special-msg.com Open in urlscan Pro
2606:4700:e0::ac40:680b  Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48

• https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX1e_ulQEQsAkYrAIyCEPTqbyUUjNr HTTP 301
• https://tpc.googlesyndication.com/simgad/8234708819675425215

Request Chain 63

• https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfm1IQaGJZcDlMoTJ1PIPmbaNoAfYs4nKdObV0bTAEdaV666LDxABIOS9qpUBYJXikIKgB6ABwbLT2wPIAQmpAu9_vvbrerI-4AIAqAMByAPLBKoEmwJP0CiaXztfc_P5tIiqTuvdbBt2xNeCbL-_zsXef-a9bRHpfRzCH2r_KUesigNkBM2WEXw2ldZHHrWfoI7gM1eo_SnhQUE8Jj99SmqGFV5SW4HkvTGXv_2tRta_AA2FkWv0f9dE-Cp28iyDhV8oK6lcHsCCiXx175mNIKo-CTkmRohD5EZuMFs5yzv82O-iOeNRr8VFoOZlTc6blF3t7gEJzC87doTjJMxu1zaNwe4VKgIn_Qg_xYvDdem6_7GXuDmMkj5BqAH-N9wzirkY8FauBNrD20I3k1t0U7VZsQ1ukMiiGd0w5doCKlV2ak_0zVFM7sYvHWeKXs5AtOfJz_tcnvNgc0W5q1k0OQxKByzb379S5RZRmpHKSAmwwATuk7GQqgTgBAGIBdfrkL1LkgUECAQYAZIFBAgFGASgBi6AB4HY56ABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEIKsJdIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYrvLZhvWqgwOaCRRodHRwczovL3d3dy5qb3luLmRlL4AKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC4g0TCL2g2ob1qoMDFYQkVQgdGVsDdNgTDYgUCdAVAZgWAYAXAbIXHwodCAASFHB1Yi03MTI3ODQ4MTE5ODE1Mzk5GOevhwE&sigh=lFolWG6H16E&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_TOCbwxBYjRnRLUVoIo2uxmdSF6skFm4DLUpoLPbxbShULC7C0sj5YasUJR7gq5qIb5gTy5e_sQCzEuuVyJCrbwF6c3Hg-zrCOW8YAQ&template_id=494&cbvp=2&vis=1 HTTP 302
• https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218103598218901962833%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997513537%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221367227793408828209%22}&andc=true

Request Chain 65

• https://www.google.com/pagead/drt/ui HTTP 302
• https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

68 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response special-msg.com/fn/	16 KB 4 KB	292ms 244ms	Document text/html	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash e9ac77840a94fd3b56e57f476be6393c5f906d826012a59257c41665c6fbbe01 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 83b22774ba9e368b-FRA content-encoding br content-type text/html; charset=UTF-8 date Mon, 25 Dec 2023 15:35:28 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GYtL9%2BSwgIza7rvJXEjNRKL3Fh0nI1gPvXRjLsIqwMAwtoRhSiHCrvzvTTm1OaGGQwte9JTklMkpsZ%2F7c7l%2FloCDzitccFQuJBidNwA4KMViOyjkCCDWX%2BbQSj1YbQ5fFVwf6c5O8geJaoA0pD8%3D"}],"group":"cf-nel","max_age":604800} server cloudflare vary Accept-Encoding
GET H2	200	animate.min.css cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/	52 KB 4 KB	33ms 16ms	Stylesheet text/css	2606:4700::6811:190e CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.2/animate.min.css Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8fe3fa119255adb5e0c12479331f9e092e85bcff56ab6ecc0510bfa2056b898d Security Headers Name Value Strict-Transport-Security max-age=15780000 X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT content-encoding br x-content-type-options nosniff cf-cache-status HIT nel {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800} strict-transport-security max-age=15780000 age 2210813 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=86400 content-length 3279 last-modified Mon, 04 May 2020 16:04:58 GMT server cloudflare cf-cdnjs-via cfworker/kv etag "5eb03d2a-ce35" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Evpn0ytwJYyVDy9ph8vvQbZH3GNSLR1J3SmD1KZ%2B15guYScY9kEs0gpMP9CrvsZ08ONKCRM9k9oU75Oo8WvCr56%2FyjegGrnqwOaTNDV09eknfLmJAMaqUaGsINgJIqVxLdCdASSsvqCUYZxDHCOVZQu7"}],"group":"cf-nel","max_age":604800} content-type text/css; charset=utf-8 access-control-allow-origin * cache-control public, max-age=30672000 accept-ranges bytes timing-allow-origin * cf-ray 83b227766a192c46-FRA expires Sat, 14 Dec 2024 15:35:29 GMT
GET H2	200	jquery.min.js Show response ajax.googleapis.com/ajax/libs/jquery/3.5.1/	87 KB 31 KB	160ms 50ms	Script text/javascript	2a00:1450:4001:812::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 18 Dec 2023 18:22:37 GMT content-encoding gzip x-content-type-options nosniff age 594772 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 31021 x-xss-protection 0 last-modified Fri, 08 May 2020 07:05:03 GMT server sffe cross-origin-opener-policy same-origin; report-to="hosted-libraries-pushers" vary Accept-Encoding report-to {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000, stale-while-revalidate=2592000 accept-ranges bytes timing-allow-origin * expires Tue, 17 Dec 2024 18:22:37 GMT
GET H2	200	slide.js Show response special-msg.com/fn/	4 KB 1 KB	24ms 23ms	Script application/javascript	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://special-msg.com/fn/slide.js Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash aea607f39789d4cc03dd33d5518a1e53d419c379c618b7a19d6e3a06f4f14d56 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT content-encoding br cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 449506 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUqSjmJoEYKbEXkMb89BwsPF2CTmdtkK9tBU%2F%2Bl%2B3eBzmOj6YT1hNNZylC36fivr6byd%2BJim3gIiXQ%2FlOIXhlXK5zowLWtKeUT4PAlzNG6f%2BntZBzx%2B2Ttywtz71ev552zvREz6qrQsCuanlPjA%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control public, max-age=31536000 cf-ray 83b227764c83368b-FRA alt-svc h3=":443"; ma=86400 expires Wed, 27 Dec 2023 10:43:43 GMT
GET H2	200	right.jpg special-msg.com/fn/img/	11 KB 11 KB	21ms 21ms	Image image/jpeg	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/right.jpg Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash cfbb3edc37e739352e969cd2822fba8ac608f6c29b84e86ecf59f22dbc271631 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 444196 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6gKj%2BCuPt3jLdrMuiKo9l%2BkeGJRnwJSoGaYKSFyZ229nZ9tTNHbzcry%2BngBlaVkqWnfT4H%2Bd%2BsJv0Ei81dBPfq1bNRr8KH5wSSWOwHr9wlh%2FVu29L%2BvB0wWJdbJpW1gMsqggYUxNStD8qNN2gTk%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227764c86368b-FRA alt-svc h3=":443"; ma=86400 content-length 11159 expires Wed, 27 Dec 2023 12:12:13 GMT
GET H2	200	left.jpg special-msg.com/fn/img/	13 KB 13 KB	24ms 24ms	Image image/jpeg	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/left.jpg Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d3b68d10bcfa7f86fb9f78c3297ed60d60791432a9bdedd3e70355cb81563e1 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 444196 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9wnioFFUpISwsQzXRzI9SNF2h7eBBniZnErVZ3adXz5%2BBpmfPEOw2cvfD7QdjN3ec%2FNX1HCV8KVKd92gP8d68f0nB%2FkvAT8Oc0ELTTHxGTW3yVH189TwcKnBsGLFTqcJOB99iN7lkkNTYEZZL%2BM%3D"}],"group":"cf-nel","max_age":604800} content-type image/jpeg cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227764c87368b-FRA alt-svc h3=":443"; ma=86400 content-length 12810 expires Wed, 27 Dec 2023 12:12:13 GMT
