjav7NEwNgaV1GwU&sig=Cg0ArKJSzA8It5GFAYakEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&crd=aHR0cHM6Ly9zbWFydC5jb20&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=844&vt=11&dtpt=526&dett=3&cstd=316&cisv=r20231206.96842&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&arae=0&ftch=1&adurl=

Requested by

Host: www.diabolo-mox.de
URL: https://www.diabolo-mox.de/index.php?id=70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f6.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 167ms
88ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231206&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f05923e4ab288a9056bb3fdda3d92efc1ca039a8828be49eb19b1013196d682d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12176
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 08 Dec 2023 11:17:30 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 8AD8 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.diabolo-mox.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 10:07:36 GMT
expires: Sat, 07 Dec 2024 10:07:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame CAA0 829 B
1 KB 138ms
50ms Document
text/html 2a00:1450:4001:80f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

323f5267541c5e13db54c3b5ee3a93a48e61c6ba7c5b8290995c3a03b85c4180

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-azbkh-kIBuYlhqZ5ErfePA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.diabolo-mox.de/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-azbkh-kIBuYlhqZ5ErfePA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 08 Dec 2023 11:17:30 GMT
expires: Fri, 08 Dec 2023 11:17:30 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 8AD8 39 KB
15 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 10:07:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 07 Dec 2024 10:07:35 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 8AD8 0
10 B 39ms
39ms Image
text/plain 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?JpXmPg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

date: Fri, 08 Dec 2023 11:17:30 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame CAA0 0
0 72ms
72ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231206&jk=949612705586006&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3BEA 42 B
64 B 77ms
76ms Fetch
image/gif 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvGgk_wCNMUYwTcP3jPnZiAsffURtAU1KbdegyO6ayUunxu-7WGrz6wqwIDqbQ5bZvDzIsOu147QsWeFgErNxdbu41pkzcqqdjsQWFZfw1ULTVSiwyut2eevmakZJqLNSrbSErWwT1J1tFh&sai=AMfl-YTAiuFkPQtF7AF1xEYmJbDT4jrZA_cLZQRabCFXz6gPzz2DlosWTTWpYWuTJ-6zmgd0fegKtvx2YSfmhohDteeBf27QU-EyzeARO0Ew1ZxFFqko-Ez4X_FcRnsNEMvC6UQ47slAhFgWRlUtyzNNZWYHy3i9lnf2c0E&sig=Cg0ArKJSzHHmQrQcPv8mEAE&cid=CAQSTgDICaaN3_OyZM5x5iQFHRgZ_Sxl0SdxK34lBUBZIVWYzXIyL4jikMEJtelVYZqAq0DHEQvqFYtOmDtyFx57svsiGRcG13piyA4WYcILGhgB&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231206&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3418064606&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1702034248044&rpt=1862&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Dec 2023 11:17:30 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 75ms
75ms Image
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231206&jk=949612705586006&bg=!XV6lXhHNAAY3kmNgF5I7ADQBe5WfOC8XYGSPaQq8LIXdS0TOsTvduUjtgBDr0DcsHrCn8g9xP1I3-OFSbyPvO2HPHT5iAgAAAD5SAAAAAmgBBwoAIjFj_gWCb_XpavocKdoMB4-9kmJFWfj4ogi3zd4VImTl6ZGZAviWxu3NyUV4G_RQSidpau6Zhty_iIJtF0TM6srYOvIHxn6ZuZdiAL9SW_ptl1FSGl0i-lSx1GYvXkCY2qVNUDvOQcVlQB8hhwE21GyzdNUDNLRjj5V0XuW34zpdYnAEtLrN2P199nQjds99C6QrMml6kpxpTUtncar4HjhvY55anyPS_A0j_KjOS5EkrfGh0CAu77tSuEUr_R2lz7We1pBqTJW26RPm2OOd4d67XabVX8CcC3XuiZ_KOg2Vy5Y_LMOpPDF4-cSaLG5kEyyDSU1gzVC3UUH-VFaZT1friW0ucGr66-xSlnoYNBVIVTGsArMk1wbfWupomjv1csFNHfVAd2W2YJrZ-9z4G026b2WssMDo-4oAq1JN5IuW8ApNPVw4VgmOYdh8Oi0mnOgknAHqA_wJ6_bO45PBwHQxmkOEBpduqJIiZe70OQWOhpuOR0p6rBnrLb8V2hzH796XUYBnPVUE03B19qMILOuTCvhFrDCqaHaYpfN0b_Te4SSudeEyXLw4wZ7ODMpyokVLhohKtvanFyYQ3yi9oi6vctEZUszj_9_b_NSx8BvatRv9CifibiOgn7toQwH1FGjL0wG_yi48hSSxtwE0WLYIT3DFqfxz3g4M7HTDm9leX7SWyBWN3Bo0Lb_pWYnOPsTjbUzSpbQij6jbbWPxJ-_WkwvXAkRY8JuAkkuvsP2dSZOjeyi1UqqxROdTeoh11yZdjitnwKR2zFUlKLO5u_kuvFWt-WQIp1Tc8IR2ZVORe2I4C7FRMjHyBdTqtCgkvwDfoe5RzGgeohYDVnjwWNN0eKr7LUmyTiggKsOge7Uk7XWX1YgxRgIofk3gQtevbxOkBT-Z_ite9mQ4_mMRo5uF1mFss3oLiZMRHj-a7hF5Qojnu8NTkgIvJJAzbgpiBqZjEuKN7V2hgK_6OYZMeA8UBZgG1-sWTgjXHksmcrEMLUt-67rCOBvsj9PhmmqRsrDMqSCPI2humip7xwU0PGfvIdHhitzrKAacNfjr
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.diabolo-mox.de/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.71 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.diabolo-mox.de/	1969-12-31 23:59:59	Name: PHPSESSID Value: mr2atupvcqaf8hduq70o5d46k7
.doubleclick.net/	1970-01-21 02:08:50	Name: IDE Value: AHWqTUm6MRa44y3_6GXAh-3MxdC3gHIPGDGaYW76Lvgzr3NUuAgQpXr-7i67WbuE
.diabolo-mox.de/	1970-01-21 02:08:50	Name: __gads Value: ID=4a5e64b4bce415e2:T=1702034248:RT=1702034248:S=ALNI_MYTwM2sFnM8R7mQPhyzYLgqnqZ9pw
.diabolo-mox.de/	1970-01-21 02:08:50	Name: __gpi Value: UID=00000ce45f837174:T=1702034248:RT=1702034248:S=ALNI_MayCXRLXsoUDL6-Lhhmm3q19p6L4A
.adnxs.com/	1970-01-20 18:56:50	Name: uuid2 Value: 267156648109538411
.adnxs.com/	1970-01-20 18:56:50	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C'!rMbc/!]tbPl1M>e)ZlrFUfJ+tGXxo<@evm>HO3b4UH`waZqyKqap1CF`dY#)ZhY5w3If)y3KL9D3I?+UNjuCK
.casalemedia.com/	1970-01-20 18:56:50	Name: CMPS Value: 3358
.casalemedia.com/	1970-01-21 01:32:50	Name: CMID Value: ZXL7ScfEHW.Qmo.PJrETTQAA
.casalemedia.com/	1970-01-20 18:56:50	Name: CMPRO Value: 1134