GET H2	200	arrow1.gif special-msg.com/fn/img/	31 KB 31 KB	28ms 28ms	Image image/gif	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/arrow1.gif Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 398558cebfc5c6d8e68ad8be27edabef2b5f0956c92351b44e9c7d90995512e4 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 361919 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ii90bV5%2BHQpHSN5DQjlwmKUVMvwlw%2BEHvllortDRIYB1Sa9mpGK46cT0ijP8OfNnBanKSQNSQYaiLHmlGsf1AlVee%2BYJP5ehH0v6PCZeFx43JFueFDPBliCfir%2BXdHmIQpF9El%2Fi91HdIxuDjio%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227766cb5368b-FRA alt-svc h3=":443"; ma=86400 content-length 31319 expires Thu, 28 Dec 2023 11:03:30 GMT
GET H2	200	santap11.png special-msg.com/fn/img/	13 KB 13 KB	21ms 21ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/santap11.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9a195a78f1a69bcebc4a78f886e7ebe1a42f990ed6f89664aeb483653d979c92 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 443316 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mXiKjbWra2bM4D9QIny7mTKV9mBJvpSlC8uVLCKahGKWyqUlZ9eZAOMQuBAKtdGPkv8ZlYNPzu54iDgsaUQVLT9nhpnGHXQH%2FhRViynpWdQpkPUUp05AThdNbKOkPPQnfA%2F0cDdh3pWm8bVSnLo%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227767cb8368b-FRA alt-svc h3=":443"; ma=86400 content-length 12883 expires Wed, 27 Dec 2023 12:26:53 GMT
GET H3	200	mt1.png special-msg.com/fn/img/	2 KB 3 KB	22ms 22ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt1.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 018a1e6444bec0a354b728fe0fe66c01300de3f716011fac38b129c3932261f5 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 458002 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XR9rOcPPaRl%2BUE0edunWU1Wc5VNhLwke0zDNL83XZNRMlnMaM4Vov0BIZKK8ojH3SdvVi82nSXo9hyY3iIFS4nAJqaU%2FL%2B2IShS9AJjIvr9%2BiBo%2F5kcnJ8vu%2Bu3kwwp7f3Cr6Dx9PWdeqr9oHys%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22776cda30492-CDG alt-svc h3=":443"; ma=86400 content-length 2270 expires Wed, 27 Dec 2023 08:22:06 GMT
GET H3	200	mt2.png special-msg.com/fn/img/	2 KB 2 KB	24ms 23ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt2.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ec655bc0c1b3aea5d4f4ea548d5353907b952521d8434664c17d844b28f2ade5 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6211 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zFLJqRejjf3kos1qgZsNq1wzNo8nsiJ%2F1UbNh8vva0o3kGfFhHAXKanaUvRWb0x45ZRv69o5yahFUeUQEyubPSkYJgraw6aMvliBAz0KeRS8WEnF0lH0darR9Pi5ziujje5aA2A0qAXz9sUCHeA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22776ede10492-CDG alt-svc h3=":443"; ma=86400 content-length 2074 expires Sat, 23 Dec 2023 05:45:45 GMT
GET H3	200	mt3.png special-msg.com/fn/img/	2 KB 3 KB	23ms 23ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt3.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 8128c2f029fb1eaf6d0d18a2873bf6fd4442ff11d00b5f062970901f17015298 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 458002 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cN02n5n%2BvJjPD%2BeiOeub%2FYydCjceNmLLOTLc2vxYB%2Bzrk7UHW5LXa7%2Btd4hnEgJdSG%2FdCVeJQX0CrsPdF%2B7n4%2FiziHcCzIyHgLsjFyomx4yGekibyz25qMQYqXHLaAa9Wxqt%2BCeNWdTxYrnb%2FM0%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227771e2e0492-CDG alt-svc h3=":443"; ma=86400 content-length 2388 expires Wed, 27 Dec 2023 08:22:06 GMT
GET H3	200	mt4.png special-msg.com/fn/img/	2 KB 3 KB	27ms 27ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt4.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 3d9140b6e6c8e215b324ca5e7bb5312ba02e4c5490a6c272a67db29a046f213d Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 296436 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mI5KiHjBQd58Yr33F55jl0Roq7KZLcqUtzxijjf1aInIkf%2Bh2LhmLnjUKxZSc993M8VI7O33E%2F%2FsgsFDgaSkPVKx7AO4jZenOFDpoFaq053oLROM68Gu5T2gG78Yj69vuuDx0JQjsDEwC%2F%2B9QxY%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227773e730492-CDG alt-svc h3=":443"; ma=86400 content-length 2198 expires Fri, 29 Dec 2023 05:14:53 GMT
GET H3	200	mt5.png special-msg.com/fn/img/	2 KB 3 KB	39ms 39ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt5.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 018373c4e7f9ad46ca9e221191ecce57ff8f5ff16b22b30317893290e98d248f Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 458002 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZMQHU62xB2q3mqRbZzNNBKxUfjs5fd9ELrSNRVeFZ1lAOveLwVHkM0u5hFYoU0fJ8iB%2FdMZH0ITHJMxnbs99J%2BiOLk4YdisjN0Ykv84%2FlwtnkBUXsBLm%2FFhOAKG8E2nrU17MMgVH5TTc1PPhXg%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227776eea0492-CDG alt-svc h3=":443"; ma=86400 content-length 2428 expires Wed, 27 Dec 2023 08:22:06 GMT
GET H3	200	mt6.png special-msg.com/fn/img/	2 KB 3 KB	23ms 23ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt6.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 27c285f5cd6be88f2507f8aad6f352378c6ed846eaa482784490022c8a88f669 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 296436 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngscKKGaVzH72ifA1gDdHdi9Q0TKjjsBDQuzJ%2BNhcAWZkt2t79iNDseJYoT6FINRMcTUEvbl1BXJh3O%2F2d%2BotmDdw%2B0JH6N6zAXr4hePxME3Cs7%2Beg0aHiWn%2F7ZE0J8clHrValAXfOXCATVADFA%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777af630492-CDG alt-svc h3=":443"; ma=86400 content-length 2174 expires Fri, 29 Dec 2023 05:14:53 GMT
GET H3	200	mt7.png special-msg.com/fn/img/	2 KB 3 KB	30ms 30ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt7.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0b01d1af2c05cf1d70c67a25549ac61a02483ee40ba3849b40e4efac86a39816 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 520322 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krg34WYBYtdEvSSXjoyONeVqpoVUh8Y7QHaCkYjUHQclU%2FEDwAvXSIajCSpgJgBwveTQxbhTvAgXcliyuexV5nQ7%2FLSWY9smX55CcVTKz0NaOn5g6LN3%2FvAVkrk%2FlF5IvBVwLpCEfI15CqsRSks%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777af6a0492-CDG alt-svc h3=":443"; ma=86400 content-length 2416 expires Tue, 26 Dec 2023 15:03:27 GMT
GET H3	200	mt8.png special-msg.com/fn/img/	2 KB 3 KB	35ms 35ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mt8.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 85bd00968b9967c53e1d131287281fb11eed0eb0775b6ecf98811114d7c2cbe9 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 291611 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qGRX2nkxEmUpR3PiO7FCWVCyiipPXxTeM1cAUUy9KxdUKWNGBa%2F0klYK00ZhAnyoO2320y5MSkHwQpyBr5i1w4qGx7mSEmf8NPJT3ld5r6QZZKIYj2XnwFJXm9VXc5RaF8So7us%2BbIqywmfGYAI%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777bf9b0492-CDG alt-svc h3=":443"; ma=86400 content-length 2153 expires Fri, 29 Dec 2023 06:35:18 GMT
GET H2	200	gpt.js Show response securepubads.g.doubleclick.net/tag/js/	89 KB 29 KB	295ms 184ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/tag/js/gpt.js Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 2275ab8dd24bb39340268ea7711068270272b3ef591fca1f26c2e0460594119b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT content-encoding br x-content-type-options nosniff p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29102 x-xss-protection 0 server cafe etag 385 / 19716 / m202312060101 / config-hash: 17400476758908410755 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=900, stale-while-revalidate=3600 timing-allow-origin * expires Mon, 25 Dec 2023 15:35:29 GMT
GET H3	200	french-wish.png special-msg.com/fn/img/	10 KB 11 KB	24ms 24ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/french-wish.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash b570aae94d282199ad5fa4fa9c50f50feac16ee1d089aac3d78b0ba735740a78 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 371721 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rXakkchoc%2FrOcF1ILwlslSDMxBKSnOWyU5PxPaAaS0tEu5qTu%2Bgg7ECPbYZUdztFj6DTdO%2BSd8oWnzsD1%2FXhQ%2BWJiuezvNuPr3qPWet3w7sE4CeYYGLp%2BMUh6wJ9YZM6zvOyjbv%2Bn4FxecEKOt8%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b227769d530492-CDG alt-svc h3=":443"; ma=86400 content-length 10355 expires Thu, 28 Dec 2023 08:20:08 GMT
GET H3	200	french-mc.png special-msg.com/fn/img/	30 KB 31 KB	26ms 25ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/french-mc.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 9584738035de92e6f65aef5f7f8e0eaf50644a08367badbb09dfee1ebfcdbe86 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 382241 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TGcHgoWekrbcgDOkviv9wZEIi4Pk1xber6es%2BX%2BBy6FaEpzEiDmG8YJlntQ7OpLVTk0NxSwDpiqyNLtfMwhN9KFsnHNI55ManSLWDFrpuiz6EvvCNkirzPrbEkSQyOPfGF9nghaCYnzQyL73cDQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777bf9f0492-CDG alt-svc h3=":443"; ma=86400 content-length 31193 expires Thu, 28 Dec 2023 05:24:47 GMT
GET H3	200	csanta.gif special-msg.com/fn/img/	145 KB 145 KB	51ms 50ms	Image image/gif	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/csanta.gif Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 71d41cbb5329a666d75badde243b56870c83b5be588bf16d7e4b0d82abfcd31f Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 550082 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OGV2S7lJlNiDUycOhVMvZpcCJ9LMK%2BnlVfcjl6e3e0I8qHdQSwuJCgx9iuZjPkhqgROq1r7eCweqGwU%2BfSNZayC81aZaGLBcEYZxLiwYjCowmf%2F%2BOaW%2F36y%2BdV5Csbjl23o37euj0b%2FUQoUzSeQ%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777bfa20492-CDG alt-svc h3=":443"; ma=86400 content-length 148056 expires Tue, 26 Dec 2023 06:47:27 GMT
GET H3	200	santa11.gif special-msg.com/fn/img/	198 KB 199 KB	74ms 73ms	Image image/gif	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/santa11.gif Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 86824081282afd42ba6f5cfafbed592cba2a293b4e02d32304b6efe236b2e9fe Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 542903 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QXmZdXflZKDPjR7Kx2Os6t6xT3vxjnjiJtHIEWVK4qc60ffkUh74gqWP9dtvrBrzuq6rhkbvv0LdoIzIv8Chgt1iX%2FSwfEDahPjGuCk5UISzFjRHtdlZWuPw2YNMub8x%2BZNFmnGt9%2FvVDxcl9Hc%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777bfa50492-CDG alt-svc h3=":443"; ma=86400 content-length 203194 expires Tue, 26 Dec 2023 08:47:06 GMT
GET H3	200	mg.png special-msg.com/fn/img/	8 KB 8 KB	23ms 23ms	Image image/png	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/mg.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eebd89f6220d37742eb9a0188e146fd02dd8bb1305c2d8c28b0a4dd0ad7338b7 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:05:23 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 6580 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ry20wr5ollr0Kq9nTFGgSZdz3E3CbLxQvMICTJ7hqCh838DO%2BUmOJLyPLdHnkXBkr42wcvcJTIg%2FIeEq%2BQDWS8bzBnU4dvd9PNVyuXWExdNPu%2FgwavXNhI2PTAQCsnmAlGdiqvr81lxvNztIh98%3D"}],"group":"cf-nel","max_age":604800} content-type image/png cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777bfa70492-CDG alt-svc h3=":443"; ma=86400 content-length 8226 expires Mon, 18 Dec 2023 04:32:46 GMT
GET H2	200	js Show response www.googletagmanager.com/gtag/	186 KB 68 KB	170ms 60ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=UA-256451268-1 Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 5772ec2da1a035afad49af390e9518e82035335d1fac3c9d0a94fe1a2acf16eb Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 68996 x-xss-protection 0 last-modified Mon, 25 Dec 2023 15:00:00 GMT server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Mon, 25 Dec 2023 15:35:29 GMT
GET H3	404	.gif special-msg.com/fn/images/	261 B 261 B	90ms 90ms	Image text/html	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/images/.gif Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash eeaeb40607984b89c7a1354ee265456dfdeaab017e41cb01e5501d2ccecb69a0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT content-encoding br cf-cache-status HIT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 164 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Raj1WVQfbdOcej7%2BzH2id%2BDk3YQKnAB42ennzLWzAWgMI6oVyK%2F7ho142BxnaN2xVRY8EHYThGd2yHLJyg1nFXru9VdtHoyt1An0oR%2BS9jwn1pXwY9OvqMQCkTCegbucd0uAiiBZqKNmFszUEsU%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=iso-8859-1 cache-control max-age=31536000 cf-ray 83b22777bfa80492-CDG alt-svc h3=":443"; ma=86400
GET H3	200	sname.gif special-msg.com/fn/img/	20 KB 21 KB	91ms 91ms	Image image/gif	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://special-msg.com/fn/img/sname.gif Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 0021cc31ef85472442faea06bf18b65ffa357924a49287f15a124d7883d0b8f9 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/fn/?n=Laetitia-&t=fm User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 382241 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9Qy%2FsA%2FpUA7VHShKIil64HjtKt0H2hroa72o%2FQYgx0mUDVri0hjlk77lCzgwFE%2FciZy1yM9b5Kz8ivdOOYVa%2F6u6Ogbhm75y7xvdan0j7mkZ%2FgOGsWOVkVk8rFc2kjpGE3mppRy229wCG6qdT7o%3D"}],"group":"cf-nel","max_age":604800} content-type image/gif cache-control public, max-age=31536000 accept-ranges bytes cf-ray 83b22777bfab0492-CDG alt-svc h3=":443"; ma=86400 content-length 20528 expires Thu, 28 Dec 2023 05:24:48 GMT
GET H3	206	song1.mp3 special-msg.com/fn/img/	95 KB 0	77ms 77ms	Media audio/mpeg	2606:4700:e0::ac40:680b CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://special-msg.com/fn/img/song1.mp3 Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:e0::ac40:680b , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash Request headers Referer https://special-msg.com/fn/?n=Laetitia-&t=fm Accept-Encoding identity;q=1, *;q=0 accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Range bytes=0- Response headers date Mon, 25 Dec 2023 15:35:29 GMT cf-cache-status HIT last-modified Mon, 11 Dec 2023 03:01:54 GMT nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare age 1686 vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ALYQVBbrdlwuO5S1O2ikthlE%2F76LHPbuRQzp1vyn0eRR2NF7pLppzSD7PsmT42A55Kma9k%2Bw0idqKOU%2BYIJXe0vAdUEuzv%2B%2F5d5QSSPqU%2BHjTJQPm01Kw1nbw2AuIuRcgSg9DFs9ryTmBCUUh3c%3D"}],"group":"cf-nel","max_age":604800} content-type audio/mpeg Content-Range bytes 0-205929/205930 cache-control max-age=31536000 cf-ray 83b22777dfcb0492-CDG alt-svc h3=":443"; ma=86400 Content-Length 205930