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
dsum-sec.casalemedia.com
googleads.g.doubleclick.net
ib.adnxs.com
pagead2.googlesyndication.com
s0.2mdn.net
tpc.googlesyndication.com
www.diabolo-mox.de
www.google.com
www.googletagservices.com
104.18.36.155
142.250.185.194
142.250.185.70
185.89.211.12
2606:4700::6811:180e
2a00:1450:4001:801::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2001
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2002
2a00:1450:4001:830::2006
62.113.195.133
041c6d21d9830d11d4312b6f6b50f2388c4d0758976d4fbce74ebef388184920
0956e35585c290779e901b3db95cb246b5d619e5cee64ac67507f162fd58d30a
0a0eb1723fb6707e32a0f0bf794bebcaca9aa48b414a9569fc4fc097d0451c47
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0d45ac500c9bcf7667fa7e120cbd8b21aa1048042ddfaf8e67df93eb1b431eb9
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1642dd5dc126df4feff2255cba0988528507973d842d0a73331a5873f6b9d4e5
18c6b8ea2d8f33bc19132541719dd24a23285c0c15563c75c493cd6653d45164
19a4ddfea982d7cc4486684e9c9bc17130299b395ff19d775e5567332c0077b0
1fc8dfdb8f646e934bf93bc6f793604bb12c6b304c04ac509aa86cdc1a2dbbea
21602d46c4e666495bdd0f84c3dfe552b57dd5111b4f1aa970a637c747635b81
260b4517db598032c52a42229d4b19d51604acc6aaefd091430d6fe439da4528
28ce75d953678c4942df47a11707a15e3c756021cf89090e3e6aa7ad6b6971c3
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3233190287f115105de5b5a99c5418e34b73b59e56bb84f681f1b5f90c553cf5
323f5267541c5e13db54c3b5ee3a93a48e61c6ba7c5b8290995c3a03b85c4180
33f9ac1cb36710f72dbcfcc9a543780bd80e96f5777a1e1d4c83bf61740bcc8a
3753e68a48a4e3d800f7c7355cc2199f5f758a74cfe9b5b84aa40da30efcf003
435db380c9936c0970dcd3d9941eab6aec2fcf2a38c3e2b4e02d957e8e76bd1f
43bee53229b0e308836bfd9b6bac0800ab708c82e352498264b7b4e68ca270d1
48f93e3937054551ff4a887dca69a8fc91561c11f52a53a262f6741bc91a9bb2
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d6148b7c3275cd5980a7903689546ee11ec96f11f4611a2062905578835e692
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56809350ae5f6d54be44275920d2939bd33d25a5af6d0ab390f9a5c8c98faac5
5752172cb781735546f61b352f43e8270065e9ca28230f1a7b2a703a9ae9ce04
5a5bf70ae0965d134f8645e89bc257f12228cccd2bb26f556e645dca5859ac2d
5a883634f3aab7175f746ea08b25de148643997eb34d26f467e700ae15bf571c
619ca2185e7a7aec6e245353e6e5ae2e50074701b3c99629dab44cc0328a9d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b270180d0e609b27ca23ae869cca885da070a7541efa124f1b03bdd008b2f66
78e1524fae2574ced7d621aecab2549dd952ae868284e59bfab69d6b6565d196
7f0aacb9fc53be9453460eacb672c163d598e96eeab562723bba1105f42c2742
80a68ec3d5f7400b3d46e7fa8667780981c482304c1afadb95a765bd314b52bf
84ec131112ca132c741450c29f43750d4cc516f7fe8d642a35092729373c2e90
86dd8903fc8e1ea80fe3023f3fc0d42c6e35b0f0df048c0ed24a499b453f708b
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
92a08282d04fb831a0c3f8537f20ffea297b60e06dd55a20ce3e7c59f629bf96