GET H2	200	js Show response www.googletagmanager.com/gtag/	224 KB 79 KB	60ms 59ms	Script application/javascript	2a00:1450:4001:80f::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtag/js?id=G-M58YG61YQG&l=dataLayer&cx=c Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-256451268-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash 7956fd96caff869dfbdec3298d945243c32b17d682b84de0f1dc079979cc98f7 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:29 GMT content-encoding br strict-transport-security max-age=31536000; includeSubDomains server Google Tag Manager vary Accept-Encoding content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true cross-origin-resource-policy cross-origin access-control-allow-headers Cache-Control content-length 81227 x-xss-protection 0 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 expires Mon, 25 Dec 2023 15:35:29 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	52 KB 21 KB	161ms 51ms	Script text/javascript	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=UA-256451268-1 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff date Mon, 25 Dec 2023 13:48:17 GMT last-modified Tue, 12 Dec 2023 18:09:08 GMT server Golfe2 age 6432 vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20994 expires Mon, 25 Dec 2023 15:48:17 GMT
GET H2	200	pubads_impl.js Show response securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/	431 KB 135 KB	52ms 51ms	Script text/javascript	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 108cdb682e1d256ba58174d96775ec12fe2e9515ffa2ca7edfff49343a4d97ea Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 10:14:36 GMT content-encoding br x-content-type-options nosniff age 19253 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 138180 x-xss-protection 0 server cafe etag 6854214708762155125 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control public, immutable, max-age=31536000 timing-allow-origin * expires Tue, 24 Dec 2024 10:14:36 GMT
POST H2	204	collect region1.google-analytics.com/g/	0 253 B	103ms 37ms	Ping text/plain	2001:4860:4802:34::36 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://region1.google-analytics.com/g/collect?v=2&tid=G-M58YG61YQG&gtm=45je3bt0v9119034173&_p=1703518529230&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=22054114.1703518530&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1703518529&sct=1&seg=0&dl=https%3A%2F%2Fspecial-msg.com%2Ffn%2F%3Fn%3DLaetitia-%26t%3Dfm&dt=Laetitia%20vous%20envoyer%20un%20message%20surprise%F0%9F%92%8C.%20Ouvrez-le&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=917 Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtag/js?id=G-M58YG61YQG&l=dataLayer&cx=c Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 15:35:29 GMT server Golfe2 content-type text/plain access-control-allow-origin https://special-msg.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 expires Fri, 01 Jan 1990 00:00:00 GMT
POST H2	200	collect Show response www.google-analytics.com/j/	1 B 205 B	58ms 58ms	XHR text/plain	2a00:1450:4001:80b::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1992653015&t=pageview&_s=1&dl=https%3A%2F%2Fspecial-msg.com%2Ffn%2F%3Fn%3DLaetitia-%26t%3Dfm&ul=en-us&de=UTF-8&dt=Laetitia%20vous%20envoyer%20un%20message%20surprise%F0%9F%92%8C.%20Ouvrez-le&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1725412120&gjid=542223968&cid=22054114.1703518530&tid=UA-256451268-1&_gid=486153583.1703518530&_r=1&gtm=457e3bt0&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1474225735 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://special-msg.com/ accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Mon, 25 Dec 2023 15:35:29 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://special-msg.com cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	121 KB 41 KB	763ms 762ms	Fetch text/plain	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3923830971025155&correlator=3586510836892030&eid=31079956%2C31079958%2C31080078%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22727152835%2Cca-pub-1234486617897361-tag%2Cad50&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x50&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703518529766&lmt=1703518529&adxs=650&adys=15&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fspecial-msg.com%2Ffn%2F%3Fn%3DLaetitia-%26t%3Dfm&vis=1&psz=450x50&msz=450x50&fws=0&ohw=0&ga_vid=22054114.1703518530&ga_sid=1703518530&ga_hid=1992653015&ga_fc=true&dlt=1703518528999&idt=742&adks=342398246&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash da2070718635141d39a9c431edee42f637e4ccbfb81a2e0f06db4b1d55cf6cc9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:30 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 41606 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://special-msg.com cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3	200	ads Show response securepubads.g.doubleclick.net/gampad/	49 KB 12 KB	1438ms 1438ms	Fetch text/plain	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3923830971025155&correlator=3586510836892030&eid=31079956%2C31079958%2C31080078%2C44807746&output=ldjh&gdfp_req=1&vrg=202312060101&ptt=17&impl=fifs&iu_parts=22727152835%2Cca-pub-1234486617897361-tag%2Cad3&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=2&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1703518529774&lmt=1703518529&adxs=650&adys=1366&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&url=https%3A%2F%2Fspecial-msg.com%2Ffn%2F%3Fn%3DLaetitia-%26t%3Dfm&vis=1&psz=450x250&msz=450x250&fws=0&ohw=0&ga_vid=22054114.1703518530&ga_sid=1703518530&ga_hid=1992653015&ga_fc=true&dlt=1703518528999&idt=742&adks=996948547&frm=20 Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 5a6a41c144ebe2d951a7e415a5138d912118c613eccdaae0ef8a8479b01add47 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:31 GMT content-encoding br x-content-type-options nosniff observe-browsing-topics ?1 p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12152 x-xss-protection 0 google-lineitem-id -1 pragma no-cache server cafe google-creative-id -1 content-type text/plain; charset=UTF-8 access-control-allow-origin https://special-msg.com access-control-expose-headers x-google-amp-ad-validated-version cache-control no-cache, must-revalidate access-control-allow-credentials true timing-allow-origin * expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	container.html Show response efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 643B	6 KB 3 KB	183ms 59ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://special-msg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 25 Dec 2023 15:35:29 GMT expires Tue, 24 Dec 2024 15:35:29 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	sodar Show response pagead2.googlesyndication.com/getconfig/	16 KB 12 KB	210ms 101ms	XHR application/json	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202312060101&st=env Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ec4527c63fe43ab99f4b97908859635bfa1a5d6003b749a6b319d9b2a32bf113 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:30 GMT content-encoding br x-content-type-options nosniff server cafe content-type application/json; charset=UTF-8 access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12252 x-xss-protection 0
GET H2	200	sodar2.js Show response tpc.googlesyndication.com/sodar/	17 KB 7 KB	171ms 61ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2.js Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 6386 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" etag "1637097310169751" vary Accept-Encoding report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes expires Mon, 25 Dec 2023 15:35:30 GMT
GET H2	200	runner.html Show response tpc.googlesyndication.com/sodar/sodar2/225/ Frame 66E9	13 KB 5 KB	52ms 51ms	Document text/html	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://special-msg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 19209 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, max-age=31536000 content-encoding gzip content-length 5046 content-type text/html cross-origin-opener-policy same-origin; report-to="adspam-signals-scs" cross-origin-resource-policy cross-origin date Mon, 25 Dec 2023 10:15:21 GMT expires Tue, 24 Dec 2024 10:15:21 GMT last-modified Mon, 21 Jun 2021 20:47:05 GMT report-to {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]} server sffe vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	aframe Show response www.google.com/recaptcha/api2/ Frame 5552	829 B 1 KB	169ms 60ms	Document text/html	2a00:1450:4001:802::2004 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google.com/recaptcha/api2/aframe Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software GSE / Resource Hash f944968933a86edcbb8175b4d63661138c97d3027045854c8cafb947706d1cb8 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-U88IT7O1uI03BpBcpaVIoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://special-msg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control private, max-age=300 content-encoding gzip content-security-policy script-src 'report-sample' 'nonce-U88IT7O1uI03BpBcpaVIoA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1 content-type text/html; charset=utf-8 cross-origin-embedder-policy require-corp cross-origin-resource-policy cross-origin date Mon, 25 Dec 2023 15:35:30 GMT expires Mon, 25 Dec 2023 15:35:30 GMT report-to {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} server GSE x-content-type-options nosniff x-xss-protection 1; mode=block
GET H3	200	Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response pagead2.googlesyndication.com/bg/ Frame 66E9	39 KB 15 KB	154ms 51ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Requested by Host: tpc.googlesyndication.com URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 00:00:03 GMT content-encoding br x-content-type-options nosniff age 56127 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15165 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Tue, 24 Dec 2024 00:00:03 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/ Frame 5552	0 0	85ms 85ms	Image text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202312060101&jk=3923830971025155&rc= Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://www.google.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H2	200	container.html Show response efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 2BA9	6 KB 3 KB	52ms 51ms	Document text/html	2a00:1450:4001:82f::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://special-msg.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers accept-ranges bytes age 1 alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 cache-control public, immutable, max-age=31536000 content-encoding br content-length 2653 content-type text/html cross-origin-opener-policy-report-only same-origin; report-to="ads-gpt-scs" cross-origin-resource-policy cross-origin date Mon, 25 Dec 2023 15:35:29 GMT expires Tue, 24 Dec 2024 15:35:29 GMT last-modified Thu, 03 Nov 2022 19:10:08 GMT report-to {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]} server sffe timing-allow-origin * vary Accept-Encoding x-content-type-options nosniff x-xss-protection 0
GET H2	200	css fonts.googleapis.com/ Frame 2BA9	2 KB 975 B	169ms 60ms	Stylesheet text/css	2a00:1450:4001:831::200a GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c4f393315ffc75417c9c350e709bbcca2d2e9d5640fa0925b32088ff1ed6c84f Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers strict-transport-security max-age=31536000 date Mon, 25 Dec 2023 15:35:30 GMT content-encoding gzip x-content-type-options nosniff cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 x-xss-protection 0 last-modified Mon, 25 Dec 2023 14:49:58 GMT server ESF cross-origin-opener-policy same-origin-allow-popups x-frame-options SAMEORIGIN content-type text/css; charset=utf-8 access-control-allow-origin * cache-control private, max-age=86400, stale-while-revalidate=604800 timing-allow-origin * link <https://fonts.gstatic.com>; rel=preconnect; crossorigin expires Mon, 25 Dec 2023 15:35:30 GMT
GET H3	200	load_preloaded_resource_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2BA9	2 KB 822 B	52ms 52ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/load_preloaded_resource_fy2021.js Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 01:54:19 GMT content-encoding br x-content-type-options nosniff age 49271 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 795 x-xss-protection 0 server cafe etag 4925184154378345226 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 Jan 2024 01:54:19 GMT
GET H3	200	abg_lite_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/ Frame 2BA9	23 KB 9 KB	52ms 52ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/abg_lite_fy2021.js Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 9844337d0b1b36b45473c8fc27cba7d1c9f8aab2107e23e684b9e1a48e6066b5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 23:00:17 GMT content-encoding br x-content-type-options nosniff age 59713 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 9269 x-xss-protection 0 server cafe etag 11706523405290302210 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 23:00:17 GMT
GET H3	200	window_focus_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2BA9	3 KB 1 KB	60ms 60ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/window_focus_fy2021.js Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 20:41:59 GMT content-encoding br x-content-type-options nosniff age 68011 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1236 x-xss-protection 0 server cafe etag 15004572836499977866 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Sun, 07 Jan 2024 20:41:59 GMT
GET H3	200	qs_click_protection_fy2021.js Show response tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/ Frame 2BA9	20 KB 8 KB	53ms 53ms	Script text/javascript	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://tpc.googlesyndication.com/pagead/js/r20231207/r20110914/client/qs_click_protection_fy2021.js Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 8d6679c1ce1ac8605f5c410f30d1b06713479732043b75e81130cbe21b60e579 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 01:54:19 GMT content-encoding br x-content-type-options nosniff age 49271 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 8571 x-xss-protection 0 server cafe etag 5853369240893788875 vary Accept-Encoding content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=1209600 timing-allow-origin * expires Mon, 08 Jan 2024 01:54:19 GMT