99a3f1312dea361df08f7597dbe7948e5dc731c8176307d11bc666bb96657135
9c764c7af8ea40be58356e7df87b6122af162ee3b435826bb597a8a526fbfed8
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a04fa6af32e77548f1c3e27b7014f3520c7494f317fa80b58f8704de83e4b821
a112eaf2a1694b6ce90127e3ddc7692712b4331b3bc8e01c6573bc0526b150a5
ac1c8f94750b39b12327a5d0c56fdf946dabfb6d91e5d2a202879ff9a5d67e29
ade01a74fd1cb8ef8f25b198381383d99653ae928159db62ee68c02e428bdf71
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6b99c7cfae5ccf0a35450e89ff361d7a7a03401b76f54ac9964c4f2e3ca8c22
b889285d70207e00882df1a4bfd4604d5feac7eb05aad677ad75599b816a77e1
b8897aaf8bcb4fda8e1ab3c189b898b336db6648567a6e40788a36495aadcd6e
bd5d0baaf99608b7094e1f8ac7583c72734faea816bc09bbdbe9a43fa735afe3
c4b813f7aa04eca20be469b259cca2779799f58e280d73488bd7386940d2d146
c5ac955bc1d8a0670817d126c88c363eb36d847cfb25968fb1417d0687f5b416
c8e874e9cae9355a2e975d4ab946f59f86c38cf28afc31c66b6381036f7b99db
c8fffb0b438b7f9403ccd47fddc2de355f2f685fe2f59ac9d4c15f82854d79b1
cc45ca4d679d7085db8e71d09ccbfef07e7bc9acdbd06df18c5a24deba287884
ce68394c978c8c3a143407bd5f2aac41fb6bdfc088a3fa9cfe0d1b5acb0a56e1
ce826bbc33f6d044cb97dfb88a863b387950e456d76bce2356f8ee54687d515b
cf79083eb3f8a28c6b6519705544bc6567294f276ebfe784c3f4839960d57036
d02cfe06270f473f578e5ebe6d78b5f0184496b294e1f17224c26f951b640d54
d55db532c8415080e8a52b0cbbab6992ec30b5dbfe51797d7c22ab3690c3b082
e387d84e3f064558276a05c45526347f87d8d0afd5a6a3d32529f3e0a638549f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e58946d0427ca9aae457582fe5ce54873a9863ad073901c212d47076fc865f06
e62a2701a28a5b79a5c3a158c144bced77e069797e96a5af2c3b3a1feb7e1142
eaa2aee98ac27ff97e81e010ff3b1d996a360f3a7f41fc532bd3f392ddca00af
eb439943aec54f7158ea77455300494c9e2f9e685dce4420df41d1d03dcfa03a
eb66c7c9d097d5ba414230f422484c17fa6f37157d30e1ded2cc5f65a9667987
ec0a7e5ead4e82767fbe36a9277d714c89731ea719b04976acfcedc192dc8e92
ecc2767364a88d8a86871edf4cbd5c4ee4194d51dae8ea3191334129d61f5e0f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef3cbe5d0192838107ea2d091f92f6efc55943d2b3287b9e8c97622238a1d644
efc85c7eb141819717cda0033484a84b1c890d13b02e355a2fec79d424b20e7a
f05923e4ab288a9056bb3fdda3d92efc1ca039a8828be49eb19b1013196d682d
fcfda3e674a619a8d4bd5c179ab2f32d2d117794960abf488ea5f0de1b17a668
fda1da93674dd8d4b1dc19891757979b58c68a873dc41428d16e74aa9ec2787d

www.diabolo-mox.de Open in urlscan Pro 62.113.195.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

82 Requests

95 %HTTPS

58 %IPv6

9 Domains

12 Subdomains

13 IPs

3 Countries

1919 kBTransfer

2825 kBSize

9 Cookies

0 Outgoing links

Redirected requests

82 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.diabolo-mox.de Open in urlscan Pro
62.113.195.133 Public Scan

Screenshot
Live screenshot

Full Image

82
Requests

95 %
HTTPS

58 %
IPv6

9
Domains

12
Subdomains

13
IPs

3
Countries

1919 kB
Transfer

2825 kB
Size

9
Cookies

82 HTTP transactions
1 data transactions