GET H2	200	ufs_web_display.js Show response www.googletagservices.com/activeview/js/current/ Frame 2BA9	203 KB 65 KB	200ms 90ms	Script text/javascript	2a00:1450:4001:811::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 566012676f5d43acfea4dc0bc5d9bb2c0805d8775fcdd081b1c895310956829a Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:30 GMT content-encoding gzip x-content-type-options nosniff content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 65731 x-xss-protection 0 server sffe cross-origin-opener-policy same-origin; report-to="active-view-scs-read-write-acl" etag "1702472459035717" vary Accept-Encoding report-to {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]} content-type text/javascript cache-control private, max-age=3000 accept-ranges bytes timing-allow-origin * expires Mon, 25 Dec 2023 15:35:30 GMT
GET H2	200	f9d9b65dbd646119ce96bad0f484d579.js Show response www.gstatic.com/mysidia/ Frame 2BA9	37 KB 16 KB	161ms 51ms	Script text/javascript	2a00:1450:4001:830::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.gstatic.com/mysidia/f9d9b65dbd646119ce96bad0f484d579.js?tag=mysidia_one_click_handler_one_afma_2019 Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 457852000f1b85c1d570224fe5aaacc709625fc3bff458ad4e8a35420d21843d Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 13:56:43 GMT content-encoding gzip x-content-type-options nosniff age 5927 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 15460 x-xss-protection 0 last-modified Thu, 07 Dec 2023 22:13:01 GMT server sffe cross-origin-opener-policy same-origin; report-to="mysidia" vary Accept-Encoding report-to {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]} content-type text/javascript cache-control public, max-age=7776000 accept-ranges bytes expires Sun, 24 Mar 2024 13:56:43 GMT
GET H3	200	4073574367620402236 tpc.googlesyndication.com/gpa_images/simgad/ Frame 2BA9	2 MB 2 MB	62ms 62ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/gpa_images/simgad/4073574367620402236 Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 36ce2bf3fa1553d2f4c0886be5d293b3fcec4c065ffe9935bd44d99af3232b7e Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Wed, 18 Dec 2024 09:13:04 GMT date Tue, 19 Dec 2023 09:13:04 GMT x-content-type-options nosniff age 541346 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1723538 x-xss-protection 0 last-modified Wed, 31 May 2023 11:10:02 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/png access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	8234708819675425215 tpc.googlesyndication.com/simgad/ Frame 2BA9 Redirect Chain https://tpc.googlesyndication.com/pageadimg/imgad?id=CICAgKCX1e_ulQEQsAkYrAIyCEPTqbyUUjNr https://tpc.googlesyndication.com/simgad/8234708819675425215	51 KB 51 KB	54ms 54ms	Image image/jpeg	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/8234708819675425215 Requested by Host: efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com URL: https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html Protocol H3 Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 558210602cf68a50dd99a75506296d00b9f94740965a485f7e037cdd70bdac33 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Sat, 21 Dec 2024 16:23:27 GMT date Fri, 22 Dec 2023 16:23:27 GMT x-content-type-options nosniff age 256323 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 52694 x-xss-protection 0 last-modified Thu, 25 Jun 2020 14:16:42 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/jpeg access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true Redirect headers date Sun, 24 Dec 2023 23:05:08 GMT x-content-type-options nosniff server cafe age 59422 p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" location https://tpc.googlesyndication.com/simgad/8234708819675425215 content-type text/html; charset=UTF-8 cache-control public, max-age=2592000 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Tue, 23 Jan 2024 23:05:08 GMT
GET H3	204	generate_204 tpc.googlesyndication.com/ Frame 66E9	0 10 B	71ms 71ms	Image text/plain	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/generate_204?RfWoyg Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:30 GMT cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0
GET DATA	200 OK	truncated / Frame 2BA9	208 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 56667c6c1206c92e7d789281c1ee2de2dc21628aaeda3970470cefd8f4c74922 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H2	200	ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 fonts.gstatic.com/s/googlesansdisplay/v21/ Frame 2BA9	20 KB 21 KB	160ms 51ms	Font font/woff2	2a00:1450:4001:813::2003 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://fonts.gstatic.com/s/googlesansdisplay/v21/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2 Requested by Host: fonts.googleapis.com URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash acc5497e76f832d950d14fcfa047dc3c864f7a0aae4c7a20521c0c655a53033b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://fonts.googleapis.com/ Origin https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 10:23:28 GMT x-content-type-options nosniff age 18723 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 20784 x-xss-protection 0 last-modified Tue, 19 Apr 2022 19:21:31 GMT server sffe cross-origin-opener-policy same-origin; report-to="apps-themes" report-to {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]} content-type font/woff2 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * expires Tue, 24 Dec 2024 10:23:28 GMT
GET H3	204	sodar pagead2.googlesyndication.com/pagead/	0 0	88ms 88ms	Image text/html	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202312060101&jk=3923830971025155&bg=!2dql2pXNAAY3kmNgF5I7ADQBe5WfOEbnB4bM7u1f7JvwZWCXrhkE67jhKMjc71QumUVSoEZg12lJ2-D1aGZlp4jxb9keAgAAAE1SAAAAAmgBB5kDA1peY0koW5xYCU8sqOqw2UwIU2EbdQ6FxaUWopMrb3s8z7CWddQze50pAwK42WFcx3YST37ofteBsoOHSbiLt3dHfbtINL7-dSbsCEC7LmFX7G69yJ5xTYpIkyW6qs71fvoDImCWNuRwWHrI0BS_vnf4rYiCqGXhZjQUIfTX4DhoNtxKuHejN8IYi2mAwQ9RAiexFrgvNUjoykgb0Giy_WOXa2YcFEp5fJDafJyTHdObewIZP6ca5VZt-LTEwkV9xAsJ_RLE3OkS7oN7UTZbx7kydHrI-BGmyPQ5M5IArTR-Sv2iNsd8nIaXTXD68pbBpRMlXKrKoKn9eDYO5HoExNhPrYAgBrVl8r4Sr-9sUvQqaPKZ64NQWwp9MAWxxYem4Mx4ExxrXPeADQnIETJEcxJjE4L1e1G3WZIN2UKN1zcInlvSJlSE1-QdqKml8fcShCfhm97zLPg71Dpaja8G3ZB6n0J1YsWo7ozKvZD9o9_w56n8mU8ZPoLd_xxecUosnmM-SDw8lzWdjHWDcwxLgTZkURODz-xi7VfeJmdlwuw0b8WFvuvNJJoxhMmRUYBkxPmgBH7lsnEcpmkQWeQ6PCm75B0SUgGOeiLMijcv26KUIgoLUmavqGwpEdBl9tqD2aeg3GBdvYMZVuYkWkjGd-eHr1nwxOucV8s4gDlh64jCBw07CM82TVBZWzKU-PJfeXCY4OTyqz9mihZQNaiIkT0PR9l7jeM9x2p3iVtTyQekJbIubXw80QKOq2K5qZoI5n_mU4RTqmFaGuqDd7VNzPlD145kPCLrd4__YUJnpbOy8cHP_zL-R8HfyMJja01HpBTy72VExocJknOBCounKP4kVJc1_8zoSgEfcvSicrzmNq22Mv2mDgwM6xlgsKOkDMZIYmx1AyAOZ8blbe_i33taWZ3hwv6oHlx3DH7xym6w5PO_EUkaDQ8slSTEyZuAaxwtP9X6gKh7y0T-sVPHpaEnr0ooFBez70SZr1yVz8xN3VnbSpIj3IjhBc5CW9VCaTs8uQ Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
GET H2	200	amp4ads-v0.mjs Show response cdn.ampproject.org/rtv/012310301456000/ Frame 4259	196 KB 56 KB	163ms 53ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Dec 2023 11:48:30 GMT age 445621 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 56081 x-xss-protection 0 server sffe etag "6a17d296884b026a" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 19 Dec 2024 11:48:30 GMT
GET H2	200	amp-ad-exit-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4259	15 KB 5 KB	256ms 146ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Dec 2023 11:48:30 GMT age 445621 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 5225 x-xss-protection 0 server sffe etag "0b7142e00666043e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 19 Dec 2024 11:48:30 GMT
GET H2	200	amp-analytics-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4259	95 KB 28 KB	265ms 155ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Dec 2023 11:48:30 GMT age 445621 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 29077 x-xss-protection 0 server sffe etag "7b1f1965b6cd6fda" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 19 Dec 2024 11:48:30 GMT
GET H2	200	amp-fit-text-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4259	5 KB 2 KB	261ms 152ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Dec 2023 11:48:31 GMT age 445620 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 1911 x-xss-protection 0 server sffe etag "5b0a82507b260c6e" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 19 Dec 2024 11:48:31 GMT
GET H2	200	amp-form-0.1.mjs Show response cdn.ampproject.org/rtv/012310301456000/v0/ Frame 4259	40 KB 13 KB	286ms 177ms	Script text/javascript	2a00:1450:4001:80e::2001 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs Requested by Host: securepubads.g.doubleclick.net URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202312060101/pubads_impl.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9 Security Headers Name Value Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp Strict-Transport-Security max-age=31536000; includeSubDomains; preload X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers content-security-policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp content-encoding br x-content-type-options nosniff strict-transport-security max-age=31536000; includeSubDomains; preload date Wed, 20 Dec 2023 11:48:31 GMT age 445620 cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 12952 x-xss-protection 0 server sffe etag "9817e561a46c70fa" vary Accept-Encoding report-to {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]} content-type text/javascript; charset=UTF-8 access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="amphtml-china-available" expires Thu, 19 Dec 2024 11:48:31 GMT
GET DATA	200 OK	truncated / Frame 4259	217 B 0		Image image/png
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash ef668385400493a7a9c17155f6d632c02d09583ea164bbcc6a0c9af2d6c454e0 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Content-Type image/png
GET H3	200	14721735048995477327 tpc.googlesyndication.com/simgad/ Frame 4259	76 KB 76 KB	53ms 53ms	Image image/gif	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/simgad/14721735048995477327 Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash db5438f736dc55afa55ca454963ffc20d6e21efaacdc021ae08bd69a168e69a9 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers expires Tue, 24 Dec 2024 08:02:47 GMT date Mon, 25 Dec 2023 08:02:47 GMT x-content-type-options nosniff age 27164 x-dns-prefetch-control off cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 77680 x-xss-protection 0 last-modified Thu, 28 Jan 2021 15:40:43 GMT server sffe report-to {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]} content-type image/gif access-control-allow-origin * cache-control public, max-age=31536000 accept-ranges bytes timing-allow-origin * cross-origin-opener-policy-report-only same-origin; report-to="content-ads-owners" allow-fenced-frame-automatic-beacons true
GET H3	200	fr.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4259	3 KB 3 KB	54ms 54ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/fr.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash bb10b8a273579cd997035d04ad3d87002aefa416b6ebe91b6c25e4eb0aa6ffcf Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 08:52:31 GMT x-content-type-options nosniff server cafe age 24180 etag 12021612326893382710 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 2724 x-xss-protection 0 expires Tue, 26 Dec 2023 08:52:31 GMT
GET H3	200	icon.png tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4259	295 B 319 B	52ms 51ms	Image image/png	2a00:1450:4001:81c::2001 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:81c::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash 7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Sun, 24 Dec 2023 17:24:32 GMT x-content-type-options nosniff server cafe age 79859 etag 426692510519060060 vary Accept-Encoding p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" content-type image/png cache-control public, max-age=86400 cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 295 x-xss-protection 0 expires Mon, 25 Dec 2023 17:24:32 GMT
OPTIONS H3	204	adview securepubads.g.doubleclick.net/pagead/ Frame	0 0	190ms 86ms	Preflight text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfm1IQaGJZcDlMoTJ1PIPmbaNoAfYs4nKdObV0bTAEdaV666LDxABIOS9qpUBYJXikIKgB6ABwbLT2wPIAQmpAu9_vvbrerI-4AIAqAMByAPLBKoEmwJP0CiaXztfc_P5tIiqTuvdbBt2xNeCbL-_zsXef-a9bRHpfRzCH2r_KUesigNkBM2WEXw2ldZHHrWfoI7gM1eo_SnhQUE8Jj99SmqGFV5SW4HkvTGXv_2tRta_AA2FkWv0f9dE-Cp28iyDhV8oK6lcHsCCiXx175mNIKo-CTkmRohD5EZuMFs5yzv82O-iOeNRr8VFoOZlTc6blF3t7gEJzC87doTjJMxu1zaNwe4VKgIn_Qg_xYvDdem6_7GXuDmMkj5BqAH-N9wzirkY8FauBNrD20I3k1t0U7VZsQ1ukMiiGd0w5doCKlV2ak_0zVFM7sYvHWeKXs5AtOfJz_tcnvNgc0W5q1k0OQxKByzb379S5RZRmpHKSAmwwATuk7GQqgTgBAGIBdfrkL1LkgUECAQYAZIFBAgFGASgBi6AB4HY56ABqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpr4b2AcA8gcEEIKsJdIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpYrvLZhvWqgwOaCRRodHRwczovL3d3dy5qb3luLmRlL4AKA8gLAaIMICoeChzktLEC7rWxArW4sQKsurEC5LSxAu61sQK7u7EC4g0TCL2g2ob1qoMDFYQkVQgdGVsDdNgTDYgUCdAVAZgWAYAXAbIXHwodCAASFHB1Yi03MTI3ODQ4MTE5ODE1Mzk5GOevhwE&sigh=lFolWG6H16E&uach_m=%5BUACH%5D&ase=2&nis=4&cid=CAQSTwAvHhf_TOCbwxBYjRnRLUVoIo2uxmdSF6skFm4DLUpoLPbxbShULC7C0sj5YasUJR7gq5qIb5gTy5e_sQCzEuuVyJCrbwF6c3Hg-zrCOW8YAQ&template_id=494&cbvp=2&vis=1 Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 25 Dec 2023 15:35:31 GMT p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H3	200	/ www.googleadservices.com/pagead/ar-adview/ Frame 2BA9 Redirect Chain https://securepubads.g.doubleclick.net/pagead/adview?ai=Cfm1IQaGJZcDlMoTJ1PIPmbaNoAfYs4nKdObV0bTAEdaV666LDxABIOS9qpUBYJXikIKgB6ABwbLT2wPIAQmpAu9_vvbrerI-4AIAqAMByAPLBKoEmwJP0CiaXztfc_P5tIiqTuvdbBt2... https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218103598218901962833%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%2225...	0 0	143ms 70ms	Fetch text/css	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218103598218901962833%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997513537%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221367227793408828209%22}&andc=true Protocol H3 Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Mon, 25 Dec 2023 15:35:31 GMT x-content-type-options nosniff attribution-reporting-register-source {"debug_key":"18103598218901962833","debug_reporting":true,"destination":"https://joyn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997513537"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"1367227793408828209"} server cafe content-type text/css; charset=UTF-8 access-control-allow-origin null p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control private access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0 expires Mon, 25 Dec 2023 15:35:31 GMT Redirect headers content-security-policy script-src 'none'; object-src 'none' date Mon, 25 Dec 2023 15:35:31 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"18103598218901962833","debug_reporting":true,"destination":"https://joyn.de","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["997513537"],"22":["true"],"4":["12-25"],"6":["true"]},"priority":"500","source_event_id":"1367227793408828209"}&andc=true access-control-allow-origin https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" access-control-allow-credentials true cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Show response pagead2.googlesyndication.com/bg/ Frame 754D	50 KB 19 KB	51ms 50ms	Script text/javascript	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/bg/gPTZx8Qg5YtqHYATuVEq7wiNXgGYJLmNtV6Q-nRIA0Y.js Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software sffe / Resource Hash 80f4d9c7c420e58b6a1d8013b9512aef088d5e019824b98db55e90fa74480346 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers date Tue, 19 Dec 2023 13:49:16 GMT content-encoding br x-content-type-options nosniff age 524775 content-security-policy-report-only require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 19632 x-xss-protection 0 last-modified Tue, 28 Nov 2023 18:18:00 GMT server sffe cross-origin-opener-policy same-origin; report-to="botguard-scs" vary Accept-Encoding report-to {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]} content-type text/javascript cache-control public, max-age=31536000 accept-ranges bytes expires Wed, 18 Dec 2024 13:49:16 GMT
GET H2	200	si googleads.g.doubleclick.net/pagead/drt/ Frame 4259 Redirect Chain https://www.google.com/pagead/drt/ui https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA	0 0	173ms 63ms	Image text/html	2a00:1450:4001:82f::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H2 Server 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers Redirect headers date Mon, 25 Dec 2023 15:35:31 GMT x-content-type-options nosniff server cafe content-type text/html; charset=UTF-8 location https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA cache-control private cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 x-xss-protection 0
GET H3	200	adview securepubads.g.doubleclick.net/pagead/ Frame 4259	0 0	96ms 96ms	Image text/html	2a00:1450:4001:829::2002 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://securepubads.g.doubleclick.net/pagead/adview?ai=CM_slQqGJZczPHcqlgAeTqIrYDZP3idlc0NH3ybkNZBABIOS9qpUBYJXikIKgB6ABma7U_gPIAQOpAhFjhk5ReLI-4AIAqAMByAMIqgSeAk_Q_BHrSPa7PISU64SQ5lU2-qDkeY0yK9phma9ojD4GSdDGVf6-rwU7E3xVubINZmcrgkpSiyHI-R4JSeqeAlkiB2ibgcb8atCll0_Ekg8ajy03xNrbxvvnXV8nilRMwLBw9OXklHF1flg0POiY436_4TdeWFpyJXGhQmS9kV0P3z4twFvC633sVSeCNYmP_c_3gqNMuLSLOW0ew1rO1PSdQG5RV9qlvdmrUZBuCFr1dLHq-YUY3mURGszhv6gEtQmIax194vo3TyuclJPRB9SDULQGWW34P9m93MieyUxj5LhkG-oOJ92ZbNmZQkPC86ueVCbc-LI4wB2aHcnfBs2-0brdYMsIVwLkzZXfVBcRthXisYT_CXAPF8-kZjPABMGV0PLNAeAEAYgF1L_H9AOSBQQIBBgBkgUECAUYBKAGA4AHz9GrAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEENu9QdIIHwiA4YAQEAEYHTICqgI6AoBASL39wTpY6vfZhvWqgwOaCSNodHRwczovL3d3dy5jaHJpc3QtY2Fyd2FzaC1zaG9wLmNvbYAKA8gLAaIMGCoWChTktLEC7rWxArW4sQKsurECu7uxAuINEwj8pdqG9aqDAxXKEuAKHROUAtvYEwLQFQGAFwGyFx8KHQgAEhRwdWItNzEyNzg0ODExOTgxNTM5ORjnr4cB&sigh=znLvOmtyO-0&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTgAvHhf_uiGwPS9H3dSKhawv4RTABvvQGCw0T6OuS2cFvGMVzFqFBtEhbx2WPKPUtzZoRjRoJLGfT3CYqyWIFs7x0pG20KfjecamjzPOexgB&cbvp=2 Requested by Host: special-msg.com URL: https://special-msg.com/fn/?n=Laetitia-&t=fm Protocol H3 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers accept-language de-DE,de;q=0.9 Referer https://special-msg.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers
OPTIONS H2	204	/ www.googleadservices.com/pagead/ar-adview/ Frame	0 0	161ms 71ms	Preflight text/html	172.217.18.2 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2218103598218901962833%22,%22debug_reporting%22:true,%22destination%22:%22https://joyn.de%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22997513537%22],%2222%22:[%22true%22],%224%22:[%2212-25%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%221367227793408828209%22}&andc=true Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.18.2 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra02s19-in-f2.1e100.net Software cafe / Resource Hash Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Accept */* Access-Control-Request-Headers attribution-reporting-eligible Access-Control-Request-Method GET Origin null Sec-Fetch-Mode cors User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers access-control-allow-credentials true access-control-allow-headers attribution-reporting-eligible access-control-allow-methods POST, GET, OPTIONS access-control-allow-origin null alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 0 content-type text/html; charset=UTF-8 date Mon, 25 Dec 2023 15:35:31 GMT p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" server cafe timing-allow-origin * x-content-type-options nosniff x-xss-protection 0
GET H2	200	activeview Show response pagead2.googlesyndication.com/pcs/ Frame 2BA9	42 B 174 B	90ms 90ms	Fetch image/gif	2a00:1450:4001:82b::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstrMUvQXqCmWiB16d5ZjiwZuQ-30r5obK-svtIujk4iN7-VwK9Xa0rzP-p5M6C33MyQyrwOtGBhOGgVJepxoMLGIuRKH-Ef9vXHdcFv6ADd_mdV8fjtq7E4aIx2wy1ADM_5rW2-pwrW-5ULGUGSufyU9Brt&sai=AMfl-YQaO2woqO-nfkNa5OdWJ--jMR9gQeqLo95wArkrPD0TGj1SDt8E3xrC1Rb8hB51U6pNLf7ua2v4IieS3kSK4j_0Vns4WH8MoQuag8GfJ7TGvZFvsIfoBXyJR0iqS2LgrOxO1tgOqG7uiSk0CCl39g&sig=Cg0ArKJSzBIX24lm7382EAE&cid=CAQSTwAvHhf_TOCbwxBYjRnRLUVoIo2uxmdSF6skFm4DLUpoLPbxbShULC7C0sj5YasUJR7gq5qIb5gTy5e_sQCzEuuVyJCrbwF6c3Hg-zrCOW8YAQ&id=lidar2&mcvt=1000&p=15,650,65,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231213&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=342398246&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1703518530585&rpt=698&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0 Requested by Host: www.googletagservices.com URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://efb9b40fc6c410d65abda17bc2d3180a.safeframe.googlesyndication.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.109 Safari/537.36 Response headers pragma no-cache date Mon, 25 Dec 2023 15:35:32 GMT x-content-type-options nosniff server cafe content-type image/gif access-control-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin timing-allow-origin * alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT